diff --git a/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.cs b/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.cs index d58d995ce8bc..b22b56c37d17 100644 --- a/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.cs +++ b/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.cs @@ -245,5 +245,12 @@ public void CreateRAWithObjectType() { TestRunner.RunTestScript("Test-CreateRAWithObjectType"); } + + [Fact] + [Trait(Category.AcceptanceType, Category.CheckIn)] + public void RAGuidFormatHandling() + { + TestRunner.RunTestScript("Test-RAGuidFormatHandling"); + } } } diff --git a/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.ps1 b/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.ps1 index 0f96dbb0ee56..e276db277d9e 100644 --- a/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.ps1 +++ b/src/Resources/Resources.Test/ScenarioTests/RoleAssignmentTests.ps1 @@ -925,3 +925,34 @@ function Test-CreateRAWhenIdNotExist Assert-Throws $function $ExpectedError } + +<# +.SYNOPSIS +Validates that Get-AzRoleAssignment can filter client-side the role assignments by ObjectId in different GUID formats. +#> +function Test-RAGuidFormatHandling +{ + $subscription = $(Get-AzContext).Subscription + $scope = '/subscriptions/'+ $subscription[0].Id + $principalId = "35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3" + + $expected = @(Get-AzRoleAssignment -ObjectId $principalId -Scope $scope -AtScope) + $expectedIds = $expected | Select-Object -ExpandProperty RoleAssignmentId | Sort-Object + + # when non-Guid result should be empty + $res = @(Get-AzRoleAssignment -ObjectId "abc" -Scope $scope -AtScope) + Assert-AreEqual ($res.Count) 0 + + $guid = [guid]::Parse($principalId) + $formats = @('N', 'D', 'B', 'P', 'X') + foreach ($format in $formats) { + $principalIdFormat = $guid.ToString($format) + $actual = @(Get-AzRoleAssignment -ObjectId $principalIdFormat -Scope $scope -AtScope) + Assert-AreEqual $expected.Count $actual.Count + + if ($actual) { + $actualIds = $actual | Select-Object -ExpandProperty RoleAssignmentId | Sort-Object + Assert-AreEqual (@($expectedIds) -join ',') (@($actualIds) -join ',') + } + } +} diff --git a/src/Resources/Resources.Test/SessionRecords/Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RAGuidFormatHandling.json b/src/Resources/Resources.Test/SessionRecords/Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RAGuidFormatHandling.json new file mode 100644 index 000000000000..11407c313676 --- /dev/null +++ b/src/Resources/Resources.Test/SessionRecords/Microsoft.Azure.Commands.Resources.Test.ScenarioTests.RoleAssignmentTests/RAGuidFormatHandling.json @@ -0,0 +1,1304 @@ +{ + "Entries": [ + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2020-08-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZUFzc2lnbm1lbnRzPyRmaWx0ZXI9YXRTY29wZSgpJmFwaS12ZXJzaW9uPTIwMjAtMDgtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "96a8d0a9-3c55-41e3-a0c4-f77f353b6b24" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "cba3f9d9-689d-443e-ae39-270d4d229ce5" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/a06914c7-24fe-4075-9e13-63c95bd80bd8" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "2400ecf6-6c3d-4b06-a09d-719d25bb237a" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101950Z:2400ecf6-6c3d-4b06-a09d-719d25bb237a" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: F8279A8E2289436CA774B867FE089FA6 Ref B: DUB241062302042 Ref C: 2025-10-04T10:19:50Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:49 GMT" + ], + "Content-Length": [ + "3174" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:47:24.983041Z\",\n \"updatedOn\": \"2025-10-04T08:47:24.983041Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/providers/Microsoft.Authorization/roleAssignments/de9a9bce-6b58-4ca2-99b8-699e811db531\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"de9a9bce-6b58-4ca2-99b8-699e811db531\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"updatedOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/ec325d5a-47c9-4d27-875e-396f6633f6f7\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"ec325d5a-47c9-4d27-875e-396f6633f6f7\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"updatedOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/415fb563-2a41-4fb3-b196-fa1c4c0dcffb\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"415fb563-2a41-4fb3-b196-fa1c4c0dcffb\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"updatedOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2020-08-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZUFzc2lnbm1lbnRzPyRmaWx0ZXI9YXRTY29wZSgpJmFwaS12ZXJzaW9uPTIwMjAtMDgtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "57ca87d1-f6da-4ede-b19a-6945018f877b" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "44aac827-7110-4aa2-9b81-9f54329195fc" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/uksouth/74df1cd7-e230-4a2d-a878-d3d9a7cba4ec" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "04b6b188-c341-4a11-b9a1-c8e1bcac99fe" + ], + "x-ms-routing-request-id": [ + "UKSOUTH:20251004T101951Z:04b6b188-c341-4a11-b9a1-c8e1bcac99fe" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: A5B956305248411DAD776A2CBCA23B0D Ref B: DUB241062306060 Ref C: 2025-10-04T10:19:51Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:50 GMT" + ], + "Content-Length": [ + "3174" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:47:24.983041Z\",\n \"updatedOn\": \"2025-10-04T08:47:24.983041Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/providers/Microsoft.Authorization/roleAssignments/de9a9bce-6b58-4ca2-99b8-699e811db531\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"de9a9bce-6b58-4ca2-99b8-699e811db531\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"updatedOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/ec325d5a-47c9-4d27-875e-396f6633f6f7\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"ec325d5a-47c9-4d27-875e-396f6633f6f7\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"updatedOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/415fb563-2a41-4fb3-b196-fa1c4c0dcffb\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"415fb563-2a41-4fb3-b196-fa1c4c0dcffb\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"updatedOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2020-08-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZUFzc2lnbm1lbnRzPyRmaWx0ZXI9YXRTY29wZSgpJmFwaS12ZXJzaW9uPTIwMjAtMDgtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "65e4c945-8111-4d8f-aac8-5e95cb5b217a" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "1ad0363a-5e59-4f89-b09b-c03741c9e9c9" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/uksouth/7e7d9278-e8c2-4d75-ba0b-d24c3c953bbc" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "031afe8d-f641-43ba-b7c0-06268d2622a1" + ], + "x-ms-routing-request-id": [ + "UKSOUTH:20251004T101952Z:031afe8d-f641-43ba-b7c0-06268d2622a1" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: F5DC2EA092734691AE1D053706010950 Ref B: DUB241062303062 Ref C: 2025-10-04T10:19:52Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:52 GMT" + ], + "Content-Length": [ + "3174" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:47:24.983041Z\",\n \"updatedOn\": \"2025-10-04T08:47:24.983041Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/providers/Microsoft.Authorization/roleAssignments/de9a9bce-6b58-4ca2-99b8-699e811db531\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"de9a9bce-6b58-4ca2-99b8-699e811db531\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"updatedOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/ec325d5a-47c9-4d27-875e-396f6633f6f7\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"ec325d5a-47c9-4d27-875e-396f6633f6f7\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"updatedOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/415fb563-2a41-4fb3-b196-fa1c4c0dcffb\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"415fb563-2a41-4fb3-b196-fa1c4c0dcffb\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"updatedOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2020-08-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZUFzc2lnbm1lbnRzPyRmaWx0ZXI9YXRTY29wZSgpJmFwaS12ZXJzaW9uPTIwMjAtMDgtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "79788081-98b6-43a5-bb33-c1083a5d354f" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "d6d6b8e6-3be0-4cb0-a4db-45b485267c11" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/uksouth/07d12eb8-90c9-4b5a-8dca-d5b805098b82" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "b3eaa027-bc23-4b8a-a8c9-e75c51f0fe4b" + ], + "x-ms-routing-request-id": [ + "UKSOUTH:20251004T101953Z:b3eaa027-bc23-4b8a-a8c9-e75c51f0fe4b" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: 0D3536BF1A894C59A033DCD4CD7EFC5C Ref B: DUB241062307029 Ref C: 2025-10-04T10:19:53Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:52 GMT" + ], + "Content-Length": [ + "3174" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:47:24.983041Z\",\n \"updatedOn\": \"2025-10-04T08:47:24.983041Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/providers/Microsoft.Authorization/roleAssignments/de9a9bce-6b58-4ca2-99b8-699e811db531\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"de9a9bce-6b58-4ca2-99b8-699e811db531\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"updatedOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/ec325d5a-47c9-4d27-875e-396f6633f6f7\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"ec325d5a-47c9-4d27-875e-396f6633f6f7\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"updatedOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/415fb563-2a41-4fb3-b196-fa1c4c0dcffb\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"415fb563-2a41-4fb3-b196-fa1c4c0dcffb\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"updatedOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2020-08-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZUFzc2lnbm1lbnRzPyRmaWx0ZXI9YXRTY29wZSgpJmFwaS12ZXJzaW9uPTIwMjAtMDgtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "4f60e104-3c2e-4bed-b05f-9977062d8be7" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "369616b0-dd07-4ead-a076-4caab38e9042" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/80092f13-1408-4595-89e5-4ba626f19a9c" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "fb905786-dcf5-4d92-b001-47ca2b8f2e5c" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101954Z:fb905786-dcf5-4d92-b001-47ca2b8f2e5c" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: 412984E7C5AE487E884382631B61F4D9 Ref B: DUB241062307042 Ref C: 2025-10-04T10:19:54Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:53 GMT" + ], + "Content-Length": [ + "3174" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:47:24.983041Z\",\n \"updatedOn\": \"2025-10-04T08:47:24.983041Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/providers/Microsoft.Authorization/roleAssignments/de9a9bce-6b58-4ca2-99b8-699e811db531\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"de9a9bce-6b58-4ca2-99b8-699e811db531\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"updatedOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/ec325d5a-47c9-4d27-875e-396f6633f6f7\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"ec325d5a-47c9-4d27-875e-396f6633f6f7\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"updatedOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/415fb563-2a41-4fb3-b196-fa1c4c0dcffb\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"415fb563-2a41-4fb3-b196-fa1c4c0dcffb\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"updatedOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments?$filter=atScope()&api-version=2020-08-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZUFzc2lnbm1lbnRzPyRmaWx0ZXI9YXRTY29wZSgpJmFwaS12ZXJzaW9uPTIwMjAtMDgtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "7eba5950-5e3f-43d7-92fd-98bbcaa1b7a8" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "6456a26d-5bf1-4e86-a8c6-5c73d4d4579b" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/b272aa7e-120e-4a21-8310-5769d069cfaa" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "234a8f04-1c24-470d-b626-7d6593d37cd2" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101954Z:234a8f04-1c24-470d-b626-7d6593d37cd2" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: 6E34B183DEB54C0182789B0791165907 Ref B: DUB241062304062 Ref C: 2025-10-04T10:19:54Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:54 GMT" + ], + "Content-Length": [ + "3174" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:47:24.983041Z\",\n \"updatedOn\": \"2025-10-04T08:47:24.983041Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/providers/Microsoft.Authorization/roleAssignments/de9a9bce-6b58-4ca2-99b8-699e811db531\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"de9a9bce-6b58-4ca2-99b8-699e811db531\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"updatedOn\": \"2025-10-04T08:30:50.9398814Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/ec325d5a-47c9-4d27-875e-396f6633f6f7\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"ec325d5a-47c9-4d27-875e-396f6633f6f7\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"principalId\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"principalType\": \"User\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"updatedOn\": \"2025-10-04T08:30:51.0402339Z\",\n \"createdBy\": \"\",\n \"updatedBy\": \"\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/415fb563-2a41-4fb3-b196-fa1c4c0dcffb\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"415fb563-2a41-4fb3-b196-fa1c4c0dcffb\"\n },\n {\n \"properties\": {\n \"roleDefinitionId\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"principalId\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"principalType\": \"ServicePrincipal\",\n \"scope\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84\",\n \"condition\": null,\n \"conditionVersion\": null,\n \"createdOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"updatedOn\": \"2025-10-04T08:48:52.1399838Z\",\n \"createdBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"updatedBy\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"delegatedManagedIdentityResourceId\": null,\n \"description\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleAssignments/b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\",\n \"type\": \"Microsoft.Authorization/roleAssignments\",\n \"name\": \"b5d3d4ed-5b05-4cbf-a527-ab4a6555f13d\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions?api-version=2022-05-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZURlZmluaXRpb25zP2FwaS12ZXJzaW9uPTIwMjItMDUtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "96a8d0a9-3c55-41e3-a0c4-f77f353b6b24" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "312386f2-1072-4164-ae34-1a74958e5c8f" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/0d205056-3c8d-49c0-bcdd-db717968b5e9" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "6a55fdcd-7fd0-42d8-8c64-c6605fe6ef84" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101950Z:6a55fdcd-7fd0-42d8-8c64-c6605fe6ef84" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: CCF5CD713B1745E185C5BBAE639B337E Ref B: DUB241062302042 Ref C: 2025-10-04T10:19:50Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:49 GMT" + ], + "Content-Length": [ + "993823" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleName\": \"AcrPush\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr push\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-29T17:52:32.5201177Z\",\n \"updatedOn\": \"2021-11-11T20:13:07.4993029Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8311e382-0749-4cb8-b61a-304f252e45ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service and the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8650193Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.3179618Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"312a565d-c81f-4fd8-895a-4e21e48d571c\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrPull\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr pull\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-22T19:01:56.8227182Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.8779328Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f951dda-4ed3-4680-a7ca-43fe172d538d\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrImageSigner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Planned DEPRECATION on March 31, 2028. Grant the signing permission for content trust. As content trust is being deprecated and will be completely removed on March 31, 2028, this role will also be removed. Refer to https://aka.ms/acr/dctdeprecation for details and transition guidance.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/sign/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/trustedCollections/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-15T23:23:08.4038322Z\",\n \"updatedOn\": \"2025-10-03T10:06:29.6549664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cef56e8-d556-48e5-a04f-b8e64114680f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cef56e8-d556-48e5-a04f-b8e64114680f\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrDelete\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr delete\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-11T20:19:31.6682804Z\",\n \"updatedOn\": \"2021-11-11T20:13:09.9631744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2f4ef07-c644-48eb-af81-4b1b4947fb11\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:27:39.9596835Z\",\n \"updatedOn\": \"2021-11-11T20:13:10.3188052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cdda3590-29a3-44f6-95f2-9f980659eb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cdda3590-29a3-44f6-95f2-9f980659eb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineWriter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data writer\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\",\n \"Microsoft.ContainerRegistry/registries/quarantine/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\",\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:26:37.587182Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.3488079Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d4ff99-41c3-41a8-9f60-21dfdad59608\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service but not the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/backup/action\",\n \"Microsoft.ApiManagement/service/delete\",\n \"Microsoft.ApiManagement/service/managedeployments/action\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/restore/action\",\n \"Microsoft.ApiManagement/service/updatecertificate/action\",\n \"Microsoft.ApiManagement/service/updatehostname/action\",\n \"Microsoft.ApiManagement/service/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:03:42.1194019Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.5244023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e022efe7-f5ba-4159-bbe4-b44f577e9b61\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to service and APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:26:45.1540473Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.8704466Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"71522526-b88f-4d52-b57f-d31fc3546d0d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Component Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Application Insights components\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:12.6428401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae349356-3a1b-4a5e-921d-050484c6347e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae349356-3a1b-4a5e-921d-050484c6347e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Snapshot Debugger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives user permission to use Application Insights Snapshot Debugger features\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T21:25:12.3728747Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.0034435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08954f03-6346-4c2e-81c0-ec3a5cfae23b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08954f03-6346-4c2e-81c0-ec3a5cfae23b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read the attestation provider properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-25T19:42:59.157671Z\",\n \"updatedOn\": \"2024-07-11T17:43:35.9489411Z\",\n \"createdBy\": null,\n \"updatedBy\": \"SYSTEM\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd1bd22b-8476-40bc-a0bc-69b95687b9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd1bd22b-8476-40bc-a0bc-69b95687b9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Job Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Manage Jobs using Automation Runbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:52:41.0020018Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.706566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fe576fe-1146-4730-92eb-48519fa6bf9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fe576fe-1146-4730-92eb-48519fa6bf9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Runbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Runbook properties - to be able to create Jobs of the runbook.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:47:49.5640674Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.8815461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Automation Operators are able to start, stop, suspend, and resume jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/read\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/write\",\n \"Microsoft.Automation/automationAccounts/linkedWorkspace/read\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/schedules/read\",\n \"Microsoft.Automation/automationAccounts/schedules/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-08-18T01:05:03.391613Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.0515408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d3881f73-407a-4167-8283-e981cbba0404\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d3881f73-407a-4167-8283-e981cbba0404\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create and manage an Avere vFXT cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/proximityPlacementGroups/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/disks/*\",\n \"Microsoft.Network/*/read\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/*/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:00:58.9207889Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.2265665Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f8fab4f-1852-4a58-a46a-8eaf358af14a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f8fab4f-1852-4a58-a46a-8eaf358af14a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Avere vFXT cluster to manage the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:02:38.3399857Z\",\n \"updatedOn\": \"2021-11-11T20:13:15.1065886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action\",\n \"Microsoft.ContainerService/managedClusters/accessProfiles/listCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/runcommand/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T21:38:18.5953853Z\",\n \"updatedOn\": \"2022-05-17T01:51:12.0390652Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T22:04:53.4037241Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.4351976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4abbcc35-e782-43d8-92c5-2d3f1bd2253f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4abbcc35-e782-43d8-92c5-2d3f1bd2253f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-05T19:47:03.472307Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.9582685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Registration Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Stack registrations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStack/edgeSubscriptions/read\",\n \"Microsoft.AzureStack/registrations/products/*/action\",\n \"Microsoft.AzureStack/registrations/products/read\",\n \"Microsoft.AzureStack/registrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-11-13T23:42:06.2161827Z\",\n \"updatedOn\": \"2021-11-11T20:13:23.295782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f12a6df-dd06-4f3e-bcb1-ce8be600526a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f12a6df-dd06-4f3e-bcb1-ce8be600526a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backups, but can't delete vaults and give access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/*\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/Vaults/usages/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/vaults/operationStatus/read\",\n \"Microsoft.RecoveryServices/vaults/operationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/delete\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/write\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/write\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/locations/checkNameAvailability/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/SuspendBackups/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:12:15.7321344Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2904248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e467623-bb1f-42f4-a55d-6e525e11384b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e467623-bb1f-42f4-a55d-6e525e11384b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to billing data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Billing/*/read\",\n \"Microsoft.Commerce/*/read\",\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T02:13:38.9054151Z\",\n \"updatedOn\": \"2021-11-11T20:13:24.5342563Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view backup services, but can't make changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:18:41.3893065Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.9723749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a795c7a0-d4a2-40c1-ae25-d81f01202912\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a795c7a0-d4a2-40c1-ae25-d81f01202912\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blockchain Member Node Access (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Blockchain Member nodes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T10:33:01.9604839Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.055892Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31a002a1-acaf-453e-8a5b-297c9ca1ea24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31a002a1-acaf-453e-8a5b-297c9ca1ea24\"\n },\n {\n \"properties\": {\n \"roleName\": \"BizTalk Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage BizTalk services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BizTalkServices/BizTalk/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.2359269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e3c6656-6cfa-4708-81fe-0de47ac73342\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T08:06:49.788929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"426e0c7f-0c7e-4658-b36f-ff54d6c29b45\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-06T16:25:55.5514166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ec156ff8-a8d1-4d15-830c-5b80698ca432\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Cdn/profiles/CheckResourceUsage/action\",\n \"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f96442b-4075-438f-813d-ad51ab4019af\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicNetwork/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.4433301Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b34d265f-36f7-4a0d-a4d4-e158ca92e90f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic storage accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.6183566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86e8f5dc-a6e9-4c67-9d15-de283e8eac25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86e8f5dc-a6e9-4c67-9d15-de283e8eac25\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicStorage/storageAccounts/listkeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:22:52.14611Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.9796021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/985d6b00-f706-48f5-a6fe-d0ca12fb668d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"985d6b00-f706-48f5-a6fe-d0ca12fb668d\"\n },\n {\n \"properties\": {\n \"roleName\": \"ClearDB MySQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage ClearDB MySQL databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"successbricks.cleardb/databases/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.1646373Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9106cda0-8a86-4e81-b686-29a22c54effe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9106cda0-8a86-4e81-b686-29a22c54effe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/domainNames/*\",\n \"Microsoft.ClassicCompute/virtualMachines/*\",\n \"Microsoft.ClassicNetwork/networkSecurityGroups/join/action\",\n \"Microsoft.ClassicNetwork/reservedIps/link/action\",\n \"Microsoft.ClassicNetwork/reservedIps/read\",\n \"Microsoft.ClassicNetwork/virtualNetworks/join/action\",\n \"Microsoft.ClassicNetwork/virtualNetworks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/disks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/images/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-04-25T00:37:56.5416086Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.3446332Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d73bb868-a0df-4d4d-bd69-98a00b01fccb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d73bb868-a0df-4d4d-bd69-98a00b01fccb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and list keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:23:43.7701274Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.5316443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a97b65f3-24c7-4388-baec-2e87135dc908\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read Cognitive Services data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-13T20:02:12.6849986Z\",\n \"updatedOn\": \"2024-10-10T18:41:31.3351912Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b59867f0-fa02-499b-be73-45a86b5b3e1c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create, read, update, delete and manage keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:18:39.2257848Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.911623Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosBackupOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can submit restore request for a Cosmos DB database or a container for an account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/databaseAccounts/backup/action\",\n \"Microsoft.DocumentDB/databaseAccounts/restore/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-07T19:47:14.965156Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.4333692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7b14f2-5adf-42da-9f96-f2ee17bab5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7b14f2-5adf-42da-9f96-f2ee17bab5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [\n \"Microsoft.Authorization/*/Delete\",\n \"Microsoft.Authorization/*/Write\",\n \"Microsoft.Authorization/elevateAccess/Action\",\n \"Microsoft.Blueprint/blueprintAssignments/write\",\n \"Microsoft.Blueprint/blueprintAssignments/delete\",\n \"Microsoft.Compute/galleries/share/action\",\n \"Microsoft.Purview/consents/write\",\n \"Microsoft.Purview/consents/delete\",\n \"Microsoft.Resources/deploymentStacks/manageDenySetting/action\",\n \"Microsoft.Subscription/cancel/action\",\n \"Microsoft.Subscription/enable/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2024-11-19T20:03:30.321264Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b24988ac-6180-42a0-ab88-20f7382dd24c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Account Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read Azure Cosmos DB Accounts data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDB/*/read\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlykeys/action\",\n \"Microsoft.Insights/MetricDefinitions/read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-10-30T17:53:54.6005577Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.7911765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbdf93bf-df7d-467e-a4d2-9458aa1360c8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbdf93bf-df7d-467e-a4d2-9458aa1360c8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view costs and manage cost configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*\",\n \"Microsoft.CostManagement/*\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.4851851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434105ed-43f6-45c7-a02f-909b2ba83430\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434105ed-43f6-45c7-a02f-909b2ba83430\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view cost data and configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.66018Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/72fafb9e-0641-4937-9268-a91bfd8191a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"72fafb9e-0641-4937-9268-a91bfd8191a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage everything under Data Box Service except giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Databox/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:28:42.714021Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.3737856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/add466c9-e687-43fc-8d98-dfcf8d720be5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"add466c9-e687-43fc-8d98-dfcf8d720be5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Data Box Service except creating order or editing order details and giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Databox/*/read\",\n \"Microsoft.Databox/jobs/listsecrets/action\",\n \"Microsoft.Databox/jobs/listcredentials/action\",\n \"Microsoft.Databox/locations/availableSkus/action\",\n \"Microsoft.Databox/locations/validateInputs/action\",\n \"Microsoft.Databox/locations/regionConfiguration/action\",\n \"Microsoft.Databox/locations/validateAddress/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:26:21.9284772Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.5546117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Factory Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage data factories, as well as child resources within them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DataFactory/dataFactories/*\",\n \"Microsoft.DataFactory/factories/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.EventGrid/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.7420174Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"673868aa-7521-48a0-acc6-0f60742d39f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Purger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can purge analytics data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Insights/components/purge/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/purge/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-04-30T22:39:49.61677Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.2788395Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"150f5e0c-0603-4f03-8c7f-cf70034c4e90\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Lake Analytics Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BigAnalytics/accounts/*\",\n \"Microsoft.DataLakeAnalytics/accounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.BigAnalytics/accounts/Delete\",\n \"Microsoft.BigAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.BigAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.DataLakeAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-20T00:33:29.3115234Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.4688491Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47b7735b-770e-4598-a7da-8b91488b4c88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47b7735b-770e-4598-a7da-8b91488b4c88\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevTest Labs User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.DevTestLab/*/read\",\n \"Microsoft.DevTestLab/labs/claimAnyVm/action\",\n \"Microsoft.DevTestLab/labs/createEnvironment/action\",\n \"Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action\",\n \"Microsoft.DevTestLab/labs/formulas/delete\",\n \"Microsoft.DevTestLab/labs/formulas/read\",\n \"Microsoft.DevTestLab/labs/formulas/write\",\n \"Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/claim/action\",\n \"Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkInterfaces/*/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/publicIPAddresses/*/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/virtualMachines/vmSizes/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-08T21:52:45.0657582Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.1746507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76283e04-6283-4c54-8f91-bcf1374a3c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76283e04-6283-4c54-8f91-bcf1374a3c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"DocumentDB Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DocumentDB accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.3496502Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bd9cd88-fe45-4216-938b-f97437e15450\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bd9cd88-fe45-4216-938b-f97437e15450\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/dnsZones/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.5233957Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"befefa01-2a29-4197-83a8-272ff33ce314\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid event subscription operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/*\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-08T23:27:28.3130743Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.4166738Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"428e0ff0-5e57-4d9c-a221-2c70d0e0a443\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read EventGrid event subscriptions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-09T17:29:28.1417894Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.7846748Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2414bbcf-6497-4faf-8c65-045460748405\"\n },\n {\n \"properties\": {\n \"roleName\": \"Graph Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage all aspects of the Enterprise Graph - Ontology, Schema mapping, Conflation and Conversational AI and Ingestions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/delete\",\n \"Microsoft.EnterpriseKnowledgeGraph/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:07:22.5844236Z\",\n \"updatedOn\": \"2021-11-11T20:13:34.6707886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b60367af-1334-4454-b71e-769d9a4f83d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b60367af-1334-4454-b71e-769d9a4f83d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AAD/*/read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.AAD/domainServices/oucontainer/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-12T22:42:51.7451109Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.3921342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d8d5a11-05d3-4bda-a417-a08778121c7c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Intelligent Systems Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Intelligent Systems accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.IntelligentSystems/accounts/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.9371582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"03a6d094-3444-4b3d-88af-7477090a9e5e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage key vaults, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/hsmPools/*\",\n \"Microsoft.KeyVault/managedHsms/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-02-25T17:08:28.5184971Z\",\n \"updatedOn\": \"2021-11-11T20:13:36.1170988Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f25e0fa2-a7c8-4377-a976-54943a77a395\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f25e0fa2-a7c8-4377-a976-54943a77a395\"\n },\n {\n \"properties\": {\n \"roleName\": \"Knowledge Consumer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Knowledge Read permission to consume Enterprise Graph Knowledge using entity search and graph query\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:23:31.4037552Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.0021342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ee361c5d-f7b5-4119-b4b6-892157c8f64c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ee361c5d-f7b5-4119-b4b6-892157c8f64c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Creator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create new labs under your Azure Lab Accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.LabServices/labAccounts/*/read\",\n \"Microsoft.LabServices/labAccounts/createLab/action\",\n \"Microsoft.LabServices/labAccounts/getPricingAndAvailability/action\",\n \"Microsoft.LabServices/labAccounts/getRestrictionsAndUsage/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-01-18T23:38:58.1036141Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.1821588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-02T00:20:28.1449012Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c42c96-874c-492b-b04d-ab87d138a893\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/extensions/*\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.Compute/virtualMachines/extensions/*\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/*\",\n \"Microsoft.OperationsManagement/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T21:51:45.3174711Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92aaf0da-9dab-42b6-94a3-d43ce8d16293\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, enable and disable logic app.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*/read\",\n \"Microsoft.Insights/metricAlerts/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.Insights/metricDefinitions/*/read\",\n \"Microsoft.Logic/*/read\",\n \"Microsoft.Logic/workflows/disable/action\",\n \"Microsoft.Logic/workflows/enable/action\",\n \"Microsoft.Logic/workflows/validate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*/read\",\n \"Microsoft.Web/connections/*/read\",\n \"Microsoft.Web/customApis/*/read\",\n \"Microsoft.Web/serverFarms/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.0573444Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage logic app, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logdefinitions/*\",\n \"Microsoft.Insights/metricDefinitions/*\",\n \"Microsoft.Logic/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/functions/listSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.2523833Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"87a39d53-fc1b-424a-814c-f7e04687dc9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and perform actions on Managed Application resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/read\",\n \"Microsoft.Solutions/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T00:59:33.7988813Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.5973763Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7393b34-138c-406f-901b-d8cf2b17e6ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7393b34-138c-406f-901b-d8cf2b17e6ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Publisher Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the publisher to read resources in the managed resource group for Managed Application and request JIT access for additional operations. This role is only used by the Managed Application service to provide access to publishers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Solutions/jitRequests/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-06T00:33:58.3651522Z\",\n \"updatedOn\": \"2025-05-01T17:14:44.1844267Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9331d33-8a36-4f8c-b097-4f54124fdb44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9331d33-8a36-4f8c-b097-4f54124fdb44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and Assign User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/assign/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:52:04.3924594Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.9523759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1a07417-d97a-45cb-824c-7a7467783830\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1a07417-d97a-45cb-824c-7a7467783830\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/revokeTokens/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:53:42.8804692Z\",\n \"updatedOn\": \"2024-03-29T00:22:59.7937695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/delete\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/delete\",\n \"Microsoft.Management/managementGroups/subscriptions/write\",\n \"Microsoft.Management/managementGroups/write\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:28:29.0523964Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:31:03.4295347Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ac63b705-f282-497d-ac71-919bf39d939d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ac63b705-f282-497d-ac71-919bf39d939d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:19:52.4939376Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/43d0d8ad-25c7-4714-9337-8ba259a9fe05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"43d0d8ad-25c7-4714-9337-8ba259a9fe05\"\n },\n {\n \"properties\": {\n \"roleName\": \"Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:44.6328966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d97b98b-1d4f-4787-a291-c67834d212e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"New Relic APM Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"NewRelic.APM/accounts/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.7178576Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d28c62d-5b37-4476-8438-e587778df237\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d28c62d-5b37-4476-8438-e587778df237\"\n },\n {\n \"properties\": {\n \"roleName\": \"Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.8978856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e3af657-a8ff-443c-a75c-2fe8c4bcb635\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:47.8628684Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"acdd72a7-3385-48ef-bd42-f606fba81ae7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Redis Cache Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Redis caches, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cache/register/action\",\n \"Microsoft.Cache/redis/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.0528671Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e0f68234-74aa-48ed-b826-c38b57376e17\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader and Data Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/ListAccountSas/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-27T23:20:46.1498906Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.2278951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c12c1c16-33a1-487b-954d-41c89c60f349\"\n },\n {\n \"properties\": {\n \"roleName\": \"Resource Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/policyassignments/*\",\n \"Microsoft.Authorization/policydefinitions/*\",\n \"Microsoft.Authorization/policyexemptions/*\",\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/policysetdefinitions/*\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-08-25T19:08:01.3861639Z\",\n \"updatedOn\": \"2025-03-25T15:25:05.1731507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36243c78-bf99-498c-9df9-86d9f8d28608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36243c78-bf99-498c-9df9-86d9f8d28608\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduler Job Collections Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Scheduler job collections, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Scheduler/jobcollections/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:49.8429293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"188a0f2f-5c9e-469b-ae67-2aa5ce574b94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Search services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Search/searchServices/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.0229309Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ca78c08-252a-4471-8644-bb5ff32d4ba0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Manager (Legacy)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is a legacy role. Please use Security Administrator instead\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/*/write\",\n \"Microsoft.ClassicNetwork/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-22T17:45:15.8986455Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.5729549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e3d13bf0-dd5a-482e-ba6b-9b8433878d10\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e3d13bf0-dd5a-482e-ba6b-9b8433878d10\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*/read\",\n \"Microsoft.IoTSecurity/*/read\",\n \"Microsoft.Support/*/read\",\n \"Microsoft.Security/iotDefenderSettings/packageDownloads/action\",\n \"Microsoft.Security/iotDefenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Security/iotSensors/downloadResetPassword/action\",\n \"Microsoft.IoTSecurity/defenderSettings/packageDownloads/action\",\n \"Microsoft.IoTSecurity/defenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Management/managementGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:48:49.0516559Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.7479015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39bc4728-0917-49c7-9d2c-d95423bc2eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39bc4728-0917-49c7-9d2c-d95423bc2eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, but not delete them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:41.1420864Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.28294Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Site Recovery service except vault creation and role assignment\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/*\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/*\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/*\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/*\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/*\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/*\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/vaults/replicationOperationStatus/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:46:17.4592776Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.4579503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6670b86e-a3f7-4917-ac9b-5d6ab1be4567\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6670b86e-a3f7-4917-ac9b-5d6ab1be4567\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you failover and failback but not perform other Site Recovery management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:47:50.1341148Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.6263418Z\",\n \"createdBy\": null,\n \"updatedBy\": \"\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494ae006-db33-4328-bf46-533a6560a3ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494ae006-db33-4328-bf46-533a6560a3ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you locate and read properties of spatial anchors in your account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:42.9271004Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.8013467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d51204f-eb77-4b1c-b86a-2ec626c49413\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d51204f-eb77-4b1c-b86a-2ec626c49413\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Site Recovery status but not perform other management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/read\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:35:40.0093634Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.9763366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dbaa88c4-0c30-4179-9fb3-46319faa6149\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dbaa88c4-0c30-4179-9fb3-46319faa6149\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/delete\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:43.5489832Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.166325Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/70bbe301-9835-447d-afdd-19eb3167307c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"70bbe301-9835-447d-afdd-19eb3167307c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Managed Instance Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/*\",\n \"Microsoft.Network/routeTables/*\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/locations/instanceFailoverGroups/*\",\n \"Microsoft.Sql/managedInstances/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/*\",\n \"Microsoft.Network/virtualNetworks/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-10T22:57:14.2937983Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.3513507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/databases/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/write\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/action\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.5363219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Security Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the security-related policies of SQL servers and databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/administratorAzureAsyncOperation/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/read\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/write\",\n \"Microsoft.Sql/locations/serverConfigurationOptionAzureAsyncOperation/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/read\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/servers/databases/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/firewallRules/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/*\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*\",\n \"Microsoft.Security/sqlVulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/administrators/read\",\n \"Microsoft.Sql/servers/administrators/read\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/*\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsAzureAsyncOperation/read\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsOperationResults/read\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-16T18:44:40.4607572Z\",\n \"updatedOn\": \"2025-10-01T18:55:10.630521Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"056cd41c-7e88-42e1-933e-88ba6a50c9c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.2363539Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"17d1049b-9a84-46fb-8f53-869881c3d3ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/write\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/delete\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-04-28T23:10:45.2206234Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:26:11.577057Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.7697481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81a9662b-bebf-436f-a333-f67b29880f12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81a9662b-bebf-436f-a333-f67b29880f12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.9397456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba92f5b4-2d11-453d-a403-e96b0029c9fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-04T07:02:58.2775257Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.1225062Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7e6dc6d-f1e8-4753-8033-0f276bb0955b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.2975076Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.4725469Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/974c5e8b-45b9-4653-ba55-5f855dd0fb88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"974c5e8b-45b9-4653-ba55-5f855dd0fb88\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Processor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for peek, receive, and delete access to Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:27:04.8947111Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.6575408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a0f0c08-91a1-4084-bc3d-661d67233fed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a0f0c08-91a1-4084-bc3d-661d67233fed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for sending of Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:28:34.7459724Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.8325508Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.0178497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19e7f393-937e-4f77-808e-94535e297925\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19e7f393-937e-4f77-808e-94535e297925\"\n },\n {\n \"properties\": {\n \"roleName\": \"Support Request Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create and manage Support requests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-06-22T22:25:37.8053068Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.7444481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Traffic Manager Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Traffic Manager profiles, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/trafficManagerProfiles/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.2744497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"User Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage user access to Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.7932023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/virtualMachineScaleSets/*\",\n \"Microsoft.Compute/cloudServices/*\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/hostgroups/write\",\n \"Microsoft.Compute/hostgroups/hosts/write\",\n \"Microsoft.DevTestLab/schedules/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/applicationGateways/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/loadBalancers/probes/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/locations/*\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/write\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SerialConsole/serialPorts/connect/action\",\n \"Microsoft.SqlVirtualMachine/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2025-02-06T01:34:42.8731411Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9980e02c-c2be-4d73-94e8-173b1dc7cf3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web Plan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the web plans for websites, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/hostingEnvironments/Join/Action\",\n \"Microsoft.Insights/autoscalesettings/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-09-05T15:10:54.6819807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Website Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage websites (not web plans), but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/listSitesAssignedToHostName/read\",\n \"Microsoft.Web/register/action\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-05-12T23:10:23.6193952Z\",\n \"updatedOn\": \"2024-08-05T15:09:29.7130534Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de139f84-1756-47ae-9be6-808fbbe84772\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:33:36.7445745Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.2005807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"090c5cfd-751d-490a-894a-3ce6f1109419\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:34:29.8656362Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.3721538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f526a384-b230-433a-b45c-95f59c4a2dec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read write or delete the attestation provider instance\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-19T00:24:09.3354177Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.7271218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and modify HDInsight cluster configurations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/*/read\",\n \"Microsoft.HDInsight/clusters/getGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/updateGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/configurations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-20T00:03:01.7110732Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.905218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61ed4efc-fab3-44fd-b111-e24485cc132a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [\n \"Microsoft.DocumentDB/databaseAccounts/copyJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/dataTransferJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/regenerateKey/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-26T17:01:17.0169383Z\",\n \"updatedOn\": \"2025-06-06T07:02:41.174245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/230815da-be43-4aae-9cb4-875f7bd000aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"230815da-be43-4aae-9cb4-875f7bd000aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete, and re-onboard Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T21:39:32.3132923Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.2548257Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48b40c6e-82e0-4eb3-90d5-19e40f49b624\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48b40c6e-82e0-4eb3-90d5-19e40f49b624\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard new Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T22:36:28.1873756Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.4308999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/consumergroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:25:21.1056666Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.3225169Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a638d3c7-ab3a-418d-83e6-5f17a39d4fde\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:26:12.4673714Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.4925583Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2b629674-e913-4c01-ae53-ef4638d8f975\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for receive access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:01.6343849Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.6629685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:46.7046934Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.8479199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure File Share over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:19:31.8620471Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.3642909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aba4ae5f-2193-4029-9191-0cb91df5e314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aba4ae5f-2193-4029-9191-0cb91df5e314\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:54:35.483431Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.5443323Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Private DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage private DNS zone resources, but not the virtual networks they are linked to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/privateDnsZones/*\",\n \"Microsoft.Network/privateDnsOperationResults/*\",\n \"Microsoft.Network/privateDnsOperationStatuses/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-10T19:31:15.5645518Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.7342851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b12aa53e-6015-4669-85d0-8515ebb3ae7f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key which can be used to sign SAS tokens\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-23T00:51:16.3376761Z\",\n \"updatedOn\": \"2021-11-11T20:14:05.4321714Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db58b8e5-c6ad-4a2a-8342-4190687cbf4a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db58b8e5-c6ad-4a2a-8342-4190687cbf4a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to use the applications in an application group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DesktopVirtualization/applicationGroups/useApplications/action\",\n \"Microsoft.DesktopVirtualization/appAttachPackages/useApplications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T00:29:03.8727621Z\",\n \"updatedOn\": \"2023-06-15T23:55:51.3849931Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Elevated Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T01:35:36.9935457Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.1571744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7264617-510b-434b-a828-9731dc254ea7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7264617-510b-434b-a828-9731dc254ea7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage blueprint definitions, but not assign them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprints/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:55:16.9683949Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.5171828Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41077137-e803-4205-871c-5a86e6a753b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41077137-e803-4205-871c-5a86e6a753b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can assign existing published blueprints, but cannot create new blueprints. NOTE: this only works if the assignment is done with a user-assigned managed identity.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprintAssignments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:56:48.7897875Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.6971401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/437d2ced-4a38-4302-8479-ed2bcb43d090\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"437d2ced-4a38-4302-8479-ed2bcb43d090\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:39:03.8725173Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ab8e14d6-4a74-4a29-9ba8-549422addade\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ab8e14d6-4a74-4a29-9ba8-549422addade\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Responder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:54:07.6467264Z\",\n \"updatedOn\": \"2024-04-03T15:49:45.0145489Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e150937-b8fe-4cfb-8069-0eaf05ecd056\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e150937-b8fe-4cfb-8069-0eaf05ecd056\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/templateSpecs/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:58:50.1132117Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d289c81-5878-46d4-8554-54e1e3d8b5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d289c81-5878-46d4-8554-54e1e3d8b5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Insights Data Writer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to resource policies and write access to resource component policy events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyassignments/read\",\n \"Microsoft.Authorization/policydefinitions/read\",\n \"Microsoft.Authorization/policyexemptions/read\",\n \"Microsoft.Authorization/policysetdefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.PolicyInsights/checkDataPolicyCompliance/action\",\n \"Microsoft.PolicyInsights/policyEvents/logDataEvents/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-19T19:35:20.9504127Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.4235132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66bb4e9e-b016-4a94-8249-4c0511c2be84\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66bb4e9e-b016-4a94-8249-4c0511c2be84\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR AccessKey Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read SignalR Service Access Keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*/read\",\n \"Microsoft.SignalRService/SignalR/listkeys/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:33:19.6236874Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.613486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04165923-9d83-45d5-8227-78b77b0a687e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04165923-9d83-45d5-8227-78b77b0a687e\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR/Web PubSub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete SignalR service resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:58:09.0009662Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.7884765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/write\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/delete\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.HybridCompute/machines/addExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:15:07.137287Z\",\n \"updatedOn\": \"2025-04-24T23:16:22.0803758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Services Registration assignment Delete Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedServices/registrationAssignments/read\",\n \"Microsoft.ManagedServices/registrationAssignments/delete\",\n \"Microsoft.ManagedServices/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T22:33:33.1183469Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.23364Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91c1777a-f3dc-4fae-b103-61d183457e46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91c1777a-f3dc-4fae-b103-61d183457e46\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\",\n \"Microsoft.AppConfiguration/configurationStores/*/write\",\n \"Microsoft.AppConfiguration/configurationStores/*/delete\",\n \"Microsoft.AppConfiguration/configurationStores/*/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/useSasAuth/action\"\n ]\n }\n ],\n \"createdOn\": \"2019-10-25T18:41:40.1185063Z\",\n \"updatedOn\": \"2024-10-25T19:38:13.5062377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-25T18:45:33.7975332Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.5885341Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"516239f1-63e1-4d78-a4de-a74fb236a071\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Cluster - Azure Arc Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role definition to authorize any user/service to create connectedClusters resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-11-18T17:00:02.2087147Z\",\n \"updatedOn\": \"2024-10-31T01:30:51.0732973Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34e09817-6cbe-4d01-b1a2-e0eac5743d41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34e09817-6cbe-4d01-b1a2-e0eac5743d41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-13T00:08:08.6679591Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.6454147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a22b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a22b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you read and test a KB only.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:26:12.3329439Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.8254033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"466ccd10-b268-4a11-b098-b4849f024126\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you create, edit, import and export a KB. You cannot publish or delete a KB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:27:30.6434556Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.9961559Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4cc2bf9-21be-47a1-bdf1-5c5804381025\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experimentadmin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-18T22:46:33.1116612Z\",\n \"updatedOn\": \"2021-11-11T20:14:15.1811577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a33b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a33b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:15:31.3450348Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.7621737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3df8b902-2a6f-47c7-8cc5-360e9b272a7e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3df8b902-2a6f-47c7-8cc5-360e9b272a7e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Client\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:32:52.7069824Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.9421512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d39065c4-c120-43c9-ab0a-63eed9795f0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d39065c4-c120-43c9-ab0a-63eed9795f0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating managed application resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/*\",\n \"Microsoft.Solutions/register/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-08T03:39:11.8933879Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.1271536Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/641177b8-a67a-45b9-a033-47bc880bb21e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"641177b8-a67a-45b9-a033-47bc880bb21e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Assessment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you push assessments to Security Center\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-13T08:23:47.7656161Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.3021974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/612c2aa1-cb24-443b-ac28-3ab7272de6f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"612c2aa1-cb24-443b-ac28-3ab7272de6f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tag Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage tags on entities, without providing access to the entities themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/tags/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-18T23:19:19.2977644Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.0172041Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a9ae827-6dc8-4573-8ac7-8239d42aa03f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows developers to create and update workflows, integration accounts and API connections in integration service environments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/read\",\n \"Microsoft.Logic/integrationServiceEnvironments/*/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:09:00.5627875Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.1871986Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage integration service environments, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:10:44.4008319Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.3622058Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a41e2c5b-bd99-4a07-88f4-9bf657a760b8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerService/locations/*\",\n \"Microsoft.ContainerService/managedClusters/*\",\n \"Microsoft.ContainerService/managedclustersnapshots/*\",\n \"Microsoft.ContainerService/snapshots/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/deploymentSafeguards/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-27T19:27:15.073997Z\",\n \"updatedOn\": \"2025-07-22T15:11:45.9409312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only role for Digital Twins data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/read\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/read\",\n \"Microsoft.DigitalTwins/eventroutes/read\",\n \"Microsoft.DigitalTwins/jobs/import/read\",\n \"Microsoft.DigitalTwins/jobs/imports/read\",\n \"Microsoft.DigitalTwins/jobs/deletions/read\",\n \"Microsoft.DigitalTwins/models/read\",\n \"Microsoft.DigitalTwins/query/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:48:14.7057381Z\",\n \"updatedOn\": \"2024-01-10T19:29:11.1291888Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d57506d4-4c8d-48b1-8587-93c323f6a5a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d57506d4-4c8d-48b1-8587-93c323f6a5a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access role for Digital Twins data-plane\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/*\",\n \"Microsoft.DigitalTwins/digitaltwins/commands/*\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/*\",\n \"Microsoft.DigitalTwins/eventroutes/*\",\n \"Microsoft.DigitalTwins/jobs/*\",\n \"Microsoft.DigitalTwins/models/*\",\n \"Microsoft.DigitalTwins/query/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:49:33.782193Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcd981a7-7f74-457b-83e1-cceb9e632ffe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hierarchy Settings Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to edit and delete Hierarchy Settings\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/settings/write\",\n \"Microsoft.Management/managementGroups/settings/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-13T23:55:11.0212387Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.0882347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/350f8d15-c687-4448-8ae1-157740a3936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"350f8d15-c687-4448-8ae1-157740a3936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal full access to FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/*\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-03-17T18:35:04.4949547Z\",\n \"updatedOn\": \"2023-08-18T22:59:42.5066274Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a1fc7df-4bf1-4951-a576-89034ee01acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and export FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:45:01.9764073Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.7992557Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3db33094-8700-4567-8da5-1501d4e7e843\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:49:04.8353499Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.9692275Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c8d0bbc-75d3-4935-991f-5f3c56d81508\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and write FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:55:35.2413335Z\",\n \"updatedOn\": \"2023-07-25T15:17:34.7618105Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f88fce4-5892-4214-ae73-ba5294559913\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-25T18:05:14.8375678Z\",\n \"updatedOn\": \"2021-11-11T20:14:24.504239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for Azure Object Understanding.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-04-22T19:15:09.0697923Z\",\n \"updatedOn\": \"2021-11-11T20:14:26.8743132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dd61c23-6743-42fe-a388-d8bdd41cb745\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dd61c23-6743-42fe-a388-d8bdd41cb745\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read, write, and delete access to map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\",\n \"Microsoft.Maps/accounts/*/write\",\n \"Microsoft.Maps/accounts/*/delete\",\n \"Microsoft.Maps/accounts/*/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-07T20:55:05.064541Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.3092598Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the ability to view, create, edit, or delete projects.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-08T23:47:07.0779345Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.8342655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Publish, unpublish or export models. Deployment can view the project but can’t update.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/classify/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/detect/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:31:05.952862Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.0142669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c4089e1-6d96-4d2f-b296-c1bc7137275f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can’t update anything other than training images and tags.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:33:20.8278896Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.1892871Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88424f51-ebe7-446f-bc41-7fa16989e96c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only actions in the project. Readers can’t create or update the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:34:18.5328818Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.3642707Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"93586559-c37d-4a6b-ba08-b9f0940c2d73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Trainer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can’t create or delete the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:35:13.8147804Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.5442713Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. Cannot manage key vault resources or manage role assignments. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:46.2349235Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.2542755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00482a5a-887f-4fb3-b363-3b7fe8e74483\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00482a5a-887f-4fb3-b363-3b7fe8e74483\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform cryptographic operations using keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/update/action\",\n \"Microsoft.KeyVault/vaults/keys/backup/action\",\n \"Microsoft.KeyVault/vaults/keys/encrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/decrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\",\n \"Microsoft.KeyVault/vaults/keys/sign/action\",\n \"Microsoft.KeyVault/vaults/keys/verify/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0699268Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.6042921Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12338af0-0e69-4776-bea7-57ae8d297424\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12338af0-0e69-4776-bea7-57ae8d297424\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the secrets of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.1449242Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.779347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b86a8fe4-44ce-4948-aee5-eccb2c155cd7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b86a8fe4-44ce-4948-aee5-eccb2c155cd7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read secret contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2049241Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.9542829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4633458b-17de-408a-b874-0445c86b69e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4633458b-17de-408a-b874-0445c86b69e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificates Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the certificates of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificatecas/*\",\n \"Microsoft.KeyVault/vaults/certificates/*\",\n \"Microsoft.KeyVault/vaults/certificatecontacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2499247Z\",\n \"updatedOn\": \"2023-06-09T18:51:51.8587772Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4417e6f-fecd-4de8-b567-7b0420556985\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4417e6f-fecd-4de8-b567-7b0420556985\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of key vaults and its certificates, keys, and secrets. Cannot read sensitive values such as secret contents or key material. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2949294Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.3043292Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21090545-7ca7-4776-b22c-e363652d74d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21090545-7ca7-4776-b22c-e363652d74d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Encryption User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-20T20:55:19.239847Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.8443056Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e147488a-f6f5-4113-8e2d-b22465e65bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e147488a-f6f5-4113-8e2d-b22465e65bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources in cluster/namespace, except secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/read\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/read\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/read\",\n \"Microsoft.Kubernetes/connectedClusters/pods/read\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/read\",\n \"Microsoft.Kubernetes/connectedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:51:12.8801199Z\",\n \"updatedOn\": \"2021-11-11T20:14:33.8193353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63f0a09d-1495-4db4-a681-037d84835eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63f0a09d-1495-4db4-a681-037d84835eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:53:50.6749823Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.0043462Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b999177-9696-4545-85c7-50de3797e5a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b999177-9696-4545-85c7-50de3797e5a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:55:30.9910462Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.1743694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8393591c-06b9-48a2-a542-1bd6b377f6a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8393591c-06b9-48a2-a542-1bd6b377f6a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:57:06.0391177Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.3593384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dffb1e0c-446f-4dde-a09f-99eb5cc68b96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dffb1e0c-446f-4dde-a09f-99eb5cc68b96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:47:24.4071415Z\",\n \"updatedOn\": \"2022-10-13T01:31:35.5535817Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.ContainerService/managedClusters/resourcequotas/write\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/delete\",\n \"Microsoft.ContainerService/managedClusters/namespaces/write\",\n \"Microsoft.ContainerService/managedClusters/namespaces/delete\"\n ]\n }\n ],\n \"createdOn\": \"2020-07-02T17:50:30.4020311Z\",\n \"updatedOn\": \"2023-05-09T19:55:25.9025082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3498e952-d568-435e-9b2c-8d77e338d7f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3498e952-d568-435e-9b2c-8d77e338d7f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/read\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/read\",\n \"Microsoft.ContainerService/managedClusters/configmaps/read\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/endpoints/read\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/managedClusters/pods/read\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/read\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/read\",\n \"Microsoft.ContainerService/managedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:53:05.5728294Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.286456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f6c6a51-bcf8-42ba-9220-52d62157d7db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f6c6a51-bcf8-42ba-9220-52d62157d7db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/*\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/*\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/read\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/write\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/delete\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/*\",\n \"Microsoft.ContainerService/managedClusters/configmaps/*\",\n \"Microsoft.ContainerService/managedClusters/endpoints/*\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/managedClusters/pods/*\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/*\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/secrets/*\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/*\",\n \"Microsoft.ContainerService/managedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:54:51.9644983Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.2854555Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Services Hub Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.ServicesHub/connectors/write\",\n \"Microsoft.ServicesHub/connectors/read\",\n \"Microsoft.ServicesHub/connectors/delete\",\n \"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action\",\n \"Microsoft.ServicesHub/supportOfferingEntitlement/read\",\n \"Microsoft.ServicesHub/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-20T17:57:22.0644902Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.5544021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"82200a5b-e217-47a5-b665-6d8765ee745b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object understanding account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-23T19:16:31.9929119Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.9070085Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18777c0-1514-4662-8490-608db7d334b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18777c0-1514-4662-8490-608db7d334b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/clientToken/action\",\n \"Microsoft.SignalRService/SignalR/hub/*\",\n \"Microsoft.SignalRService/SignalR/group/*\",\n \"Microsoft.SignalRService/SignalR/clientConnection/*\",\n \"Microsoft.SignalRService/SignalR/user/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T09:35:32.2764751Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd53cd77-2268-407a-8f46-7e7863d0f521\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd53cd77-2268-407a-8f46-7e7863d0f521\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage data packages of a collaborative.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/locations/dataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/receivedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/rejectDataPackage/action\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/sharedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/dataModels/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/auditLogs/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-14T11:58:31.8973556Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.2428145Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/daa9e50b-21df-454c-94a6-a8050adab352\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"daa9e50b-21df-454c-94a6-a8050adab352\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management and content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:40:19.237361Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.7922672Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management and content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:56:22.352051Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.9672678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/02ca0879-e8e4-47a5-a61e-5c618b76e64a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"02ca0879-e8e4-47a5-a61e-5c618b76e64a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:58:18.42555Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.1433368Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0378884a-3af5-44ab-8323-f5b22f9f3c98\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0378884a-3af5-44ab-8323-f5b22f9f3c98\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:02:43.3299181Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.6754856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the system level configuration.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-10T07:46:47.5804491Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.6930781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cb43c632-a144-4ec5-977c-e80c4affc34a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-10T07:47:59.6195639Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.8780761Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b20f47b-3825-43cb-8114-4bd2201156a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and list Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:31:38.027274Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:48:26.6032931Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5dffeca3-4936-4216-b2bc-10343a5abb25\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/list/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/search/action\",\n \"Microsoft.AgFoodPlatform/*/download/action\",\n \"Microsoft.AgFoodPlatform/*/overlap/action\",\n \"Microsoft.AgFoodPlatform/*/checkConsent/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:08.913882Z\",\n \"updatedOn\": \"2022-12-13T16:08:52.9655626Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/write\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/farmers/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.7239169Z\",\n \"updatedOn\": \"2023-12-01T07:52:03.4961232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8508508a-4469-4e45-963b-2518ee0bb728\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides admin access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.8039209Z\",\n \"updatedOn\": \"2021-11-11T20:14:45.3613128Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f8da80de-1ff9-4747-ad80-a19b7f6079e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed HSM contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage managed HSM pools, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/managedHSMs/*\",\n \"Microsoft.KeyVault/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/purge/action\",\n \"Microsoft.KeyVault/locations/managedHsmOperationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-16T21:47:01.1291104Z\",\n \"updatedOn\": \"2022-03-08T00:35:44.4196909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18500a29-7fe2-46b2-a342-b16a415e101d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-01T08:55:21.3980274Z\",\n \"updatedOn\": \"2021-11-11T20:14:47.547135Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b555d9b-b4a7-4f43-b330-627f0e5be8f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b555d9b-b4a7-4f43-b330-627f0e5be8f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/group/read\",\n \"Microsoft.SignalRService/SignalR/clientConnection/read\",\n \"Microsoft.SignalRService/SignalR/user/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:19:05.6463616Z\",\n \"updatedOn\": \"2021-11-11T20:14:48.790297Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddde6b66-c0df-4114-a159-3618637b3035\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddde6b66-c0df-4114-a159-3618637b3035\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:20:32.150141Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e4f1700-ea5a-4f59-8f37-079cfe29dce3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e4f1700-ea5a-4f59-8f37-079cfe29dce3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reservation Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase reservations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Compute/register/action\",\n \"Microsoft.Consumption/register/action\",\n \"Microsoft.Consumption/reservationRecommendationDetails/read\",\n \"Microsoft.Consumption/reservationRecommendations/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SQL/register/action\",\n \"Microsoft.Support/supporttickets/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-23T20:22:48.9217751Z\",\n \"updatedOn\": \"2022-04-14T02:20:54.5414624Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7b75c60-3036-4b75-91c3-6b41c27c1689\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7b75c60-3036-4b75-91c3-6b41c27c1689\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Metrics Writer (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you write metrics to AzureML workspace\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/metrics/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-27T16:55:19.566495Z\",\n \"updatedOn\": \"2021-11-11T20:14:49.8655015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"635dd51f-9968-44d3-b7fb-6d9a6bd613ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform backup and restore operations using Azure Backup on the storage account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/operations/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/delete\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/write\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/restorePointMarkers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/restoreBlobRanges/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-02T23:32:50.4203469Z\",\n \"updatedOn\": \"2022-04-20T05:50:13.0184092Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Metric Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creation, writes and reads to the metric set via the metrics service APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-10T20:07:53.7535885Z\",\n \"updatedOn\": \"2021-11-11T20:14:50.9524177Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6188b7c9-7d01-4f99-a59f-c88b630326c0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6188b7c9-7d01-4f99-a59f-c88b630326c0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Curator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\",\n \"Microsoft.ProjectBabylon/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:31:33.7988825Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.4929515Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9ef4ef9c-a049-46b0-82ab-dd8ac094c889\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9ef4ef9c-a049-46b0-82ab-dd8ac094c889\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:33:13.5342351Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.6729667Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d896ba-346d-4f50-bc1d-7d1c84130446\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d896ba-346d-4f50-bc1d-7d1c84130446\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Source Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/scan/read\",\n \"Microsoft.ProjectBabylon/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:34:01.8401954Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.8529643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05b7651b-dc44-475e-b74d-df3db49fae0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05b7651b-dc44-475e-b74d-df3db49fae0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-03T23:26:00.2784962Z\",\n \"updatedOn\": \"2021-11-11T20:14:52.9432015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca6382a4-1721-4bcf-a114-ff0c70227b6b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca6382a4-1721-4bcf-a114-ff0c70227b6b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:36:19.0140629Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.0407838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49a72310-ab8d-41df-bbb0-79b649203868\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49a72310-ab8d-41df-bbb0-79b649203868\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:37:16.2910337Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.2107872Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/082f0a83-3be5-4ba1-904c-961cca79b387\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"082f0a83-3be5-4ba1-904c-961cca79b387\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/*\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:38:29.6089216Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.3907854Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21efdde3-836f-432b-bf3d-3e8e734d4b2b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21efdde3-836f-432b-bf3d-3e8e734d4b2b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User Session Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization User Session.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:16.9100273Z\",\n \"updatedOn\": \"2024-10-31T14:20:50.9460757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Session Host Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization Session Host.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:53.2569741Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.7508042Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ad6aaab-ead9-4eaa-8ac5-da422f562408\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ad6aaab-ead9-4eaa-8ac5-da422f562408\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:33.1430834Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.9257967Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ceadfde2-b300-400a-ab7b-6143895aa822\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ceadfde2-b300-400a-ab7b-6143895aa822\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:57.2976187Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.1057701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e307426c-f9b6-4e81-87de-d99efb3c32bc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e307426c-f9b6-4e81-87de-d99efb3c32bc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:18.0287398Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.2858006Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:38.6205531Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.4677136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86240b0e-9422-4c43-887b-b61143f32ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86240b0e-9422-4c43-887b-b61143f32ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:58.1892707Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.6577168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T07:39:03.8394514Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.0178737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk restore.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:31.8481619Z\",\n \"updatedOn\": \"2025-08-21T09:27:36.8531131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b50d9833-a0cb-478e-945f-707fcc997c13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b50d9833-a0cb-478e-945f-707fcc997c13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to manage disk snapshots.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:51.4471411Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.9158814Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7efff54f-a5b4-42b5-a1c5-5411624893ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7efff54f-a5b4-42b5-a1c5-5411624893ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Kubernetes connected cluster role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Kubernetes connected cluster role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.Kubernetes/connectedClusters/write\",\n \"Microsoft.Kubernetes/connectedClusters/delete\",\n \"Microsoft.Kubernetes/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-07T23:57:10.9923232Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.2039838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5548b2cf-c94c-4228-90ba-30851930a12f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5548b2cf-c94c-4228-90ba-30851930a12f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submission Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create and manage submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/adminview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/analystview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/publicview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T09:35:36.5739297Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.3939604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a37b566d-3efa-4beb-a2f2-698963fa42ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a37b566d-3efa-4beb-a2f2-698963fa42ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/platforms/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/write\",\n \"Microsoft.SecurityDetonation/chambers/platforms/delete\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/write\",\n \"Microsoft.SecurityDetonation/chambers/workflows/delete\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/write\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/delete\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/cancel/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T11:43:14.0858184Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.5639749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/352470b3-6a9c-4686-b503-35deb827e500\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"352470b3-6a9c-4686-b503-35deb827e500\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Runtime Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage resources created by AICS at runtime\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/derivedModels/*\",\n \"Microsoft.IndustryDataLifecycle/pipelineSets/*\",\n \"Microsoft.IndustryDataLifecycle/modelMappings/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-19T10:00:27.3464971Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.7442136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a6f0e70-c033-4fb1-828c-08514e5f4102\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a6f0e70-c033-4fb1-828c-08514e5f4102\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosRestoreOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform restore action for Cosmos DB database account with continuous backup mode\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/restore/action\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/*/read\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-21T19:51:35.3884884Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.4892686Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5432c526-bc82-444a-b7ba-57c5b0b5b34f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5432c526-bc82-444a-b7ba-57c5b0b5b34f\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Converter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to convert data from legacy format to FHIR\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-22T19:39:01.1601069Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.8605937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1705bd2-3a8f-45a5-8683-466fcfd5cc24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create quota requests, get quota request status, and create support tickets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/read\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/write\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimitsRequests/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Quota/usages/read\",\n \"Microsoft.Quota/quotas/read\",\n \"Microsoft.Quota/quotas/write\",\n \"Microsoft.Quota/quotaRequests/read\",\n \"Microsoft.Quota/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-03T00:06:35.8404575Z\",\n \"updatedOn\": \"2022-12-07T21:46:59.0116853Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e5f05e5-9ab9-446b-b98d-1e2157c94125\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e5f05e5-9ab9-446b-b98d-1e2157c94125\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-08T18:46:18.8999557Z\",\n \"updatedOn\": \"2021-11-11T20:15:01.6867802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e241071-0855-49ea-94dc-649edcd759de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to query submission info and files from Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-01T14:06:46.2814905Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.327409Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28241645-39f8-410b-ad48-87863e2951d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28241645-39f8-410b-ad48-87863e2951d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:20:47.0279813Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.5006082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a167cdf-cb95-4554-9203-2347fe489bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a167cdf-cb95-4554-9203-2347fe489bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:42:02.0014737Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.6855873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\"\n },\n {\n \"properties\": {\n \"roleName\": \"WorkloadBuilder Migration Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"WorkloadBuilder Migration Agent Role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WorkloadBuilder/migrationAgents/Read\",\n \"Microsoft.WorkloadBuilder/migrationAgents/Write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-11T17:07:20.0828003Z\",\n \"updatedOn\": \"2021-11-11T20:15:04.2456706Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d17ce0a2-0697-43bc-aac5-9113337ab61c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d17ce0a2-0697-43bc-aac5-9113337ab61c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-25T11:12:12.678601Z\",\n \"updatedOn\": \"2021-11-11T20:15:05.3368606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5537268-8956-4941-a8f0-646150406f0c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5537268-8956-4941-a8f0-646150406f0c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:49.7826633Z\",\n \"updatedOn\": \"2024-04-12T06:28:35.0285254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e75ca1e-0464-4b4d-8b93-68208a576181\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Recognizer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/detect/action\",\n \"Microsoft.CognitiveServices/accounts/Face/verify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/identify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/group/action\",\n \"Microsoft.CognitiveServices/accounts/Face/findsimilars/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/read\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-31T01:51:41.3557295Z\",\n \"updatedOn\": \"2023-11-10T00:42:33.8288289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9894cab4-e18a-44aa-828b-cb588cd6f2d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Query Tester\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform query testing without creating a stream analytics job first\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/locations/TestQuery/action\",\n \"Microsoft.StreamAnalytics/locations/OperationResults/read\",\n \"Microsoft.StreamAnalytics/locations/SampleInput/action\",\n \"Microsoft.StreamAnalytics/locations/CompileQuery/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T17:33:24.572787Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.0481551Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\"\n },\n {\n \"properties\": {\n \"roleName\": \"AnyBuild Builder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AnyBuild/clusters/build/write\",\n \"Microsoft.AnyBuild/clusters/build/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T22:07:00.4963853Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.4254134Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2138dac-4907-4679-a376-736901ed8ad8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2138dac-4907-4679-a376-736901ed8ad8\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to IoT Hub data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*/read\",\n \"Microsoft.Devices/IotHubs/fileUpload/notifications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T18:03:29.8843192Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.6054154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b447c946-2db7-41ec-983d-d8bf3b1c77e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b447c946-2db7-41ec-983d-d8bf3b1c77e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Twin Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to all IoT Hub device and module twins.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/twins/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:10.1136903Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.7855063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494bdba2-168f-4f31-a0a1-191d2f7c028c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494bdba2-168f-4f31-a0a1-191d2f7c028c\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub device registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/devices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:47.5532704Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.9804295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ea46cd5-c1b2-4a8e-910b-273211f9ce47\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ea46cd5-c1b2-4a8e-910b-273211f9ce47\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:37:16.9927761Z\",\n \"updatedOn\": \"2021-11-11T20:15:09.1754206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fc6c259-987e-4a07-842e-c321cc9d413f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fc6c259-987e-4a07-842e-c321cc9d413f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Test Base Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let you view and download packages and test results.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getVideoDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/getDownloadUrl/action\",\n \"Microsoft.TestBase/*/read\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/write\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-05-11T23:41:33.1038367Z\",\n \"updatedOn\": \"2021-11-11T20:15:10.8004347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/15e0f5a1-3450-4248-8e25-e2afe88a9e85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"15e0f5a1-3450-4248-8e25-e2afe88a9e85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T20:26:13.4850461Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.3604371Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1407120a-92aa-4202-b7e9-c0e197c71c8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T22:15:16.5388472Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.5504385Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ebe5a00-799e-43f5-93ac-243d3dce84a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:40:54.9150717Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.1005298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76199698-9eea-4c19-bc75-cec21354c6b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76199698-9eea-4c19-bc75-cec21354c6b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:51:59.820761Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.2854966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and search DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:58:30.1630494Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.0154948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:59:30.8659515Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.1904985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58a3b984-7adf-4c20-983a-32417c86fbc8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58a3b984-7adf-4c20-983a-32417c86fbc8\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-02T21:55:40.4847495Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6111233Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a91429-5739-47e2-a06b-3470a27159e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Pool Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-08T17:26:05.1079972Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.9154612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60fc6e62-5479-42d4-8bf4-67625fcc2840\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60fc6e62-5479-42d4-8bf4-67625fcc2840\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Data Scientist\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-14T21:51:06.0361218Z\",\n \"updatedOn\": \"2023-05-30T15:09:08.4457249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6c7c914-8db3-469d-8ca1-694a8f32e121\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage server-wide settings and manage access to resources such as organizations, users, and licenses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-15T21:32:35.380234Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/22926164-76b3-42b3-bc55-97df8dab3e41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"22926164-76b3-42b3-bc55-97df8dab3e41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected SQL Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/sqlServerInstances/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-19T23:52:15.8885739Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.1754742Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8113dce-c529-4d33-91fa-e9b972617508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8113dce-c529-4d33-91fa-e9b972617508\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:37:20.7558643Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.5454755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26baccc8-eea7-41f1-98f4-1762cc7f685d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:44:26.3023126Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.7154782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2787bf04-f1f5-4bfe-8383-c8a24483ee38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Listener\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listen access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/listen/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T18:38:03.1437496Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.9005232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26e0b698-aa6d-4085-9386-aadae190014d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View dashboards, playlists, and query data sources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:36:18.7737511Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60921a7e-fef1-4a43-9b16-a26c52ad4769\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60921a7e-fef1-4a43-9b16-a26c52ad4769\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, edit, delete, or view dashboards; create, edit, or delete folders; and edit or view playlists.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:37:32.5299593Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a79a5197-3a5c-4973-a920-486035ffd60f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a79a5197-3a5c-4973-a920-486035ffd60f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage azure automation resources and other resources using azure automation.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automation/automationAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/ActionGroups/*\",\n \"Microsoft.Insights/ActivityLogAlerts/*\",\n \"Microsoft.Insights/MetricAlerts/*\",\n \"Microsoft.Insights/ScheduledQueryRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T10:18:19.1054699Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.7304954Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f353d9bd-d4a6-484e-a77a-8050b599b867\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f353d9bd-d4a6-484e-a77a-8050b599b867\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Extension Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:47:50.6828896Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.9155393Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85cb6faf-e071-4c9b-8136-154b5a04f717\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85cb6faf-e071-4c9b-8136-154b5a04f717\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to Device Provisioning Service data-plane properties.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:53:12.1374732Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.0905503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/10745317-c249-44a1-a5ce-3a4353c0bbd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"10745317-c249-44a1-a5ce-3a4353c0bbd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Device Provisioning Service data-plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:54:03.2783227Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.2605302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce44e4-17b7-4bd1-a6d1-04996ec95633\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce44e4-17b7-4bd1-a6d1-04996ec95633\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Certificate Profile Signer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Sign files with a certificate profile. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/certificateProfiles/Sign/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-16T23:17:53.0002693Z\",\n \"updatedOn\": \"2024-04-05T05:34:02.8330268Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2837e146-70d7-4cfd-ad55-7efa6464f958\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2837e146-70d7-4cfd-ad55-7efa6464f958\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:40:17.9785063Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.9655101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cff1b556-2399-4e7e-856d-a8f754be7b65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cff1b556-2399-4e7e-856d-a8f754be7b65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\",\n \"Microsoft.AppPlatform/Spring/eurekaService/write\",\n \"Microsoft.AppPlatform/Spring/eurekaService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:42:38.9153779Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.1405497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5880b48-c26d-48be-b172-7927bfa1c8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5880b48-c26d-48be-b172-7927bfa1c8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-26T01:50:51.5123701Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.3155517Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d04c6db6-4947-4782-9e91-30a88feb7be7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d04c6db6-4947-4782-9e91-30a88feb7be7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\",\n \"Microsoft.AppPlatform/Spring/configService/write\",\n \"Microsoft.AppPlatform/Spring/configService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-06T02:30:47.861158Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.0405208Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure VM Managed identities restore Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-13T05:27:59.2180214Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.5805266Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6ae96244-5829-4925-a7d3-5975537d91dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6ae96244-5829-4925-a7d3-5975537d91dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Search and Render Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/render/read\",\n \"Microsoft.Maps/accounts/services/search/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:17:50.5178931Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.045541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6be48352-4f82-47c9-ad5e-0acacefdb005\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6be48352-4f82-47c9-ad5e-0acacefdb005\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access all Azure Maps resource management.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maps/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:19:13.1357904Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.2455414Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dba33070-676a-4fb0-87fa-064dc56ff7fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dba33070-676a-4fb0-87fa-064dc56ff7fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/*\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachineinstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:19:53.0087024Z\",\n \"updatedOn\": \"2023-08-31T13:23:35.2639121Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b748a06d-6150-4f8a-aaa9-ce3940cd96cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b748a06d-6150-4f8a-aaa9-ce3940cd96cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/join/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/Read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/clone/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/Read\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/Read\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/Read\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/allocateSpace/action\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:20:46.5105444Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Administrator role \",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all connected VMwarevSphere actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T17:12:42.6172725Z\",\n \"updatedOn\": \"2024-05-21T15:16:30.6838061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddc140ed-e463-4246-9145-7c664192013f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddc140ed-e463-4246-9145-7c664192013f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, Write, Deploy and Delete functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:28:02.96118Z\",\n \"updatedOn\": \"2021-11-11T20:15:25.4884913Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f72c8140-2111-481c-87ff-72b910f6e3f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/*/read\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action\",\n \"Microsoft.CognitiveServices/accounts/Language/generate/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:14.7643336Z\",\n \"updatedOn\": \"2023-02-28T16:09:04.1394585Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7628b7b8-a8b2-4cdc-b46f-e9b35248918e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, and Write functions under Language Portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:39.5761019Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2904465Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, Write, Deploy and Delete functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:07.6173528Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2749033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f07febfe-79bc-46b1-8b37-790e26e6e498\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under LUIS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*/read\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:31.2704834Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.2134821Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e81cdc-4e98-4e29-a639-e7d10c5a6226\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, and Write functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/delete\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:31:12.1580052Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.3934523Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6322a993-d5c9-4bed-b113-e49bbea25b27\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PlayFab/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T23:26:57.2248605Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.5784834Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9a19cc5-31f4-447c-901f-56c0bb18fcaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9a19cc5-31f4-447c-901f-56c0bb18fcaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, update, delete and execute load tests. View and list load test resources but can not make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/*\",\n \"Microsoft.LoadTestService/testProfiles/*\",\n \"Microsoft.LoadTestService/testProfileRuns/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:11:21.0936461Z\",\n \"updatedOn\": \"2025-09-29T15:12:02.8710803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749a398d-560b-491b-bb21-08924219302e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749a398d-560b-491b-bb21-08924219302e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute all operations on load test resources and load tests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:12:24.5500195Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45bb0b16-2f0c-4e78-afaa-a07599b003f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45bb0b16-2f0c-4e78-afaa-a07599b003f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contributor access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PlayFab/*/read\",\n \"Microsoft.PlayFab/*/write\",\n \"Microsoft.PlayFab/*/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T00:55:37.3326276Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.0547167Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c8b84dc-067c-4039-9615-fa1a4b77c726\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c8b84dc-067c-4039-9615-fa1a4b77c726\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View and list all load tests and load test resources but can not make any changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/readTest/action\",\n \"Microsoft.LoadTestService/testProfiles/read\",\n \"Microsoft.LoadTestService/testProfileRuns/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T06:14:08.3903105Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3ae3fb29-0000-4ccd-bf80-542e7b26e081\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3ae3fb29-0000-4ccd-bf80-542e7b26e081\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Immersive Reader User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create Immersive Reader sessions and call APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T19:52:14.4487503Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.4146975Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b2de6794-95db-4659-8781-7e080d3f2b9d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:51:03.3308981Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.7792013Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f69b8690-cc87-41d6-b77a-a4bc3c0a966f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f69b8690-cc87-41d6-b77a-a4bc3c0a966f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services reader role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:55:30.4208618Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.9592032Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Assistant\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab assistant role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:10.4295443Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.144253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce40b423-cede-4313-a93f-9b28290b72e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce40b423-cede-4313-a93f-9b28290b72e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab operator role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:41.9942935Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.3242664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a36e6959-b6be-4b12-8e9f-ef4b474d304d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a36e6959-b6be-4b12-8e9f-ef4b474d304d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/write\",\n \"Microsoft.LabServices/labs/delete\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/syncGroup/action\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:57:05.9018065Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.4992096Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5daaa2af-1fe8-407c-9122-bba179798270\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5daaa2af-1fe8-407c-9122-bba179798270\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/policyAssignments/*\",\n \"Microsoft.Authorization/policyDefinitions/*\",\n \"Microsoft.Authorization/policyExemptions/*\",\n \"Microsoft.Authorization/policySetDefinitions/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.IoTSecurity/*\",\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:51:23.0917487Z\",\n \"updatedOn\": \"2023-06-27T15:20:21.4401023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb1c8493-542b-48eb-b624-b4c8fea62acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:10:11.833518Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12cf5a90-567b-43ae-8102-96cf46c7d9b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12cf5a90-567b-43ae-8102-96cf46c7d9b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:11:12.6235436Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR App Server\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets your app server access SignalR Service with AAD auth options.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/accessKey/action\",\n \"Microsoft.SignalRService/SignalR/serverConnection/write\",\n \"Microsoft.SignalRService/SignalR/clientConnection/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T06:54:40.1201435Z\",\n \"updatedOn\": \"2021-11-16T05:19:04.8579948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/420fcaa2-552c-430f-98ca-3264be4806c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"420fcaa2-552c-430f-98ca-3264be4806c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a regular user.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.HybridCompute/machines/login/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:55:50.6185845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb879df8-f326-4884-b1cf-06f3ad86be52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb879df8-f326-4884-b1cf-06f3ad86be52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.Compute/virtualMachines/loginAsAdmin/action\",\n \"Microsoft.HybridCompute/machines/login/action\",\n \"Microsoft.HybridCompute/machines/loginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:56:53.8134295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c0163c0-47e6-4577-8991-ea5c82e286e4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c0163c0-47e6-4577-8991-ea5c82e286e4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete and re-onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/*\",\n \"Microsoft.HybridCompute/machines/runCommands/*\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/settings/*\",\n \"Microsoft.HybridCompute/gateways/*\",\n \"Microsoft.HybridCompute/privateLinkScopes/*\",\n \"Microsoft.HybridCompute/licenses/*\",\n \"Microsoft.HybridCompute/locations/*\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:24:59.1474607Z\",\n \"updatedOn\": \"2025-01-31T22:43:26.2952467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd570a14-e51a-42ad-bac8-bafd67325302\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd570a14-e51a-42ad-bac8-bafd67325302\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backup services, except removal of backup, vault creation and giving access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/accessToken/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/write\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/write\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupTriggerValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationsStatuses/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupAadProperties/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrossRegionRestore/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:21:11.894764Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2914246Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00c29273-979b-4161-815c-10b084fb9324\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00c29273-979b-4161-815c-10b084fb9324\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can save shared workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/workbooks/write\",\n \"Microsoft.Insights/workbooks/delete\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/workbooks/revisions/read\",\n \"Microsoft.Insights/workbooktemplates/write\",\n \"Microsoft.Insights/workbooktemplates/delete\",\n \"Microsoft.Insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:59:42.4820277Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8ddcd69-c73f-4f9f-9844-4100522f16ad\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8ddcd69-c73f-4f9f-9844-4100522f16ad\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.insights/workbooks/read\",\n \"microsoft.insights/workbooks/revisions/read\",\n \"microsoft.insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:56:17.680814Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b279062a-9be3-42a0-92ae-8b3cf002ec4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b279062a-9be3-42a0-92ae-8b3cf002ec4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data and update monitoring settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.Monitor/settings/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:21:08.4345976Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749f88d5-cbae-40b8-bcfc-e573ddc772fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Metrics Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables publishing metrics against Azure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Insights/Metrics/Write\",\n \"Microsoft.Insights/Telemetry/Write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-14T00:36:16.5610279Z\",\n \"updatedOn\": \"2022-01-04T00:38:04.0289073Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3913510d-42f4-4e42-8a64-420c390055eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3913510d-42f4-4e42-8a64-420c390055eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 1 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\",\n \"Microsoft.Purview/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:37:15.0123345Z\",\n \"updatedOn\": \"2022-01-04T00:43:15.6924286Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a3c2885-9b38-4fd2-9d99-91af537c1347\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a3c2885-9b38-4fd2-9d99-91af537c1347\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 2 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/scan/read\",\n \"Microsoft.Purview/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:40:05.0975648Z\",\n \"updatedOn\": \"2022-01-04T00:47:22.9678219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/200bba9e-f0c8-430f-892b-6f0794863803\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"200bba9e-f0c8-430f-892b-6f0794863803\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 3 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:39:22.234474Z\",\n \"updatedOn\": \"2022-01-04T00:48:08.2844802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff100721-1b9d-43d8-af52-42b69c1272db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff100721-1b9d-43d8-af52-42b69c1272db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to upload and manage new Autonomous Development Platform measurements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/read\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/dataStreams/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurementCollections/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/changeState/action\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/changeState/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-12-15T11:30:01.7459379Z\",\n \"updatedOn\": \"2022-09-15T17:13:47.5365709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8b15564-4fa6-4a59-ab12-03e1d9594795\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8b15564-4fa6-4a59-ab12-03e1d9594795\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:13:59.9702378Z\",\n \"updatedOn\": \"2022-01-04T13:20:26.2040404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/27f8b550-c507-4db9-86f2-f4b8e816d59d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"27f8b550-c507-4db9-86f2-f4b8e816d59d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:11:31.9843256Z\",\n \"updatedOn\": \"2022-01-04T13:21:04.3207709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d63b75f7-47ea-4f27-92ac-e0d173aaf093\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d63b75f7-47ea-4f27-92ac-e0d173aaf093\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the keys of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/*\",\n \"Microsoft.KeyVault/vaults/keyrotationpolicies/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0099249Z\",\n \"updatedOn\": \"2022-01-06T23:21:17.9760884Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/14b46e9e-c2b7-41b4-b07b-48a6ebf60603\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"14b46e9e-c2b7-41b4-b07b-48a6ebf60603\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:01:34.705363Z\",\n \"updatedOn\": \"2022-01-13T01:35:51.6463216Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49e2f5d2-7741-4835-8efa-19e1fe35e47f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49e2f5d2-7741-4835-8efa-19e1fe35e47f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:59:52.1001666Z\",\n \"updatedOn\": \"2022-01-13T01:59:19.4616366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e4237640-0e3d-4a46-8fda-70bc94856432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e4237640-0e3d-4a46-8fda-70bc94856432\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Write\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.KubernetesConfiguration/extensions/Write\",\n \"Microsoft.KubernetesConfiguration/extensions/Read\",\n \"Microsoft.KubernetesConfiguration/extensions/Delete\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Write\",\n \"Microsoft.ExtendedLocation/customLocations/Delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ResourceConnector/appliances/Read\",\n \"Microsoft.ResourceConnector/appliances/Write\",\n \"Microsoft.ResourceConnector/appliances/Delete\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.BackupSolutions/vmwareapplications/write\",\n \"Microsoft.BackupSolutions/vmwareapplications/delete\",\n \"Microsoft.BackupSolutions/vmwareapplications/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T22:18:08.4480747Z\",\n \"updatedOn\": \"2023-08-18T17:54:09.8815166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/67d33e57-3129-45e6-bb0b-7cc522f762fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"67d33e57-3129-45e6-bb0b-7cc522f762fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Automation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Logic/workflows/triggers/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Logic/workflows/runs/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/runs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-24T08:50:52.0382991Z\",\n \"updatedOn\": \"2022-01-26T09:25:00.4699337Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4c81013-99ee-4d62-a7ee-b3f1f648599a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4c81013-99ee-4d62-a7ee-b3f1f648599a\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*/read\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.097708Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"871e35f6-b5c1-49cc-a043-bde969a0f2cd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can’t create, delete or modify the data/test/model/endpoint for custom models.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read\"\n ]\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:27.4339032Z\",\n \"updatedOn\": \"2024-10-18T20:00:21.397467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2dc8367-1007-4938-bd23-fe263f013447\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows Admin Center Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let's you manage the OS of your resource via Windows Admin Center as an administrator.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/upgradeExtensions/action\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkWatchers/securityGroupView/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/listManagedProxyDetails/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/versions/read\",\n \"Microsoft.Compute/diskAccesses/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete\",\n \"Microsoft.AzureStackHCI/Operations/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Write\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HybridCompute/machines/WACLoginAsAdmin/action\",\n \"Microsoft.Compute/virtualMachines/WACloginAsAdmin/action\",\n \"Microsoft.AzureStackHCI/Clusters/WACloginAsAdmin/Action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/WACloginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-12T00:51:19.5581155Z\",\n \"updatedOn\": \"2024-01-24T16:28:56.8362682Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a6333a3e-0164-44c3-b281-7a577aff287f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a6333a3e-0164-44c3-b281-7a577aff287f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Policy Add-on Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy the Azure Policy add-on on Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/proximityPlacementGroups/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-07T20:51:48.5662807Z\",\n \"updatedOn\": \"2022-03-15T23:34:13.5188193Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ed5180-3e48-46fd-8541-4ea054d57064\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ed5180-3e48-46fd-8541-4ea054d57064\"\n },\n {\n \"properties\": {\n \"roleName\": \"Guest Configuration Resource Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, write Guest Configuration Resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-13T21:31:41.9626667Z\",\n \"updatedOn\": \"2022-02-10T19:22:44.9057916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/088ab73d-1256-47ae-bea9-9de8e7131f31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"088ab73d-1256-47ae-bea9-9de8e7131f31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Insights/DiagnosticSettings/read\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/routes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:38:46.904317Z\",\n \"updatedOn\": \"2022-06-27T17:28:30.2892869Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/361898ef-9ed1-48c2-849c-a832951106bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"361898ef-9ed1-48c2-849c-a832951106bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/Read\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/register/action\",\n \"Microsoft.AAD/unregister/action\",\n \"Microsoft.AAD/domainServices/*\",\n \"Microsoft.Network/register/action\",\n \"Microsoft.Network/unregister/action\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/delete\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:40:22.3943189Z\",\n \"updatedOn\": \"2022-06-27T17:28:31.1017906Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eeaeda52-9324-47f6-8069-5d5bade478b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eeaeda52-9324-47f6-8069-5d5bade478b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Resolver Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS resolver resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsResolvers/read\",\n \"Microsoft.Network/dnsResolvers/write\",\n \"Microsoft.Network/dnsResolvers/delete\",\n \"Microsoft.Network/dnsResolvers/join/action\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/join/action\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/read\",\n \"Microsoft.Network/dnsForwardingRulesets/write\",\n \"Microsoft.Network/dnsForwardingRulesets/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/read\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/write\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/read\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/write\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/delete\",\n \"Microsoft.Network/locations/dnsResolverOperationResults/read\",\n \"Microsoft.Network/locations/dnsResolverOperationStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-16T23:25:04.4308795Z\",\n \"updatedOn\": \"2022-03-12T01:08:44.4650132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Enabled Kubernetes Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credentials action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredentials/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-28T17:37:00.7637445Z\",\n \"updatedOn\": \"2022-02-17T02:29:05.1000798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00493d72-78f6-4148-b6c5-d3ce8e4799dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00493d72-78f6-4148-b6c5-d3ce8e4799dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to upload data to empty managed disks, read, or export data of managed disks (not attached to running VMs) and snapshots using SAS URIs and Azure AD authentication.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/disks/download/action\",\n \"Microsoft.Compute/disks/upload/action\",\n \"Microsoft.Compute/snapshots/download/action\",\n \"Microsoft.Compute/snapshots/upload/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"updatedOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/959f8984-c045-4866-89c7-12bf9737be2e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"959f8984-c045-4866-89c7-12bf9737be2e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Sensor Partner Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to manage sensor related entities in AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete\"\n ]\n }\n ],\n \"createdOn\": \"2022-03-09T09:03:53.490279Z\",\n \"updatedOn\": \"2022-10-27T07:34:00.932807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b77f0a0-0d89-41cc-acd1-579c22c17a67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Sharing Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role allows user to share gallery to another subscription/tenant or share it to the public.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-10T04:36:08.9040323Z\",\n \"updatedOn\": \"2022-03-26T00:40:55.2620635Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ef6a3be-d0ac-425d-8c01-acb62866290b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ef6a3be-d0ac-425d-8c01-acb62866290b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Patching Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/maintenanceConfigurations/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/delete\",\n \"Microsoft.Maintenance/configurationAssignments/read\",\n \"Microsoft.Maintenance/configurationAssignments/write\",\n \"Microsoft.Maintenance/configurationAssignments/delete\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/applyUpdates/read\",\n \"Microsoft.Maintenance/updates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-21T14:34:05.5308153Z\",\n \"updatedOn\": \"2025-02-27T13:35:19.3626961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd08ab90-6b14-449c-ad9a-8f8e549482c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd08ab90-6b14-449c-ad9a-8f8e549482c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Dev Box User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create and manage dev boxes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T22:42:03.2894277Z\",\n \"updatedOn\": \"2023-10-18T19:06:15.1790546Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45d50f46-0b78-4001-a660-4198cbe8cd05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45d50f46-0b78-4001-a660-4198cbe8cd05\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Project Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage project resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/write\",\n \"Microsoft.DevCenter/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/adminStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminAlign/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminAction/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T23:57:37.3708041Z\",\n \"updatedOn\": \"2025-07-23T23:00:43.7994094Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/331c37c6-af14-46d9-b9f4-e1909e1b95a0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"331c37c6-af14-46d9-b9f4-e1909e1b95a0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Local User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a local user configured on the arc server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-07T04:12:11.0327385Z\",\n \"updatedOn\": \"2022-04-16T23:03:02.5542069Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/602da2ba-a5c2-41da-b01d-5360126ab525\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"602da2ba-a5c2-41da-b01d-5360126ab525\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/virtualmachines/*\",\n \"microsoft.scvmm/virtualMachineInstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.9085842Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e582369a-e17b-42a5-b10c-874c387c530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e582369a-e17b-42a5-b10c-874c387c530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Administrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ScVmm/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a92dfd61-77f9-4aec-a531-19858b406c87\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a92dfd61-77f9-4aec-a531-19858b406c87\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/vmmservers/Read\",\n \"microsoft.scvmm/vmmservers/Write\",\n \"microsoft.scvmm/vmmservers/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-05-19T07:39:31.0563245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"microsoft.scvmm/virtualnetworks/join/action\",\n \"microsoft.scvmm/virtualnetworks/Read\",\n \"microsoft.scvmm/virtualmachinetemplates/clone/action\",\n \"microsoft.scvmm/virtualmachinetemplates/Read\",\n \"microsoft.scvmm/clouds/deploy/action\",\n \"microsoft.scvmm/clouds/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0781e91-8102-4553-8951-97c6d4243cda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0781e91-8102-4553-8951-97c6d4243cda\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Pool Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/delete\",\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.HDInsight/clusterPools/write\",\n \"Microsoft.HDInsight/clusterpools/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterpools/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/upgradehistories/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:43.7126562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7656b436-37d4-490a-a4ab-d39f838f0042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7656b436-37d4-490a-a4ab-d39f838f0042\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/clusters/delete\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/rollback/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd036e6b-1266-47a0-b0bb-a05d04831731\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd036e6b-1266-47a0-b0bb-a05d04831731\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and import FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-19T12:03:07.1913541Z\",\n \"updatedOn\": \"2022-04-21T13:19:49.7566662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4465e953-8ced-4406-a58e-0f6e3f3b530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to read cluster configurations, resize clusters and run jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.Hdinsight/clusterpools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\",\n \"Microsoft.Insights/diagnosticSettings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-26T14:14:33.8566334Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcf28286-af25-4c81-bb6f-351fcab5dbe9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcf28286-af25-4c81-bb6f-351fcab5dbe9\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Developer Portal Content Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can customize the developer portal, edit its content, and publish it.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/portalRevisions/read\",\n \"Microsoft.ApiManagement/service/portalRevisions/write\",\n \"Microsoft.ApiManagement/service/contentTypes/read\",\n \"Microsoft.ApiManagement/service/contentTypes/delete\",\n \"Microsoft.ApiManagement/service/contentTypes/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/read\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-06T21:46:28.7501982Z\",\n \"updatedOn\": \"2022-05-11T01:48:03.0899467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c031e6a8-4391-4de0-8d69-4706a7ed3729\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c031e6a8-4391-4de0-8d69-4706a7ed3729\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role that provides access to disk snapshot for security analysis.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/instanceView/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/instanceView/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-15T19:19:38.5462809Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7808068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to all resources under Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-26T12:41:01.1833837Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80dcbedb-47ef-405d-95bd-188a1b4ac406\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80dcbedb-47ef-405d-95bd-188a1b4ac406\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for control path read access to Azure Elastic SAN\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-01T07:05:04.5639037Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af6a70f8-3c9f-4105-acf1-d719e9fca4ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af6a70f8-3c9f-4105-acf1-d719e9fca4ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read\",\n \"Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/availabilitySets/vmSizes/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.Compute/locations/usages/read\",\n \"Microsoft.Compute/locations/vmSizes/read\",\n \"Microsoft.Compute/operations/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/runCommand/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/write\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read\",\n \"Microsoft.KeyVault/vaults/deploy/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.2575005Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5340758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a959dbd1-f747-45e3-8ba6-dd80f235f97c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Off Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureStackHCI/operations/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/restart/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/stop/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/eventtypes/values/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-08-15T18:24:59.2883823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40c5ff49-9181-41f8-ae61-143b0e78555e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40c5ff49-9181-41f8-ae61-143b0e78555e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-02-12T16:11:25.5904731Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/489581de-a3bd-480d-9518-53dea7416b33\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"489581de-a3bd-480d-9518-53dea7416b33\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Group Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to a volume group in Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8281131-f312-4f34-8d98-ae12be9f0d23\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8281131-f312-4f34-8d98-ae12be9f0d23\"\n },\n {\n \"properties\": {\n \"roleName\": \"Access Review Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Management/getEntities/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76cc9ee4-d5d3-4a45-a930-26add3d73475\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76cc9ee4-d5d3-4a45-a930-26add3d73475\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Identity Verifier\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage identity or business verification requests. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/IdentityVerification/Read\",\n \"Microsoft.CodeSigning/IdentityVerification/Write\",\n \"Microsoft.CodeSigning/IdentityVerification/Delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-29T07:36:35.8877235Z\",\n \"updatedOn\": \"2024-10-24T14:08:43.6479343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4339b7cf-9826-4e41-b4ed-c7f4505dac08\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4339b7cf-9826-4e41-b4ed-c7f4505dac08\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Restricted Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to view and search through all video's insights and transcription in the Video Indexer portal. No access to model customization, embedding of widget, downloading videos, or sharing the account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/*/read\",\n \"Microsoft.VideoIndexer/accounts/*/action\"\n ],\n \"notActions\": [\n \"Microsoft.VideoIndexer/*/write\",\n \"Microsoft.VideoIndexer/*/delete\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"updatedOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2c4a527-7dc0-4ee3-897b-403ade70fafb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2c4a527-7dc0-4ee3-897b-403ade70fafb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access the data in an Azure Monitor Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Monitor/accounts/data/metrics/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T15:27:32.9926129Z\",\n \"updatedOn\": \"2022-10-07T20:52:48.6545841Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b0d8363b-8ddd-447d-831f-62ca05bff136\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b0d8363b-8ddd-447d-831f-62ca05bff136\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7837694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5af6afb3-c06c-4fa4-8848-71a8aee05683\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5af6afb3-c06c-4fa4-8848-71a8aee05683\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/apps/deployments/*\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/*\",\n \"Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/*\",\n \"Microsoft.ContainerService/fleets/batch/jobs/*\",\n \"Microsoft.ContainerService/fleets/configmaps/*\",\n \"Microsoft.ContainerService/fleets/endpoints/*\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/*\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/*\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/*\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/*\",\n \"Microsoft.ContainerService/fleets/services/*\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/*\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434fb43a-c01c-447e-9f67-c3ad923cfaba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434fb43a-c01c-447e-9f67-c3ad923cfaba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63bb64ad-9799-4770-b5c3-24ed299a07bf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63bb64ad-9799-4770-b5c3-24ed299a07bf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-23T18:34:36.152431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/30b27cfc-9c84-438e-b0ce-70e35255df80\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"30b27cfc-9c84-438e-b0ce-70e35255df80\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ab4d3d-a1bf-4477-8ad9-8359bc988f69\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ab4d3d-a1bf-4477-8ad9-8359bc988f69\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to read namespace resources and retrieve kubeconfig for the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/listUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"updatedOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba79058c-0414-4a34-9e42-c3399d80cd5a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba79058c-0414-4a34-9e42-c3399d80cd5a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Labeling - Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can label data in Labeling.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/experiments/runs/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/summary/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-02T20:34:03.6536098Z\",\n \"updatedOn\": \"2022-09-08T21:01:04.9492408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6decf44-fd0a-444c-a844-d653c394e7ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6decf44-fd0a-444c-a844-d653c394e7ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Role Based Access Control Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T00:28:32.1779656Z\",\n \"updatedOn\": \"2023-11-08T20:50:17.2103449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f58310d9-a9f6-439a-9e8d-f62e7b41a168\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f58310d9-a9f6-439a-9e8d-f62e7b41a168\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Template Spec operations at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c9b6475-caf0-4164-b5a1-2142a7116f4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c9b6475-caf0-4164-b5a1-2142a7116f4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Template Specs at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/392ae280-861d-42bd-9ea5-08ee6d83b80e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"392ae280-861d-42bd-9ea5-08ee6d83b80e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Playbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Playbook Operator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Logic/workflows/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-20T17:17:53.1732035Z\",\n \"updatedOn\": \"2022-12-07T18:28:46.3977543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/51d6186e-6489-4900-b93f-92e23144cca5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"51d6186e-6489-4900-b93f-92e23144cca5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/userRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/userOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-21T23:02:10.9267534Z\",\n \"updatedOn\": \"2023-11-11T02:44:04.8360299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e40d4e-8d2e-438d-97e1-9528336e149c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e40d4e-8d2e-438d-97e1-9528336e149c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Connect Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Connect Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"updatedOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80558df3-64f9-4c0f-b32d-e5094b036b0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80558df3-64f9-4c0f-b32d-e5094b036b0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Remote Debugging Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Remote Debugging Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"updatedOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a99b0159-1064-4c22-a57b-c9b3caa1c054\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a99b0159-1064-4c22-a57b-c9b3caa1c054\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Registry User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/registries/assets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1823dd4f-9b8c-4ab6-ab4e-7397a3684615\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Compute Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/computes/*\",\n \"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/write\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/virtualNetworks/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/join/action\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aabbc5dd-1af0-458b-a942-81af88f9c138\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aabbc5dd-1af0-458b-a942-81af88f9c138\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/Operations/read\",\n \"Microsoft.Workloads/Locations/OperationStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2024-01-12T10:58:11.4343824Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05352d14-a920-4328-a0de-4cbe7430e26b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05352d14-a920-4328-a0de-4cbe7430e26b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read and write access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/write\",\n \"Microsoft.Workloads/sapVirtualInstances/*/delete\",\n \"Microsoft.Workloads/Locations/*/action\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/start/action\",\n \"Microsoft.Workloads/sapVirtualInstances/*/stop/action\",\n \"Microsoft.Workloads/connectors/*/read\",\n \"Microsoft.Workloads/connectors/*/write\",\n \"Microsoft.Workloads/connectors/*/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/*/generateKeyPair/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-04T17:14:14.5212968Z\",\n \"updatedOn\": \"2023-06-21T15:30:31.2294248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"AppGw for Containers Configuration Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access and configuration updates to Application Gateway for Containers resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/delete\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-06T03:15:51.8980834Z\",\n \"updatedOn\": \"2024-10-29T15:24:36.1024666Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbc52c3f-28ad-4303-a892-8a056630b8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbc52c3f-28ad-4303-a892-8a056630b8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR SMART User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user to access FHIR Service according to SMART on FHIR specification\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T17:20:25.4418773Z\",\n \"updatedOn\": \"2022-12-07T20:30:43.3899302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ba50f17-9666-485c-a643-ff00808643f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ba50f17-9666-485c-a643-ff00808643f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access including the ability to fine-tune, deploy and generate text\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/read\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/write\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/delete\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/read\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/write\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/delete\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2023-08-25T21:51:58.6134163Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a001fd3d-188f-4b5d-821b-7da978bf7442\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Ability to view files, models, deployments. Readers can't make any changes They can inference and create images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*/read\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/delete\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/assistants/*\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/responses/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read\"\n ]\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2025-04-28T15:13:50.0338628Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact Reporter role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact write access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*\",\n \"Microsoft.Impact/ImpactCategories/read\",\n \"Microsoft.Impact/TopologyImpacts/*\",\n \"Microsoft.Impact/getUploadToken/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:34:10.0140145Z\",\n \"updatedOn\": \"2025-09-26T15:39:14.9829777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Impact Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to reported impacts and impact categories\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/read\",\n \"Microsoft.Impact/ImpactCategories/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:49:23.8706555Z\",\n \"updatedOn\": \"2022-11-14T16:02:29.4536312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Monitoring User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster monitoring user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-02-06T16:01:22.3399796Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1afdec4b-e479-420e-99e7-f82237c7c5e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1afdec4b-e479-420e-99e7-f82237c7c5e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"ContainerApp Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all containerapp resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-01-02T16:08:35.1119461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EdgeMarketplace/locations/operationStatuses/read\",\n \"Microsoft.EdgeMarketPlace/offers/getAccessToken/action\",\n \"Microsoft.EdgeMarketPlace/offers/generateAccessToken/action\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Attestation/attestationProviders/write\",\n \"Microsoft.Attestation/attestationProviders/read\",\n \"Microsoft.Attestation/attestationProviders/delete\",\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-15T16:12:10.4398106Z\",\n \"updatedOn\": \"2024-08-26T15:01:40.009798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5819b54-e033-4d82-ac66-4fec3cbf3f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5819b54-e033-4d82-ac66-4fec3cbf3f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlDb Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlDb migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/write\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/write\",\n \"Microsoft.Sql/servers/databases/delete\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-12-07T23:03:17.2201214Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6344876Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/189207d4-bb67-4208-a635-b06afe8b2c57\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"189207d4-bb67-4208-a635-b06afe8b2c57\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services GDU Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to GDU Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.7508137Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c4bc862a-3b64-4a35-a021-a380c159b042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c4bc862a-3b64-4a35-a021-a380c159b042\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Imagery Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.2220222Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef29765d-0d37-4119-a4f8-f9f9902c9588\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef29765d-0d37-4119-a4f8-f9f9902c9588\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Service role for management\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions that the user assigned managed identity must have to enable registration for the existing systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0105a6b0-4bb9-43d2-982a-12806f9faddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0105a6b0-4bb9-43d2-982a-12806f9faddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Management role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions which allow users to register existing systems, view and manage systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d949e1d-41e2-46e3-8920-c6e4f31a8310\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d949e1d-41e2-46e3-8920-c6e4f31a8310\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes API Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Security/pricings/securityoperators/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T13:11:09.1105477Z\",\n \"updatedOn\": \"2025-09-12T08:03:06.9409916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a2ae44-610b-4500-93be-660a0c5f5ca6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a2ae44-610b-4500-93be-660a0c5f5ca6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Usage Billing Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Usage Billing shared BuiltIn role to be used for all Customer Account Authentication\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.UsageBilling/accounts/inputs/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T20:45:56.3071212Z\",\n \"updatedOn\": \"2023-01-26T19:26:37.6422441Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Registry secure supply chain operator service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\",\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-19T15:58:15.6513344Z\",\n \"updatedOn\": \"2024-06-12T15:19:54.7471937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96062cf7-95ca-4f89-9b9d-2a2aa47356af\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlMI Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlMI migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/write\",\n \"Microsoft.Sql/managedInstances/databases/read\",\n \"Microsoft.Sql/managedInstances/databases/write\",\n \"Microsoft.Sql/managedInstances/databases/delete\",\n \"Microsoft.Sql/managedInstances/metrics/read\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.2824316Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3295951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d335eef-eee1-47fe-a9e0-53214eba8872\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d335eef-eee1-47fe-a9e0-53214eba8872\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services CWUM Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to CWUM Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3570667Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9b99099-ead7-47db-8fcf-072597a61dfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9b99099-ead7-47db-8fcf-072597a61dfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlVM Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlVM migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3580681Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6444899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae8036db-e102-405b-a1b9-bae082ea436d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae8036db-e102-405b-a1b9-bae082ea436d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Cdn/profiles/customdomains/write\",\n \"Microsoft.Cdn/profiles/customdomains/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.0560669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab34830-df19-4f8c-b84e-aa85b8afa6e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7541192Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0db238c4-885e-4c4f-a933-aa2cef684fca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Cdn/profiles/secrets/write\",\n \"Microsoft.Cdn/profiles/secrets/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f2eb865-5811-4578-b90a-6fc6fa0df8e5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door domains, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7551197Z\",\n \"updatedOn\": \"2023-12-07T09:22:52.9393362Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f99d363-226e-4dca-9920-b807cf8e1a5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/register/action\",\n \"Microsoft.AzureStackHCI/Unregister/Action\",\n \"Microsoft.AzureStackHCI/clusters/*\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action\",\n \"Microsoft.HybridCompute/register/action\",\n \"Microsoft.GuestConfiguration/register/action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.AzureStackHCI/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068}))\"\n }\n ],\n \"createdOn\": \"2023-02-03T05:08:48.3968454Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bda0d508-adf1-4af0-9c28-88919fc3ae06\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bda0d508-adf1-4af0-9c28-88919fc3ae06\"\n },\n {\n \"properties\": {\n \"roleName\": \"MySQL Backup And Export Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage backup and export resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforMySQL/flexibleServers/validateBackup/action\",\n \"Microsoft.DBforMySQL/flexibleServers/backupAndExport/action\",\n \"Microsoft.DBforMySQL/locations/operationResults/read\",\n \"Microsoft.DBforMySQL/locations/azureAsyncOperation/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T06:09:26.5657063Z\",\n \"updatedOn\": \"2023-05-12T10:55:29.6654289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18ad5f3-1baf-4119-b49b-d944edb1f9d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18ad5f3-1baf-4119-b49b-d944edb1f9d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalNGFirewallAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to create, modify, describe, or delete NGFirewalls.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/firewalls/*\",\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/globalRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/networkVirtualAppliances/read\",\n \"Microsoft.Network/networkVirtualAppliances/write\",\n \"Microsoft.Network/networkVirtualAppliances/delete\",\n \"Microsoft.Network/virtualHubs/read\",\n \"Microsoft.Network/virtualWans/read\",\n \"Microsoft.Network/virtualWans/virtualHubs/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4098652Z\",\n \"updatedOn\": \"2023-03-13T15:13:22.9170402Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalRulestacksAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create, modify, describe, or delete Rulestacks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4108678Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3315958Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfc3b73d-c6ff-45eb-9a5f-40298295bf20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfc3b73d-c6ff-45eb-9a5f-40298295bf20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Extension for SQL Server Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to enable deployment of Azure Extension for SQL Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.HybridCompute/machines/extensions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-09T19:23:30.8734404Z\",\n \"updatedOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7392c568-9289-4bde-aaaa-b7131215889d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7392c568-9289-4bde-aaaa-b7131215889d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Read and Batch Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can be used to assign read and batch actions on Azure Maps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/*/read\",\n \"Microsoft.Maps/accounts/services/batch/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"updatedOn\": \"2023-05-16T15:12:18.5723729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6470a16-71bd-43ab-86b3-6f3a73f4e787\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6470a16-71bd-43ab-86b3-6f3a73f4e787\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/users/read\",\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/groups/read\",\n \"Microsoft.ApiManagement/service/groups/users/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/apis/*\",\n \"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*\",\n \"Microsoft.ApiManagement/service/workspaces/policies/*\",\n \"Microsoft.ApiManagement/service/workspaces/schemas/*\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/policyFragments/*\",\n \"Microsoft.ApiManagement/service/workspaces/namedValues/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/backends/*\",\n \"Microsoft.ApiManagement/service/workspaces/certificates/*\",\n \"Microsoft.ApiManagement/service/workspaces/diagnostics/*\",\n \"Microsoft.ApiManagement/service/workspaces/loggers/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56328988-075d-4c6a-8766-d93edd6725b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/subscriptions/*\",\n \"Microsoft.ApiManagement/service/workspaces/groups/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/notifications/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c2c328-d004-4c5e-938c-35c6f5679a1f\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9565a273-41b9-4368-97d2-aeb0c976a9b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:33:57.1067324Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8eda974-7b85-4f76-af95-65846b26df6d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8eda974-7b85-4f76-af95-65846b26df6d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:49:03.5905581Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69566ab7-960f-475b-8e7c-b3118f30c6bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to read virtual networks and join the designated virtual networks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7eabc9a4-85f7-4f71-b8ab-75daaccc1033\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7eabc9a4-85f7-4f71-b8ab-75daaccc1033\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows365SubscriptionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d55a8f6-4133-418d-8051-facdb1735758\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d55a8f6-4133-418d-8051-facdb1735758\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network Interface Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action\",\n \"Microsoft.Network/networkInterfaces/effectiveRouteTable/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1f135831-5bbe-4924-9016-264044c00788\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1f135831-5bbe-4924-9016-264044c00788\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1250456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppComplianceAutomation/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/fileservices/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.PolicyInsights/policyStates/queryResults/action\",\n \"Microsoft.PolicyInsights/policyStates/triggerEvaluation/action\",\n \"Microsoft.Resources/resources/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/tags/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Security/automations/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Security/automations/delete\",\n \"Microsoft.Security/automations/write\",\n \"Microsoft.Security/register/action\",\n \"Microsoft.Security/unregister/action\",\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1240456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f37683f-2463-46b6-9ce7-9b788b988ba2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f37683f-2463-46b6-9ce7-9b788b988ba2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-01T15:11:52.6370946Z\",\n \"updatedOn\": \"2023-05-05T22:39:42.6328063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9dfcab-4b77-4632-a6df-94bd07820648\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9dfcab-4b77-4632-a6df-94bd07820648\"\n },\n {\n \"properties\": {\n \"roleName\": \"SaaS Hub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"SaaS Hub contributor can manage SaaS Hub resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-02T15:22:12.2506952Z\",\n \"updatedOn\": \"2023-05-11T22:10:29.48093Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeployments/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.1951056Z\",\n \"updatedOn\": \"2023-05-11T22:10:28.3488114Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read and download Azure Sphere resources and upload images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.AzureSphere/catalogs/images/write\",\n \"Microsoft.AzureSphere/catalogs/uploadImage/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.8007514Z\",\n \"updatedOn\": \"2024-01-26T23:01:00.4162781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d994134-994b-4a59-9974-f479f0b227fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d994134-994b-4a59-9974-f479f0b227fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Machine Learning Workspace Connection Secrets Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can list workspace connection secrets\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/secrets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2023-10-13T16:37:23.7956902Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea01e6af-a1c1-4350-9563-ad00f8c72ec5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea01e6af-a1c1-4350-9563-ad00f8c72ec5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Procurement Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the procurement of products and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\",\n \"Microsoft.SaaSHub/register/action\",\n \"Microsoft.SaaS/resources/read\",\n \"Microsoft.SaaS/resources/write\",\n \"Microsoft.SaaS/resources/delete\",\n \"Microsoft.SaaS/register/action\",\n \"Microsoft.ProfessionalService/resources/read\",\n \"Microsoft.ProfessionalService/resources/write\",\n \"Microsoft.ProfessionalService/resources/delete\",\n \"Microsoft.ProfessionalService/register/action\",\n \"Microsoft.BillingBenefits/register/action\",\n \"Microsoft.BillingBenefits/maccs/read\",\n \"Microsoft.BillingBenefits/maccs/write\",\n \"Microsoft.BillingBenefits/maccs/delete\",\n \"Microsoft.BillingBenefits/maccs/cancel/action\",\n \"Microsoft.BillingBenefits/maccs/chargeShortfall/action\",\n \"Microsoft.BillingBenefits/maccs/contributors/read\",\n \"Microsoft.BillingBenefits/credits/read\",\n \"Microsoft.BillingBenefits/credits/write\",\n \"Microsoft.BillingBenefits/credits/cancel/action\",\n \"Microsoft.BillingBenefits/credits/sources/read\",\n \"Microsoft.BillingBenefits/credits/sources/write\",\n \"Microsoft.BillingBenefits/credits/sources/delete\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/read\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/write\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/delete\",\n \"Microsoft.EnterpriseSupport/register/action\",\n \"Microsoft.SoftwarePlan/register/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/read\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/write\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/delete\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/cancel/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/listKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2025-06-17T15:17:30.9745788Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be1a1ac2-09d3-4261-9e57-a73a6e227f53\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be1a1ac2-09d3-4261-9e57-a73a6e227f53\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Contributor (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/*\",\n \"Microsoft.CognitiveSearch/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:21.2869168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Reader (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/read\",\n \"Microsoft.CognitiveSearch/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:20.8732351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79b01272-bf9f-4f4c-9517-5506269cf524\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79b01272-bf9f-4f4c-9517-5506269cf524\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/communities/delete\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/communityEndpoints/delete\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/communities/transitHubs/delete\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-25T20:51:16.2041501Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e28a61e-8040-49db-b175-bb5b88af6239\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e28a61e-8040-49db-b175-bb5b88af6239\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrative user that can upload/view firmwares & configure firmware workspaces\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-12T15:03:22.1277659Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4423915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9c1607d1-791d-4c68-885d-c7b7aaff7c8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9c1607d1-791d-4c68-885d-c7b7aaff7c8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Data Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure Key Vault by adding or removing role assignments for the Key Vault Administrator, Key Vault Certificates Officer, Key Vault Crypto Officer, Key Vault Crypto Service Encryption User, Key Vault Crypto User, Key Vault Reader, Key Vault Secrets Officer, or Key Vault Secrets User roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/vaults/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6}))\"\n }\n ],\n \"createdOn\": \"2023-06-20T22:26:01.661921Z\",\n \"updatedOn\": \"2023-12-07T01:33:05.5970688Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b54135c-b56d-4d72-a534-26097cfdc8d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b54135c-b56d-4d72-a534-26097cfdc8d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and update index tags. This role is used by the data scanner of Defender for Storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-21T15:30:31.2244258Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Diagnostics Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to execute diagnostics provided by Compute Diagnostic Service for Compute Resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/virtualmachinescalesets/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-03T15:01:36.9754614Z\",\n \"updatedOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df2711a6-406d-41cf-b366-b0250bff9ad1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df2711a6-406d-41cf-b366-b0250bff9ad1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Network Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to create Private Endpoints on SAN resources, and to read SAN resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/write\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/delete\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-11T15:16:02.2537915Z\",\n \"updatedOn\": \"2023-07-24T15:07:43.2245803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa6cecf6-5db3-4c43-8470-c540bcb4eafa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa6cecf6-5db3-4c43-8470-c540bcb4eafa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Usages Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Minimal permission to view Cognitive Services usages.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/locations/usages/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"updatedOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bba48692-92b0-4667-a9ad-c31c7b334ac2\"\n },\n {\n \"properties\": {\n \"roleName\": \"PostgreSQL Flexible Server Long Term Retention Backup Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role to allow backup vault to access PostgreSQL Flexible Server Resource APIs for Long Term Retention Backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrBackupOperations/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrPreBackup/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/startLtrBackup/action\",\n \"Microsoft.DBforPostgreSQL/locations/azureAsyncOperation/read\",\n \"Microsoft.DBforPostgreSQL/locations/operationResults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-19T15:33:56.5176195Z\",\n \"updatedOn\": \"2023-08-02T22:48:06.4502162Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c088a766-074b-43ba-90d4-1fb21feae531\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c088a766-074b-43ba-90d4-1fb21feae531\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Parameter Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal access to $status and $reindex to update search parameters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/searchparameter/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"updatedOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a02f7c31-354d-4106-865a-deedf37fa038\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a02f7c31-354d-4106-865a-deedf37fa038\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Data Access Administrator (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Virtual Machines by adding or removing role assignments for the Virtual Machine Administrator Login and Virtual Machine User Login roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52}))\"\n }\n ],\n \"createdOn\": \"2023-08-07T15:25:15.1179899Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Developer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/sites/config/list/Action\",\n \"microsoft.web/sites/config/Write\",\n \"microsoft.web/sites/config/web/appsettings/delete\",\n \"microsoft.web/sites/config/web/appsettings/write\",\n \"microsoft.web/sites/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"microsoft.web/sites/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/publish/Action\",\n \"microsoft.web/sites/slots/config/appsettings/write\",\n \"Microsoft.Web/sites/slots/config/list/Action\",\n \"microsoft.web/sites/slots/config/web/appsettings/delete\",\n \"microsoft.web/sites/slots/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/slots/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/slots/publish/Action\",\n \"microsoft.web/sites/workflows/*\",\n \"microsoft.web/sites/workflowsconfiguration/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:10.0284774Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"523776ba-4eb2-4600-a3c8-f2dc93da4bdb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.2307952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad710c24-b039-4e85-a019-deb4a06e8570\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Operator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/sites/applySlotConfig/Action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"Microsoft.Web/sites/restart/Action\",\n \"Microsoft.Web/sites/slots/restart/Action\",\n \"Microsoft.Web/sites/slots/slotsswap/Action\",\n \"Microsoft.Web/sites/slots/start/Action\",\n \"Microsoft.Web/sites/slots/stop/Action\",\n \"Microsoft.Web/sites/slotsdiffs/Action\",\n \"Microsoft.Web/sites/slotsswap/Action\",\n \"Microsoft.Web/sites/start/Action\",\n \"Microsoft.Web/sites/stop/Action\",\n \"Microsoft.Web/sites/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.616246Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.0327572Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b70c96e9-66fe-4c09-b6e7-c98e69c98555\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:52.9359215Z\",\n \"updatedOn\": \"2024-04-03T21:08:11.472321Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4accf36b-2c05-432f-91c8-5c532dff4c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"IPAM Pool User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read IPAM Pools and child resources. Create and remove associations. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkManagers/ipamPools/*/read\",\n \"Microsoft.Network/networkManagers/ipamPools/*/action\",\n \"Microsoft.Network/networkManagers/ipamPools/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"updatedOn\": \"2024-10-14T15:14:50.4699933Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\"\n },\n {\n \"properties\": {\n \"roleName\": \"SpatialMapsAccounts Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage data in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/spatialMapsAccounts/read\",\n \"Microsoft.MixedReality/spatialMapsAccounts/delete\",\n \"Microsoft.MixedReality/spatialMapsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-24T22:24:26.823752Z\",\n \"updatedOn\": \"2023-08-24T22:24:26.823752Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Notifications System Topics Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create system topics and event subscriptions on all system topics exposed currently and in the future by Azure Resource Notifications\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToImpactReportingResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToAksResources/action\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/systemTopics/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-31T17:58:41.4180876Z\",\n \"updatedOn\": \"2025-10-01T20:11:41.338522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b962ed2-6d56-471c-bd5f-3477d83a7ba4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b962ed2-6d56-471c-bd5f-3477d83a7ba4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for Importing Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preRestore/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/90e8b822-3e73-47b5-868a-787dc80c008f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"90e8b822-3e73-47b5-868a-787dc80c008f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Snapshot Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating and exporting Snapshot of Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preBackup/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c4770c0-34f7-4110-a1ea-a5855cc7a939\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c4770c0-34f7-4110-a1ea-a5855cc7a939\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-14T21:20:02.9426432Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49435da6-99fe-48a5-a235-fc668b9dc04a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49435da6-99fe-48a5-a235-fc668b9dc04a\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you subscribe messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/subscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b0f2fd7-60b4-4eca-896f-4435034f8bf5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b0f2fd7-60b4-4eca-896f-4435034f8bf5\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you publish messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/publish/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a12b0b94-b317-4dcd-84a8-502ce99884c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a12b0b94-b317-4dcd-84a8-502ce99884c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Boundary Tenant Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows tenant level administration for data boundaries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/dataBoundaries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"updatedOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1a38570-4b05-4d70-b8e4-1100bcf76d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1a38570-4b05-4d70-b8e4-1100bcf76d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Realtime Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute requests against DeID realtime endpoint. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Realtime/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"updatedOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\"\n ]\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b73a14ee-91f5-41b7-bd81-920e12466be9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b73a14ee-91f5-41b7-bd81-920e12466be9\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a90fa6b-6997-4a07-8a95-30633a7c97b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a90fa6b-6997-4a07-8a95-30633a7c97b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Carbon Optimization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Carbon Optimization data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Carbon/carbonEmissionReports/action\",\n \"Microsoft.Carbon/carbonEmissionReports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-29T19:24:38.5828579Z\",\n \"updatedOn\": \"2025-02-17T16:06:32.7430565Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa0d39e6-28e5-40cf-8521-1eb320653a4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa0d39e6-28e5-40cf-8521-1eb320653a4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Owner allowing to review and modify Landing Zone Configurations as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/*\",\n \"Microsoft.Sovereign/landingZoneRegistrations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"updatedOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/38863829-c2a4-4f8d-b1d2-2e325973ebc7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"38863829-c2a4-4f8d-b1d2-2e325973ebc7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Reader allowing to review Landing Zone Configurations and corresponding Registrations without the ability to modify. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/read\",\n \"Microsoft.Sovereign/landingZoneRegistrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"updatedOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8fe6e843-6d9e-417b-9073-106b048f50bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8fe6e843-6d9e-417b-9073-106b048f50bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Device Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Management Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/Clusters/*\",\n \"Microsoft.AzureStackHCI/EdgeDevices/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*/read\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-10T15:19:13.4820522Z\",\n \"updatedOn\": \"2025-02-11T16:14:17.6124295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"865ae368-6a45-4bd1-8fbf-0d5151f56fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Customer Lockbox Approver for Subscription\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve Microsoft support requests to access specific resources contained within a subscription, or the subscription itself, when Customer Lockbox for Microsoft Azure is enabled on the tenant where the subscription resides.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.CustomerLockbox/requests/UpdateApproval/action\",\n \"Microsoft.CustomerLockbox/requests/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/eventtypes/values/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-12T18:01:15.239432Z\",\n \"updatedOn\": \"2024-08-08T19:08:54.2825991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dae6930-7baf-46f5-909e-0383bc931c46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dae6930-7baf-46f5-909e-0383bc931c46\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Bridge Deployment Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Resource Bridge Deployment Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-16T15:13:24.2748766Z\",\n \"updatedOn\": \"2024-02-26T16:08:40.5270416Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b1f81f9-4196-4058-8aae-762e593270df\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b1f81f9-4196-4058-8aae-762e593270df\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view VMs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/Read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/Read\",\n \"Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/Read\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-19T22:56:37.6955839Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b3fe76c-f777-4d24-a2d7-b027b0f7b273\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b3fe76c-f777-4d24-a2d7-b027b0f7b273\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure AI resource besides managing the resource itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\",\n \"Microsoft.MachineLearningServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/reasonings/read\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/results/images/read\"\n ],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/ContentSafety/*\",\n \"Microsoft.CognitiveServices/accounts/MaaS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:06:45.817201Z\",\n \"updatedOn\": \"2025-04-17T17:55:39.8922431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"64702f94-c441-49e6-a78b-ef80e0188fee\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to perform all VM actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/*\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/*\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/*\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/*\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/join/action\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/join/action\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/deploy/action\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:51:51.8242229Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/874d1c73-6003-4e60-a13a-cb31ea190a85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"874d1c73-6003-4e60-a13a-cb31ea190a85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"updatedOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb960402-bf75-4cc3-8d68-35b34f960f72\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb960402-bf75-4cc3-8d68-35b34f960f72\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send and receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\",\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d8c3fe3-8864-474b-8749-01e3783e8157\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d8c3fe3-8864-474b-8749-01e3783e8157\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and triage recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageRecommendations/approve/action\",\n \"Microsoft.Advisor/triageRecommendations/reject/action\",\n \"Microsoft.Advisor/triageRecommendations/reset/action\",\n \"Microsoft.Advisor/triageResources/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:31.5895356Z\",\n \"updatedOn\": \"2025-04-02T19:27:15.4734544Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8aac15f0-d885-4138-8afa-bfb5872f7d13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8aac15f0-d885-4138-8afa-bfb5872f7d13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageResources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:32.6518882Z\",\n \"updatedOn\": \"2025-04-02T19:42:31.0079991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c64499e0-74c3-47ad-921c-13865957895c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c64499e0-74c3-47ad-921c-13865957895c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Inference Deployment Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions required to create a resource deployment within a resource group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/AutoscaleSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T18:08:40.1583451Z\",\n \"updatedOn\": \"2024-03-15T17:43:35.7204254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3afb7f49-54cb-416e-8c09-6dc049efa503\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connected Cluster Managed Identity CheckAccess Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built-in role that allows a Connected Cluster managed identity to call the checkAccess API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T19:09:07.911497Z\",\n \"updatedOn\": \"2023-11-07T16:18:43.5381941Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/65a14201-8f6c-4c28-bec4-12619c5a9aaa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"65a14201-8f6c-4c28-bec4-12619c5a9aaa\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Dataset Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dataset APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"updatedOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d4b70f-0fb9-4f72-b267-b87b2f990aec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d4b70f-0fb9-4f72-b267-b87b2f990aec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender for Storage's malware scanning and sensitive data discovery features on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/defenderforstoragesettings/read\",\n \"Microsoft.Security/defenderforstoragesettings/write\",\n \"Microsoft.Security/advancedThreatProtectionSettings/read\",\n \"Microsoft.Security/advancedThreatProtectionSettings/write\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7}))\"\n }\n ],\n \"createdOn\": \"2023-11-10T10:31:03.38275Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f641de8-0b88-4198-bdef-bd8b45ceba96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f641de8-0b88-4198-bdef-bd8b45ceba96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view AFD standard and premium profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/Usages/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/Usages/action\",\n \"Microsoft.Cdn/profiles/origingroups/Usages/action\",\n \"Microsoft.Cdn/profiles/rulesets/Usages/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-15T16:30:04.3609762Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"662802e2-50f6-46b0-aed2-e834bacc6d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-28T16:02:03.528699Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86fede04-b259-4277-8c3e-e26b9865abd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86fede04-b259-4277-8c3e-e26b9865abd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc3f91a1-40bf-4439-8c46-45edbd83563a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc3f91a1-40bf-4439-8c46-45edbd83563a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5092dac-c796-4349-8681-1a322a31c3f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5092dac-c796-4349-8681-1a322a31c3f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e7037d40-443a-4434-a3fb-8cd202011e1d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e7037d40-443a-4434-a3fb-8cd202011e1d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/enclaveConnections/delete\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/delete\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-05T16:13:20.7602458Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-07T23:59:26.5917667Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19feefae-eacc-4106-81fd-ac34c0671f14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19feefae-eacc-4106-81fd-ac34c0671f14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-08T19:37:02.3189417Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3911351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Encryption Scope Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of Encryption Scopes on a Storage Account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/encryptionScopes/read\",\n \"Microsoft.Storage/storageAccounts/encryptionScopes/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-01-10T18:58:49.3538976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a316ed6d-1efe-48ac-ac08-f7995a9c26fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a316ed6d-1efe-48ac-ac08-f7995a9c26fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Key Vault Writer Service Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/vaults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/setSecret/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-08-14T19:11:47.7610812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44f0a1a8-6fea-4b35-980a-8ff50c487c97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44f0a1a8-6fea-4b35-980a-8ff50c487c97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Release User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/release/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"updatedOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08bbd89e-9f13-488c-ac41-acfcb10c90ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08bbd89e-9f13-488c-ac41-acfcb10c90ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Runtime Storage Class Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Kubernetes Runtime storage classes in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/storageClasses/read\",\n \"Microsoft.KubernetesRuntime/storageClasses/write\",\n \"Microsoft.KubernetesRuntime/storageClasses/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-15T06:02:00.5747685Z\",\n \"updatedOn\": \"2024-08-19T15:08:52.7461468Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0cd9749a-3aaf-4ae5-8803-bd217705bf3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0cd9749a-3aaf-4ae5-8803-bd217705bf3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"updatedOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/609c0c20-e0a0-4a71-b99f-e7e755ac493d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"609c0c20-e0a0-4a71-b99f-e7e755ac493d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificate User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificates/read\",\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\",\n \"Microsoft.KeyVault/vaults/keys/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"updatedOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Managed Components Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for all managed components in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/managedComponents/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/52fd16bd-6ed5-46af-9c40-29cbd7952a29\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"52fd16bd-6ed5-46af-9c40-29cbd7952a29\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6593e776-2a30-40f9-8a32-4fe28b77655d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6593e776-2a30-40f9-8a32-4fe28b77655d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Gateway Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Gateway in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/gateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"updatedOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge On-Site Deployment Engineer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an on-site person to assist in the provisioning of an edge device\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/orderItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T11:05:20.8919638Z\",\n \"updatedOn\": \"2024-08-30T13:53:39.2810677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/207bcc4b-86a6-4487-9141-d6c1f4c238aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"207bcc4b-86a6-4487-9141-d6c1f4c238aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane read operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.ApiCenter/services/workspaces/search/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T20:37:59.9775707Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7244dfb-f447-457d-b2ba-3999044d1706\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact-insight reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact-insight read access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"updatedOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfb2f09d-25f8-4558-8986-497084006d7a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfb2f09d-25f8-4558-8986-497084006d7a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud permissions to provision the Kubernetes defender security agent\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-29T16:00:38.0450387Z\",\n \"updatedOn\": \"2024-04-08T15:07:46.3009159Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cloud Controller Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and update the cloud controller manager deployed on top of OpenShift.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/privatelinkservices/write\",\n \"Microsoft.Network/privatelinkservices/read\",\n \"Microsoft.Network/privatelinkservices/delete\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.7996135Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.5578538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1f96423-95ce-4224-ab27-4e3dc72facd4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1f96423-95ce-4224-ab27-4e3dc72facd4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Disk Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Disks. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-03-28T17:59:48.0577945Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b7237c5-45e1-49d6-bc18-a1f62f400748\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b7237c5-45e1-49d6-bc18-a1f62f400748\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Network Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install and upgrade the networking components on an OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Compute/virtualMachines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be7a6435-15ae-4171-8f30-4a343eff9e8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be7a6435-15ae-4171-8f30-4a343eff9e8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Image Registry Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Resources/tags/write\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift File Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Files. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/privateDnsOperationStatuses/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateEndpoints/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0d7aedc0-15fd-4a67-a412-efad370c947e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0d7aedc0-15fd-4a67-a412-efad370c947e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Service Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Maintain machine health, network configuration, monitoring, and other features that are specific to an OpenShift cluster's continued functionality as a managed service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-06-03T15:14:11.4486606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4436bae4-7702-4c84-919b-c4069ff25ee2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4436bae4-7702-4c84-919b-c4069ff25ee2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Machine API Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage the lifecycle of specific-purpose custom resource definitions (CRD), controllers, and Azure RBAC objects that extend the Kubernetes API to declares the desired state of machines in a cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/capacityReservationGroups/deploy/action\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action\",\n \"Microsoft.Network/applicationSecurityGroups/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNATRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-03-20T13:43:14.3948725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0358943c-7e01-48ba-8889-02cc51d78637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0358943c-7e01-48ba-8889-02cc51d78637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cluster Ingress Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and configure the OpenShift router.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsZones/A/delete\",\n \"Microsoft.Network/dnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/A/delete\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-02-14T18:54:20.1640655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0336e1d3-7a87-462b-b6db-342b63f7802c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0336e1d3-7a87-462b-b6db-342b63f7802c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources and RBAC configuration, includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n }\n ],\n \"createdOn\": \"2024-02-01T23:40:30.7387663Z\",\n \"updatedOn\": \"2024-03-12T15:09:00.907512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a382001-fe36-41ff-bba4-8bf06bd54da9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a382001-fe36-41ff-bba4-8bf06bd54da9\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/WRITE\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/*/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/*/WRITE\",\n \"Microsoft.Quota/GROUPQUOTAS/*/DELETE\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:36.8464681Z\",\n \"updatedOn\": \"2025-02-04T16:18:52.2174712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e2217c0e-04bb-4724-9580-91cf9871bc01\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e2217c0e-04bb-4724-9580-91cf9871bc01\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/subscriptions/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"updatedOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0f495dc-44ef-4140-aeb0-b89110e6a7c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0f495dc-44ef-4140-aeb0-b89110e6a7c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Smart Boundary Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Smart Boundary Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-16T08:39:51.0915233Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.223022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/539283cd-c185-4a9a-9503-d35217a1db7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"539283cd-c185-4a9a-9503-d35217a1db7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender CSPM's sensitive data discovery feature on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n }\n ],\n \"createdOn\": \"2024-02-23T11:40:48.9476806Z\",\n \"updatedOn\": \"2025-09-24T15:22:44.3542995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8480c0f0-4509-4229-9339-7c10018cb8c4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8480c0f0-4509-4229-9339-7c10018cb8c4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Recommendations Contributor (Assessments and Reviews)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View assessment recommendations, accepted review recommendations, and manage the recommendations lifecycle (mark recommendations as completed, postponed or dismissed, in progress, or not started).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Advisor/recommendations/write\",\n \"Microsoft.Advisor/recommendations/available/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-26T16:08:40.5151834Z\",\n \"updatedOn\": \"2024-03-13T23:14:21.178011Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b534d80-e337-47c4-864f-140f5c7f593d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b534d80-e337-47c4-864f-140f5c7f593d\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage GeoCatalogs, but does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9c97b9c-105d-4bb5-a2a7-7d15666c2484\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9c97b9c-105d-4bb5-a2a7-7d15666c2484\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View GeoCatalogs, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7b8f583-43d0-40ae-b147-6b46f53661c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7b8f583-43d0-40ae-b147-6b46f53661c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7661499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af854a69-80ce-4ff7-8447-f1118a2e0ca8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/RestoreBuiltinTemplate/Read\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/Read\",\n \"Microsoft.HealthBot/healthBots/Localization/Read\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/Read\",\n \"Microsoft.HealthBot/healthBots/DataConnections/Read\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/Read\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*/Read\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/Read\",\n \"Microsoft.HealthBot/healthBots/Resources/Files/Read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7381488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway Dataplane User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8503139Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c20923c5-b089-47a5-bf67-fd89569c4ad9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c20923c5-b089-47a5-bf67-fd89569c4ad9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\",\n \"Microsoft.HealthBot/healthBots/Admin/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8513161Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7431492Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1082fec-a70f-419f-9230-885d2550fb38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Network Connection Approver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve private endpoint connections to Azure AI common dependency resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/privateEndpointConnections/read\",\n \"Microsoft.ApiManagement/service/privateEndpointConnections/write\",\n \"Microsoft.ApiManagement/service/privateLinkResources/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/privateLinkResources/read\",\n \"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Cache/redisEnterprise/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write\",\n \"Microsoft.Cache/redisEnterprise/privateLinkResources/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action\",\n \"Microsoft.CognitiveServices/accounts/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write\",\n \"Microsoft.CognitiveServices/accounts/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforMySQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write\",\n \"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read\",\n \"Microsoft.DocumentDB/databaseAccounts/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/write\",\n \"Microsoft.KeyVault/vaults/privateLinkResources/read\",\n \"Microsoft.KeyVault/vaults/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/registries/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/write\",\n \"Microsoft.Storage/storageAccounts/privateLinkResources/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnections/read\",\n \"Microsoft.Sql/servers/privateEndpointConnections/write\",\n \"Microsoft.Sql/servers/privateLinkResources/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/write\",\n \"Microsoft.EventHub/namespaces/privateLinkResources/read\",\n \"Microsoft.EventHub/namespaces/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/write\",\n \"Microsoft.Search/searchServices/sharedPrivateLinkResources/read\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/write\",\n \"Microsoft.Insights/privatelinkscopes/privateLinkResources/read\",\n \"Microsoft.Insights/privatelinkscopes/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/write\",\n \"Microsoft.Network/privateLinkServices/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/write\",\n \"Microsoft.Network/applicationGateways/privateLinkResources/read\",\n \"Microsoft.Network/applicationGateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-29T22:43:58.7323849Z\",\n \"updatedOn\": \"2025-01-29T21:07:16.6125101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b556d68e-0be0-4f35-a333-ad7ee1ce17ea\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role required by a Managed Identity for Azure Container Storage operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Resources/subscriptions/providers/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-06T18:09:47.8933525Z\",\n \"updatedOn\": \"2024-03-21T21:58:56.1897725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and manage its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.6502598Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95dd08a6-00bd-4661-84bf-f6726f83a4d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95dd08a6-00bd-4661-84bf-f6726f83a4d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and grants access to its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.882353Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95de85bd-744d-4664-9dde-11430bc34793\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95de85bd-744d-4664-9dde-11430bc34793\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Locations/operationStatuses/write\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.AzureStackHCI/clusters/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:44.8716461Z\",\n \"updatedOn\": \"2025-09-25T18:20:47.1023449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d3f1697-4507-4d08-bb4a-477695db5f82\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d3f1697-4507-4d08-bb4a-477695db5f82\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/233ca253-b031-42ff-9fba-87ef12d6b55f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"233ca253-b031-42ff-9fba-87ef12d6b55f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/action\",\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f54b6d04-23c6-443e-b462-9c16ab7b4a52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f54b6d04-23c6-443e-b462-9c16ab7b4a52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Can create/delete ResourceGuard \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.DataProtection/*/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/subscriptions/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Savings plan Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase savings plans\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.BillingBenefits/savingsPlanOrders/write\",\n \"Microsoft.BIllingBenefits/register/action\",\n \"Microsoft.Support/supporttickets/write\",\n \"Microsoft.Billing/billingProperty/read\",\n \"Microsoft.CostManagement/benefitRecommendations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"updatedOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read\",\n \"Microsoft.Network/expressRouteCrossConnections/*/read\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionManager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*\",\n \"Microsoft.Network/expressRouteCrossConnections/*\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [\n \"Microsoft.Network/expressRouteCrossConnections/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/399c3b2b-64c2-4ff1-af34-571db925b068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"399c3b2b-64c2-4ff1-af34-571db925b068\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/write\",\n \"Microsoft.Security/pricings/securityoperators/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-20T15:36:16.6580488Z\",\n \"updatedOn\": \"2024-12-05T16:14:33.0969374Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e93ba01-8f92-4c7a-b12a-801e3df23824\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e93ba01-8f92-4c7a-b12a-801e3df23824\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*\",\n \"Microsoft.ApiCenter/deletedServices/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1026818Z\",\n \"updatedOn\": \"2025-06-27T17:59:17.7305662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd24193f-ef65-44e5-8a7e-6fa6e03f7713\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cba8790-29c5-48e5-bab1-c7541b01cb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Compliance Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing API compliance in Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ede9aaa3-4627-494e-be13-4aa7c256148d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Historical Weather Data Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Historical Weather Data Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:24.6069385Z\",\n \"updatedOn\": \"2024-08-08T17:08:36.118249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b192c1-773c-4543-bfb0-6c59254b74a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b192c1-773c-4543-bfb0-6c59254b74a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database VmCluster Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all VmCluster resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudExadataInfrastructures/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4654513Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9ce8739-6fa2-4123-a0a2-0ef41a67806f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9ce8739-6fa2-4123-a0a2-0ef41a67806f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Reader Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/resourceAnchors/read\",\n \"Oracle.Database/networkAnchors/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2025-08-21T18:37:52.3681201Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d623d097-b882-4e1e-a26f-ac60e31065a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d623d097-b882-4e1e-a26f-ac60e31065a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Owner Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-04T21:25:06.0488389Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4562aac9-b209-4bd7-a144-6d7f3bb516f4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4562aac9-b209-4bd7-a144-6d7f3bb516f4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle Subscriptions Manager Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle Subscriptions resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/write\",\n \"Oracle.Database/oracleSubscriptions/*/delete\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-05T15:59:48.0147406Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4caf51ec-f9f5-413f-8a94-b9f5fddba66b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4caf51ec-f9f5-413f-8a94-b9f5fddba66b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exadata Infrastructure Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Exadata Infrastructure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:26.7449799Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4cfdd23b-aece-4fd1-b614-ad3a06c53453\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4cfdd23b-aece-4fd1-b614-ad3a06c53453\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Catalog Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Catalog resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f27b7598-bc64-41f7-8a44-855ff16326c2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f27b7598-bc64-41f7-8a44-855ff16326c2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Config File Pattern Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read content of config file pattern for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.869223Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.869223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25211fc6-dc78-40b6-b205-e4ac934fd9fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25211fc6-dc78-40b6-b205-e4ac934fd9fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Hybrid Database Administrator - Read Only Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read only access to Azure hybrid database services resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/*/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/getTelemetry/action\",\n \"Microsoft.AzureArcData/sqlServerInstances/availabilityGroups/getDetailView/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"updatedOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d9c6a55-fc0e-4e21-ae6f-f7b095497342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d9c6a55-fc0e-4e21-ae6f-f7b095497342\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Business Applications Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List and update actions on a business applications system. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-04T08:02:29.5240808Z\",\n \"updatedOn\": \"2024-06-05T15:32:09.463486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure ContainerApps Session Executor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and execute sessions in a sessionPool\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/sessions/generatesessions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/interpreters/execute/action\",\n \"Microsoft.App/sessionPools/interpreters/read\",\n \"Microsoft.App/sessionPools/executions/*\",\n \"Microsoft.App/sessionPools/files/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-05T18:15:51.9984875Z\",\n \"updatedOn\": \"2024-11-01T09:37:25.3241262Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Edge Winfields federated subscription read access role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Edge Winfields role for read access on federated subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-11T23:06:49.0273732Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3701285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83ee7727-862c-4213-8ed8-2ce6c5d69a40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83ee7727-862c-4213-8ed8-2ce6c5d69a40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Federated Credential\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, update and delete federated credentials on user assigned managed identities in order to build a trust relationship between the managed identity, OpenID Connect (OIDC), and the service account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-12T00:30:33.7626424Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4504757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef318e2a-8334-4a05-9e4a-295a196c6a6e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef318e2a-8334-4a05-9e4a-295a196c6a6e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Crop Id Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Crop Id Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-19T09:07:57.429491Z\",\n \"updatedOn\": \"2024-05-15T15:18:59.4401968Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39138f76-04e6-41f0-ba6b-c411b59081a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39138f76-04e6-41f0-ba6b-c411b59081a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Events Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to scheduled event actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/scheduledevents/acknowledge/action\",\n \"Microsoft.Compute/VirtualMachines/read\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/AvailabilitySets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-23T15:07:32.157769Z\",\n \"updatedOn\": \"2024-05-03T21:25:12.6392452Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b67fe603-310e-4889-b9ee-8257d09d353d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b67fe603-310e-4889-b9ee-8257d09d353d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Recommendations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to call Compute Recommendations APIs provided by Compute Diagnostic Resource Provider service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/locations/placementScores/generate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-30T15:20:17.6310289Z\",\n \"updatedOn\": \"2024-07-02T15:07:54.755272Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e82342c9-ac7f-422b-af64-e426d2e12b2d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e82342c9-ac7f-422b-af64-e426d2e12b2d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Execution Instance List Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List instances for job executions in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91422e52-bb88-4415-bb4a-90f5b71f6dcb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91422e52-bb88-4415-bb4a-90f5b71f6dcb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for jobs in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/jobs/read\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/logstream/action\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b459aa1d-e3c8-436f-ae21-c0531140f43e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b459aa1d-e3c8-436f-ae21-c0531140f43e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T17:46:29.728767Z\",\n \"updatedOn\": \"2024-05-10T17:46:29.728767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05fdd44c-adc6-4aff-981c-61041f0c929a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05fdd44c-adc6-4aff-981c-61041f0c929a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-write access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"updatedOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a5eb8433-97a5-4a06-80b2-a877e1622c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a5eb8433-97a5-4a06-80b2-a877e1622c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/write\",\n \"Microsoft.Resources/deploymentStacks/read\",\n \"Microsoft.Resources/deploymentStacks/validate/action\",\n \"Microsoft.Resources/deploymentStacks/exportTemplate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2025-06-05T00:56:22.3468702Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf7f8882-3383-422a-806a-6526c631a88a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf7f8882-3383-422a-806a-6526c631a88a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, including those with deny assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adb29209-aa1d-457b-a786-c913953d2891\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adb29209-aa1d-457b-a786-c913953d2891\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Config Server Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Config Server in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configServers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"updatedOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/74252426-c508-480e-9345-4607bbebead4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"74252426-c508-480e-9345-4607bbebead4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Catalog Lister\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listing all repositories in an Azure Container Registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:09.4683575Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5848534Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2efddaa5-3f1f-4df3-97df-af3f13818f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2efddaa5-3f1f-4df3-97df-af3f13818f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.586855Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a1e307c-b015-4ebd-883e-5b7698a07328\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a1e307c-b015-4ebd-883e-5b7698a07328\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5818531Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b93aa761-3e63-49ed-ac28-beffa264f7ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b93aa761-3e63-49ed-ac28-beffa264f7ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DeID data. This role is in preview and subject to change\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"updatedOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78e4b983-1a0b-472e-8b7d-8d770f7c5890\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78e4b983-1a0b-472e-8b7d-8d770f7c5890\"\n },\n {\n \"properties\": {\n \"roleName\": \"Locks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Locks Operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"updatedOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28bf596f-4eb7-45ce-b5bc-6cf482fec137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28bf596f-4eb7-45ce-b5bc-6cf482fec137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Standby Container Group Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage standby container group pool resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/revisions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StandbyPool/Locations/OperationStatuses/read\",\n \"Microsoft.StandbyPool/Operations/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/delete\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/runtimeViews/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"updatedOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39fcb0de-8844-4706-b050-c28ddbe3ff83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39fcb0de-8844-4706-b050-c28ddbe3ff83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Artifacts Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for publishing gallery artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/*\",\n \"Microsoft.Compute/locations/capsOperations/read\",\n \"Microsoft.Compute/locations/communityGalleries/*\",\n \"Microsoft.Compute/locations/sharedGalleries/*\",\n \"Microsoft.Compute/images/*\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"updatedOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Viewer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant access to view all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T07:46:35.012434Z\",\n \"updatedOn\": \"2024-06-28T08:35:31.7949436Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5826735-177b-4a0d-a9a3-d0e4b4bda107\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5826735-177b-4a0d-a9a3-d0e4b4bda107\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant full access to manage all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T08:01:39.0551096Z\",\n \"updatedOn\": \"2024-06-28T08:35:33.2869473Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ccf8795-8983-4912-8036-1c45212c95e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ccf8795-8983-4912-8036-1c45212c95e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a3ab03bc-5350-42ff-b0d5-00207672db55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a3ab03bc-5350-42ff-b0d5-00207672db55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Connected InfraVMs\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role of Arc Integration for Azure Stack HCI Infrastructure Virtual Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:27.6822616Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3691302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c99c945f-8bd1-4fb1-a903-01460aae6068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c99c945f-8bd1-4fb1-a903-01460aae6068\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Delete resources during VM Restore. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/locations/diskOperations/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/checkNameAvailability/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"updatedOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce8971-25e3-42e3-ba33-6055438e3080\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce8971-25e3-42e3-ba33-6055438e3080\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight clusters, configuration, extensions, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXECUTESCRIPTACTIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/GETGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/LISTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATEENDPOINTCONNECTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATELINKRESOURCES/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESOLVEPRIVATELINKSERVICEID/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESTARTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/AUTOSCALE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/RESIZE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/PROMOTE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/UPDATEGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AVAILABLECLUSTERVERSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/BILLINGSPECS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CAPABILITIES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CHECKNAMEAVAILABILITY/ACTION\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/USAGES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/VALIDATECREATEREQUEST/ACTION\",\n \"MICROSOFT.HDINSIGHT/OPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/REGISTER/ACTION\",\n \"MICROSOFT.HDINSIGHT/RESOURCETYPES/READ\",\n \"MICROSOFT.HDINSIGHT/UNREGISTER/ACTION\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"updatedOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0847e196-2fd2-4c2f-a48c-fca6fd030f44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0847e196-2fd2-4c2f-a48c-fca6fd030f44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Compute Contributor Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Manage and configure Azure Operator Nexus infrastructure resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/classicAdministrators/operationstatuses/read\",\n \"Microsoft.Authorization/classicAdministrators/read\",\n \"Microsoft.Authorization/denyAssignments/read\",\n \"Microsoft.Authorization/diagnosticSettings/read\",\n \"Microsoft.Authorization/diagnosticSettingsCategories/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/operations/read\",\n \"Microsoft.Authorization/permissions/read\",\n \"Microsoft.Authorization/policyAssignments/read\",\n \"Microsoft.Authorization/policyAssignments/privateLinkAssociations/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read\",\n \"Microsoft.Authorization/policyDefinitions/read\",\n \"Microsoft.Authorization/policyExemptions/read\",\n \"Microsoft.Authorization/policySetDefinitions/read\",\n \"Microsoft.Authorization/providerOperations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleInstances/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleRequests/read\",\n \"Microsoft.Authorization/roleAssignmentSchedules/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleInstances/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleRequests/read\",\n \"Microsoft.Authorization/roleEligibilitySchedules/read\",\n \"Microsoft.Authorization/roleManagementPolicies/read\",\n \"Microsoft.Authorization/roleManagementPolicyAssignments/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.Insights/alertRules/activated/action\",\n \"Microsoft.Insights/alertRules/delete\",\n \"Microsoft.Insights/alertRules/incidents/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/alertRules/resolved/action\",\n \"Microsoft.Insights/alertRules/throttled/action\",\n \"Microsoft.Insights/alertRules/write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.ManagedNetworkFabric/networkFabricControllers/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkFabrics/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkRacks/join/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/cordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/delete\",\n \"Microsoft.NetworkCloud/bareMetalMachines/powerOff/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/read\",\n \"Microsoft.NetworkCloud/bareMetalMachines/reimage/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/replace/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/restart/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runDataExtracts/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runReadCommands/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/start/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/uncordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/write\",\n \"Microsoft.NetworkCloud/clusterManagers/delete\",\n \"Microsoft.NetworkCloud/clusterManagers/read\",\n \"Microsoft.NetworkCloud/clusterManagers/write\",\n \"Microsoft.NetworkCloud/clusters/bareMetalMachineKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/bmcKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/continueUpdateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/delete\",\n \"Microsoft.NetworkCloud/clusters/deploy/action\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/delete\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/read\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/write\",\n \"Microsoft.NetworkCloud/clusters/read\",\n \"Microsoft.NetworkCloud/clusters/scanRuntime/action\",\n \"Microsoft.NetworkCloud/clusters/updateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/write\",\n \"Microsoft.NetworkCloud/locations/operationStatuses/read\",\n \"Microsoft.NetworkCloud/operations/read\",\n \"Microsoft.NetworkCloud/rackSkus/read\",\n \"Microsoft.NetworkCloud/racks/delete\",\n \"Microsoft.NetworkCloud/racks/join/action\",\n \"Microsoft.NetworkCloud/racks/read\",\n \"Microsoft.NetworkCloud/racks/write\",\n \"Microsoft.NetworkCloud/register/action\",\n \"Microsoft.NetworkCloud/registeredSubscriptions/read\",\n \"Microsoft.NetworkCloud/storageAppliances/read\",\n \"Microsoft.NetworkCloud/unregister/action\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"updatedOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4aa368ec-fba9-4e93-81ed-396b3d461cc5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4aa368ec-fba9-4e93-81ed-396b3d461cc5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Instances Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to container groups provided by Azure Container Instances\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerInstance/containerGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"updatedOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d977122-f97e-4b4d-a52f-6b43003ddb4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d977122-f97e-4b4d-a52f-6b43003ddb4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read connectors and their associated resources, such as impacts and insights.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Insights/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"updatedOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cdbb904-5ff3-429d-8169-7d7818b91bd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cdbb904-5ff3-429d-8169-7d7818b91bd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Transparency Logs Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Transparency Log resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/transparencyLogs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"updatedOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Limited Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View home page.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41e04612-9dac-4699-a02b-c82ff2cc3fb5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41e04612-9dac-4699-a02b-c82ff2cc3fb5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Encryption Set Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/diskEncryptionSets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"updatedOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/136d308c-0937-4a49-9bd7-edfb42adbffc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"136d308c-0937-4a49-9bd7-edfb42adbffc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Field Imagery Solution Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Field Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-01T08:16:34.164867Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1af232de-e806-426f-8ca1-c36142449755\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1af232de-e806-426f-8ca1-c36142449755\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge Hardware Center Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an edge order administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-06T15:15:42.539443Z\",\n \"updatedOn\": \"2024-08-06T15:15:42.539443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9295f069-25d0-4f44-bb6a-3da70d11aa00\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9295f069-25d0-4f44-bb6a-3da70d11aa00\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-In Role that has all control plane permissions to work with Azure AI and its dependencies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.ContainerRegistry/registries/*\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.MachineLearningServices/workspaces/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Search/searchServices/write\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Search/searchServices/delete\",\n \"Microsoft.Search/searchServices/indexes/*\",\n \"Microsoft.Search/searchServices/listAdminKeys/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/*\",\n \"Microsoft.DataFactory/factories/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-07T23:50:52.3424998Z\",\n \"updatedOn\": \"2025-04-15T15:19:36.7198543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b78c5d69-af96-48a3-bf8d-a8b4d589de94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b78c5d69-af96-48a3-bf8d-a8b4d589de94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Image Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for reading gallery images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-09T07:40:21.6696134Z\",\n \"updatedOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cf7c76d2-98a3-4358-a134-615aa78bf44d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cf7c76d2-98a3-4358-a134-615aa78bf44d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, logstream and exec into Container Apps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/containerApps/logstream/action\",\n \"Microsoft.App/containerApps/exec/action\",\n \"Microsoft.App/containerApps/debug/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-11-13T16:12:37.8788949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f3bd1b5c-91fa-40e7-afe7-0c11d331232c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f3bd1b5c-91fa-40e7-afe7-0c11d331232c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/*/write\",\n \"Microsoft.App/managedEnvironments/*/delete\",\n \"Microsoft.App/managedEnvironments/*/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/57cc5028-e6a7-4284-868d-0611c5923f8d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"57cc5028-e6a7-4284-868d-0611c5923f8d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/write\",\n \"Microsoft.App/containerApps/*/delete\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.437978Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.437978Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/358470bc-b998-42bd-ab17-a7e34c199c0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"358470bc-b998-42bd-ab17-a7e34c199c0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps managedenvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b32c00b-7eff-4c22-93e6-93d11d72d2d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b32c00b-7eff-4c22-93e6-93d11d72d2d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/managedenvironments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/edd66693-d32a-450b-997d-0158c03976b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"edd66693-d32a-450b-997d-0158c03976b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps sessionpools.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af61e8fc-2633-4b95-bed3-421ad6826515\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af61e8fc-2633-4b95-bed3-421ad6826515\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps jobs, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.App/jobs/write\",\n \"Microsoft.App/jobs/delete\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps SessionPools, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/*/write\",\n \"Microsoft.App/sessionPools/*/delete\",\n \"Microsoft.App/sessionPools/*/action\",\n \"microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7669afb-68b2-44b4-9c5f-6d2a47fddda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7669afb-68b2-44b4-9c5f-6d2a47fddda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Durable Task role for all data access operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"updatedOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ad04412-c4d5-4796-b79c-f76d14c8d402\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ad04412-c4d5-4796-b79c-f76d14c8d402\"\n },\n {\n \"properties\": {\n \"roleName\": \"KubernetesRuntime Load Balancer Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete load balancers in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/loadBalancers/read\",\n \"Microsoft.KubernetesRuntime/loadBalancers/write\",\n \"Microsoft.KubernetesRuntime/loadBalancers/delete\",\n \"Microsoft.KubernetesRuntime/bgpPeers/read\",\n \"Microsoft.KubernetesRuntime/bgpPeers/write\",\n \"Microsoft.KubernetesRuntime/bgpPeers/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesRuntime/locations/operationStatuses/write\",\n \"Microsoft.KubernetesRuntime/services/write\",\n \"Microsoft.KubernetesRuntime/services/delete\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/write\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-26T15:01:39.6821551Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a5682fc-4f12-4b25-927e-e8cfed0c539e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a5682fc-4f12-4b25-927e-e8cfed0c539e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS Orchestrator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource group because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to create the supporting resources in the resource group of the private clouds attached virtual network and bind them to the attached virtual network. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/operationStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Network/virtualHubs/delete\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/networkIntentPolicies/read\",\n \"Microsoft.Network/networkIntentPolicies/delete\",\n \"Microsoft.Network/networkIntentPolicies/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualHubs/write\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/read\",\n \"Microsoft.Network/virtualHubs/bgpConnections/write\",\n \"Microsoft.Network/virtualHubs/bgpConnections/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{d715fb95a0f04f1c8be65ad2d2767f67, 4d97b98b1d4f4787a291c67834d212e7, 49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"updatedOn\": \"2025-02-13T20:38:23.7051408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Connector Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Service Connector.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceLinker/linkers/read\",\n \"Microsoft.ServiceLinker/linkers/delete\",\n \"Microsoft.ServiceLinker/linkers/write\",\n \"Microsoft.ServiceLinker/linkers/listConfigurations/action\",\n \"Microsoft.ServiceLinker/linkers/validateLinker/action\",\n \"Microsoft.ServiceLinker/dryruns/delete\",\n \"Microsoft.ServiceLinker/dryruns/write\",\n \"Microsoft.ServiceLinker/linkers/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/delete\",\n \"Microsoft.ServiceLinker/locations/connectors/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/validate/action\",\n \"Microsoft.ServiceLinker/locations/connectors/write\",\n \"Microsoft.ServiceLinker/locations/dryruns/delete\",\n \"Microsoft.ServiceLinker/locations/dryruns/write\",\n \"Microsoft.ServiceLinker/locations/operationStatuses/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-28T15:23:35.037597Z\",\n \"updatedOn\": \"2025-05-16T03:07:33.2225582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7003cd-07a9-490c-bfa5-23e40314f8d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7003cd-07a9-490c-bfa5-23e40314f8d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Approver Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all resources in Azure Virtual Enclaves and Approve approval requests within the Enclave\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/enclaveConnections/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/communities/communityEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/approvals/initiatorCallback/action\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T15:25:33.0231286Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.356225Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2142ea27-02ad-4094-bfea-2dbac6d24934\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2142ea27-02ad-4094-bfea-2dbac6d24934\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Update Agent\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide full access to all Azure Device Update agent operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"updatedOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a740172-0fc2-4039-972c-b31864cd47d6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a740172-0fc2-4039-972c-b31864cd47d6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Purge Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows permanent deletion of soft-deleted vaults.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/locations/operationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"updatedOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a68e7c17-0ab2-4c09-9a58-125dae29748c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a68e7c17-0ab2-4c09-9a58-125dae29748c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to perform all Face APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"updatedOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, start, and stop Container Apps jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/jobs/logstream/action\",\n \"Microsoft.App/jobs/exec/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"updatedOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) This role allows full access to Azure Operator Nexus Network Cloud resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NetworkCloud/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\"\n },\n {\n \"properties\": {\n \"roleName\": \"CloudTest Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on CloudTest Accounts, CloudTest Pools, 1ES Hosted Pools and 1ES Images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CloudTest/*/read\",\n \"Microsoft.CloudTest/hostedpools/write\",\n \"Microsoft.CloudTest/hostedpools/delete\",\n \"Microsoft.CloudTest/images/write\",\n \"Microsoft.CloudTest/images/delete\",\n \"Microsoft.CloudTest/images/cancel/action\",\n \"Microsoft.CloudTest/images/refresh/action\",\n \"Microsoft.CloudTest/pools/write\",\n \"Microsoft.CloudTest/pools/delete\",\n \"Microsoft.CloudTest/accounts/write\",\n \"Microsoft.CloudTest/accounts/delete\",\n \"Microsoft.CloudTest/pools/leases/action\",\n \"Microsoft.CloudTest/pools/leases/complete/action\",\n \"Microsoft.CloudTest/pools/leases/extend/action\",\n \"Microsoft.CloudTest/hostedpools/leases/action\",\n \"Microsoft.CloudTest/hostedpools/leases/complete/action\",\n \"Microsoft.CloudTest/hostedpools/leases/extend/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2025-08-14T01:17:34.3715766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e9d0bd4-5aab-4f91-92df-9def33fe287c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e9d0bd4-5aab-4f91-92df-9def33fe287c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Automanage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Automanage Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automanage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d6517c1-e434-405c-9f3f-e0ae65085d76\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d6517c1-e434-405c-9f3f-e0ae65085d76\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Bot Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"To perform actions on the bots by copilot studio platform and extensibility team\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.BotService/listAuthServiceProviders/action\",\n \"Microsoft.BotService/listauthserviceproviders/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/read\",\n \"Microsoft.BotService/botServices/write\",\n \"Microsoft.BotService/botServices/delete\",\n \"Microsoft.BotService/botServices/channels/write\",\n \"Microsoft.BotService/botServices/channels/read\",\n \"Microsoft.BotService/botServices/channels/listchannelwithkeys/action\",\n \"Microsoft.BotService/botServices/channels/delete\",\n \"Microsoft.BotService/botServices/channels/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/connections/read\",\n \"Microsoft.BotService/botServices/connections/write\",\n \"Microsoft.BotService/botServices/connections/delete\",\n \"Microsoft.BotService/botServices/connections/listwithsecrets/write\",\n \"Microsoft.BotService/botServices/connections/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/createemailsigninurl/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.BotService/botServices/joinPerimeter/action\",\n \"Microsoft.BotService/botServices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/checknameavailability/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/hostsettings/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/delete\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/delete\",\n \"Microsoft.BotService/listqnamakerendpointkeys/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterConfigurations/reconcile/action\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/delete\",\n \"Microsoft.BotService/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.BotService/botServices/channels/regeneratekeys/action\",\n \"Microsoft.BotService/botServices/Connections/listWithSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-12T05:29:14.6965924Z\",\n \"updatedOn\": \"2025-01-30T16:45:30.6156198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/175b81b9-6e0d-490a-85e4-0d422273c10c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"175b81b9-6e0d-490a-85e4-0d422273c10c\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for all management operations, except purge, for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fe86443c-f201-4fc4-9d2a-ac61149fbda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fe86443c-f201-4fc4-9d2a-ac61149fbda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Managed Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy and manage your Service Fabric Managed Cluster resources. Includes managed clusters, node types, application types, application type versions, applications, and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/managedclusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-17T15:06:28.2939568Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83f80186-3729-438c-ad2d-39e94d718838\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83f80186-3729-438c-ad2d-39e94d718838\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Data Importer and Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to import images into a registry through the registry import operation. Provides the ability to list repositories, view images and tags, get manifests, and pull images. Does not provide permissions for importing images through configuring registry transfer pipelines such as import and export pipelines. Does not provide permissions for importing through configuring Artifact Cache or Sync rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/importImage/action\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-19T02:48:17.8131685Z\",\n \"updatedOn\": \"2025-04-25T08:31:50.8322354Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/577a9874-89fd-4f24-9dbd-b5034d0ad23a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"577a9874-89fd-4f24-9dbd-b5034d0ad23a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Service Orchestration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants the required permissions to Azure Batch Resource Provider to manage compute and other backing resources in the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/read\",\n \"Microsoft.AzureFleet/fleets/write\",\n \"Microsoft.AzureFleet/fleets/read\",\n \"Microsoft.AzureFleet/fleets/delete\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/approveRollingUpgrade/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/deallocate/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete/action\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimage/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimageall/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/restart/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/start/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/extensions/read\",\n \"microsoft.Compute/virtualMachineScaleSets/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualmachines/restart/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Network/networkWatchers/read\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T04:53:47.7198421Z\",\n \"updatedOn\": \"2025-02-12T16:18:23.8859317Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a35466a1-cfd6-450a-b35e-683fcdf30363\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a35466a1-cfd6-450a-b35e-683fcdf30363\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft PowerBI Tenant Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of tenant operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerBI/tenants/workspaces/read\",\n \"Microsoft.PowerBI/tenants/workspaces/delete\",\n \"Microsoft.PowerBI/tenants/read\",\n \"Microsoft.PowerBI/tenants/delete\",\n \"Microsoft.PowerBI/tenants/write\",\n \"Microsoft.PowerBI/tenants/workspaces/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"updatedOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8c87871d-6201-42da-abb1-1c0c985ff71c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8c87871d-6201-42da-abb1-1c0c985ff71c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage your Service Fabric Cluster resources. Includes clusters, application types, application type versions, applications, and services. You will need additional permissions to deploy and manage the cluster's underlying resources such as virtual machine scale sets, storage accounts, networks, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/clusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-01T15:07:22.3648709Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6efc156-f0da-4e90-a50a-8c000140b017\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6efc156-f0da-4e90-a50a-8c000140b017\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6e0c8711-85a0-4490-8365-8ec13c4560b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6e0c8711-85a0-4490-8365-8ec13c4560b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/streamingjobs/Read\",\n \"Microsoft.StreamAnalytics/streamingjobs/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/Read\",\n \"Microsoft.StreamAnalytics/clusters/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/ListStreamingJobs/action\",\n \"Microsoft.StreamAnalytics/locations/*/Read\",\n \"Microsoft.StreamAnalytics/operations/Read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dfc38e8-6ce7-447f-807c-029c65262c5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dfc38e8-6ce7-447f-807c-029c65262c5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Worker\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by worker applications to interact with the Durable Task service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/execute/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-04T12:40:48.3980573Z\",\n \"updatedOn\": \"2025-07-10T20:34:53.5413918Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80d0d6b0-f522-40a4-8886-a5a11720c375\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80d0d6b0-f522-40a4-8886-a5a11720c375\"\n },\n {\n \"properties\": {\n \"roleName\": \"Portal Dashboard Writer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can write an Azure Portal Dashboard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Portal/dashboards/read\",\n \"Microsoft.Portal/dashboards/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-08T15:25:11.3964685Z\",\n \"updatedOn\": \"2025-07-23T23:16:02.9942117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78eacb5e-e318-4560-85a9-e6a724ca60c9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78eacb5e-e318-4560-85a9-e6a724ca60c9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Owner allowing to review and modify Landing Zone Account, Landing Zone Configurations, as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Reader allowing to read Landing Zone Account, Landing Zone Configurations and Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2718b1f7-eb07-424e-8868-0137541392a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2718b1f7-eb07-424e-8868-0137541392a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Windows365.CloudPcDelegatedMsis Writer User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role to perform Write operations on CloudPcDelegatedMsis resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Windows365/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": \"dipakmahajan\",\n \"updatedBy\": \"dipakmahajan\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21bffb94-04c0-4ed0-b676-68bb926e832b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21bffb94-04c0-4ed0-b676-68bb926e832b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Job Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit and manage jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/batchAccounts/applications/read\",\n \"Microsoft.Batch/batchAccounts/applications/versions/read\",\n \"Microsoft.Batch/batchAccounts/pools/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48e5e92e-a480-4e71-aa9c-2778f4c13781\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48e5e92e-a480-4e71-aa9c-2778f4c13781\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources including pools and jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2025-08-07T11:36:35.1603929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11076f67-66f6-4be0-8f6b-f0609fd05cc9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11076f67-66f6-4be0-8f6b-f0609fd05cc9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Batch resources, including Batch accounts, pools and jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2025-08-07T12:06:49.3936883Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29fe4964-1e60-436b-bd3a-77fd4c178b3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29fe4964-1e60-436b-bd3a-77fd4c178b3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to manage Batch pools and jobs but not to modify accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/batchAccounts/read\",\n \"Microsoft.Batch/batchAccounts/applications/*\",\n \"Microsoft.Batch/batchAccounts/certificates/*\",\n \"Microsoft.Batch/batchAccounts/certificateOperationResults/*\",\n \"Microsoft.Batch/batchAccounts/pools/*\",\n \"Microsoft.Batch/batchAccounts/poolOperationResults/*\",\n \"Microsoft.Batch/locations/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aaa78f1-f7de-44ca-8722-c64a23943cae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aaa78f1-f7de-44ca-8722-c64a23943cae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and files. This role is used by the data scanner of Dfender CSPM.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-11-06T16:01:17.0833766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Managed Grafana Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure Managed Grafana resources, without providing access to the workspaces themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/grafana/write\",\n \"Microsoft.Dashboard/grafana/delete\",\n \"Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/action\",\n \"Microsoft.Dashboard/locations/operationStatuses/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/delete\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/write\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/write\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T19:05:56.9094034Z\",\n \"updatedOn\": \"2025-05-16T00:34:45.2747678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows to call data plane APIs, but not any control plane APIs for Microsoft Cognitive Services. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"updatedOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19c28022-e58e-450d-a464-0b2a53034789\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19c28022-e58e-450d-a464-0b2a53034789\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to Container Apps ConnectedEnvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-18T03:26:58.612812Z\",\n \"updatedOn\": \"2024-10-18T03:26:58.612812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd80684d-2f5f-4130-892a-0955546282de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd80684d-2f5f-4130-892a-0955546282de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/nodes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"updatedOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Experiment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, run, and see details for experiments, onboard targets, and manage capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2875737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7c2e40b7-25eb-482a-82cb-78ba06cb46d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7c2e40b7-25eb-482a-82cb-78ba06cb46d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view targets, capabilities, experiments, and experiment details.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:35.5075532Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29e2da8a-229c-4157-8ae8-cc72fc506b74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29e2da8a-229c-4157-8ae8-cc72fc506b74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can run and see details for experiments but cannot create experiments or manage targets and capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:07.6428446Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2476916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a40e87e-6645-48e0-b27a-0b115d849a20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a40e87e-6645-48e0-b27a-0b115d849a20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Connectors Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Connectors resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff478a4e-8633-416e-91bc-ec33ce7c9516\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff478a4e-8633-416e-91bc-ec33ce7c9516\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ConnectedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/connectedEnvironments/*\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/*/write\",\n \"Microsoft.App/connectedEnvironments/*/delete\",\n \"Microsoft.App/connectedEnvironments/*/action\",\n \"Microsoft.App/connectedEnvironments/daprComponents/listSecrets/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f4fe6fc-f04f-4d97-8528-8bc18c848dca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f4fe6fc-f04f-4d97-8528-8bc18c848dca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Contributor and Data Access Configuration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to create, list, and update container registries and registry configuration properties. Provides permissions to configure data access such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/write\",\n \"Microsoft.ContainerRegistry/registries/delete\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/regenerateCredential/action\",\n \"Microsoft.ContainerRegistry/registries/generateCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/write\",\n \"Microsoft.ContainerRegistry/registries/replications/delete\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/delete\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/write\",\n \"Microsoft.ContainerRegistry/registries/tokens/delete\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/write\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/delete\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/write\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/delete\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/deactivate/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/write\",\n \"Microsoft.ContainerRegistry/registries/webhooks/delete\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/ping/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.ContainerRegistry/locations/operationResults/read\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/privateEndpoints/privateLinkServiceProxies/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"updatedOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bc748fc-213d-45c1-8d91-9da5725539b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bc748fc-213d-45c1-8d91-9da5725539b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Health Safeguards Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in all available Health Safeguards\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalAnchoring/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalCodesValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalConflictDetection/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalEvidenceVerification/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalProvenance/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalSemanticValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/DetectHallucinationsAndOmissions/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/HealthAdaptedFiltering/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-25T13:47:32.4836018Z\",\n \"updatedOn\": \"2024-12-09T16:09:07.9062467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/566f0da3-e2a5-4393-9089-763f8bab8fb6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"566f0da3-e2a5-4393-9089-763f8bab8fb6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Configuration Reader and Data Access Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to list container registries and registry configuration properties. Provides permissions to list data access configuration such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"updatedOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69b07be0-09bf-439a-b9a6-e73de851bd59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69b07be0-09bf-439a-b9a6-e73de851bd59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Transfer Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to transfer, import, and export artifacts through configuring registry transfer pipelines that involve intermediary storage accounts and key vaults. Does not provide permissions to push or pull images. Does not provide permissions to create, manage, or list storage accounts or key vaults. Does not provide permissions to perform role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/exportPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/read\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/write\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"updatedOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization App Attach Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to manage app attach resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/write\",\n \"Microsoft.DesktopVirtualization/appattachpackages/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"updatedOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/97dfb3ce-e936-462c-9425-9cdb67e66d45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"97dfb3ce-e936-462c-9425-9cdb67e66d45\"\n },\n {\n \"properties\": {\n \"roleName\": \"HybridCompute Machine ListAccessDetails Action In-Built Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"In-Built Role definition that grants permissions to execute the listAccessDetails action on HybridCompute Machines\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/listAccessDetails/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-08T16:19:16.7242676Z\",\n \"updatedOn\": \"2025-03-12T16:00:45.5699939Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9701b4d-e6e7-4657-91cd-360a0881d224\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9701b4d-e6e7-4657-91cd-360a0881d224\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage App Service Environments but not the App Service Plans or Websites that it hosts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Web/hostingEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"updatedOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Subscription Level Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud subscription level permissions needed to activate Containers plan\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-14T10:01:45.877748Z\",\n \"updatedOn\": \"2024-12-12T11:16:08.7763533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ada52afe-776a-4b4d-a8f2-55670d3d8178\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ada52afe-776a-4b4d-a8f2-55670d3d8178\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quantum Workspace Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Quantum/Workspaces/read\",\n \"Microsoft.Quantum/locations/offerings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Quantum/Workspaces/jobs/read\",\n \"Microsoft.Quantum/Workspaces/jobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"updatedOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1410b24-3e69-4857-8f86-4d0a2e603250\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1410b24-3e69-4857-8f86-4d0a2e603250\"\n },\n {\n \"properties\": {\n \"roleName\": \"Communication and Email Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete Communications and Email Service resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Communication/CheckNameAvailability/action\",\n \"Microsoft.Communication/Locations/OperationStatuses/read\",\n \"Microsoft.Communication/Locations/OperationStatuses/write\",\n \"Microsoft.Communication/Operations/read\",\n \"Microsoft.Communication/CommunicationServices/read\",\n \"Microsoft.Communication/CommunicationServices/write\",\n \"Microsoft.Communication/CommunicationServices/delete\",\n \"Microsoft.Communication/CommunicationServices/ListKeys/action\",\n \"Microsoft.Communication/CommunicationServices/RegenerateKey/action\",\n \"Microsoft.Communication/CommunicationServices/LinkNotificationHub/action\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/read\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/write\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/delete\",\n \"Microsoft.Communication/EmailServices/read\",\n \"Microsoft.Communication/EmailServices/write\",\n \"Microsoft.Communication/EmailServices/delete\",\n \"Microsoft.Communication/EmailServices/Domains/read\",\n \"Microsoft.Communication/EmailServices/Domains/write\",\n \"Microsoft.Communication/EmailServices/Domains/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/read\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/write\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/delete\",\n \"Microsoft.Communication/EmailServices/Domains/InitiateVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/CancelVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"updatedOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/09976791-48a7-449e-bb21-39d1a415f350\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"09976791-48a7-449e-bb21-39d1a415f350\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Autonomous Database Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Autonomous Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/autonomousDatabases/*/read\",\n \"Oracle.Database/autonomousDatabases/*/write\",\n \"Oracle.Database/autonomousDatabases/*/delete\",\n \"Oracle.Database/autonomousDatabases/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-03T16:00:22.0003479Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59c05558-2358-462d-ba19-afbd7118936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59c05558-2358-462d-ba19-afbd7118936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Safety Evaluator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can perform all actions under workspace evaluations and simulations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/evaluations/*\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"updatedOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11102f94-c441-49e6-a78b-ef80e0188abc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11102f94-c441-49e6-a78b-ef80e0188abc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Tasks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to configure, read, list, trigger, or cancel Container Registry Tasks, Task Runs, Task Logs, Quick Runs, Quick Builds, and Task Agent Pools. Permissions granted for Tasks management can be used for full registry data plane permissions including reading/writing/deleting container images in registries. Permissions granted for Tasks management can also be used to run customer authored build directives and run scripts to build software artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/agentpools/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/write\",\n \"Microsoft.ContainerRegistry/registries/agentpools/delete\",\n \"Microsoft.ContainerRegistry/registries/agentpools/listQueueStatus/action\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationResults/status/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/write\",\n \"Microsoft.ContainerRegistry/registries/tasks/delete\",\n \"Microsoft.ContainerRegistry/registries/tasks/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/scheduleRun/action\",\n \"Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/read\",\n \"Microsoft.ContainerRegistry/registries/runs/write\",\n \"Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/cancel/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/read\",\n \"Microsoft.ContainerRegistry/registries/taskruns/write\",\n \"Microsoft.ContainerRegistry/registries/taskruns/delete\",\n \"Microsoft.ContainerRegistry/registries/taskruns/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/operationStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"updatedOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb382eab-e894-4461-af04-94435c366c3f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb382eab-e894-4461-af04-94435c366c3f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Backup Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permissions to backup identity to manage RPC snapshots\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/restorePointCollections/read\",\n \"Microsoft.Compute/restorePointCollections/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T12:02:58.1197573Z\",\n \"updatedOn\": \"2025-03-17T15:14:48.6639401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/afc680e2-a938-412d-b213-9a49efa7fb83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"afc680e2-a938-412d-b213-9a49efa7fb83\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS on Fleet VIS Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to inject address prefix changes of the private clouds attached virtual network to SDN and support peering sync feature. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.BareMetal/peeringSettings/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Authorization/roleAssignments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2025-01-13T16:06:06.5931961Z\",\n \"updatedOn\": \"2025-06-11T06:31:53.4195138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49fc33c1-886f-4b21-a00e-1d9993234734\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49fc33c1-886f-4b21-a00e-1d9993234734\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Management Copilot User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables users access to Edge Management Copilot.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeManagement/locations/chat/action\",\n \"Microsoft.EdgeManagement/troubleshoot/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T02:53:10.7767692Z\",\n \"updatedOn\": \"2025-09-01T15:03:56.0546394Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53e48117-a530-4075-bcbe-d91913e3bdb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53e48117-a530-4075-bcbe-d91913e3bdb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all Durable Task Scheduler data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/read\",\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T21:39:28.7653514Z\",\n \"updatedOn\": \"2025-07-10T20:34:54.3629229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Edge Machine Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Edge Machine Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"updatedOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a6f9009-515c-4455-b170-143e4c9ce229\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a6f9009-515c-4455-b170-143e4c9ce229\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\",\n \"Microsoft.OnlineExperimentation/workspaces/write\",\n \"Microsoft.OnlineExperimentation/workspaces/delete\",\n \"Microsoft.OnlineExperimentation/workspaces/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.7573167Z\",\n \"updatedOn\": \"2025-02-14T17:38:48.3796504Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53747cdd-e97c-477a-948c-b587d0e514b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53747cdd-e97c-477a-948c-b587d0e514b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"updatedOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1363e94d-546f-4fe9-8434-b0eefb292d59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1363e94d-546f-4fe9-8434-b0eefb292d59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Target Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard targets and manage capabilities but cannot create, run, or see details for experiments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"updatedOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59a618e3-3c9a-406e-9f03-1a20dd1c55f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59a618e3-3c9a-406e-9f03-1a20dd1c55f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Auto Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Auto Actions resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/OperationStatuses/write\",\n \"Microsoft.ComputeSchedule/autoActions/write\",\n \"Microsoft.ComputeSchedule/autoActions/delete\",\n \"Microsoft.ComputeSchedule/autoActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/disable/action\",\n \"Microsoft.ComputeSchedule/autoActions/enable/action\",\n \"Microsoft.ComputeSchedule/autoActions/listResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/listResources/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"updatedOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d01690-9418-4783-8ca2-9f0f1791783d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d01690-9418-4783-8ca2-9f0f1791783d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Onboarding Discovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write or delete the discovery and it's child resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DeviceOnboarding/discoveryServices/*\",\n \"Microsoft.DeviceOnboarding/locations/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"updatedOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a227fb39-f479-404b-96fd-0176f5d88ab4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a227fb39-f479-404b-96fd-0176f5d88ab4\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:00:59.904969Z\",\n \"updatedOn\": \"2025-02-24T16:00:59.904969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31ef6312-5b0c-4ce9-8c5d-587a91344fe7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31ef6312-5b0c-4ce9-8c5d-587a91344fe7\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\",\n \"Microsoft.Compute/sshpublickeys/write\",\n \"Microsoft.Compute/sshpublickeys/delete\",\n \"Microsoft.Compute/sshpublickeys/generatekeypair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"updatedOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Agent Pool Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for agentpool related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/write\",\n \"Microsoft.ContainerService/managedClusters/agentPools/delete\",\n \"Microsoft.ContainerService/managedClusters/agentPools/upgradeNodeImageVersion/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/abort/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"updatedOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b7f3653-4324-473a-9165-bc55e4d04ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b7f3653-4324-473a-9165-bc55e4d04ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Serverless Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Serverless resources and thier connections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.web/sites/publish/action\",\n \"microsoft.web/sites/slots/publish/action\",\n \"microsoft.web/sites/config/list/action\",\n \"microsoft.web/sites/slots/config/list/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T09:38:08.4219917Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ac31b4-936a-4046-a6d2-ba6f8a757bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ac31b4-936a-4046-a6d2-ba6f8a757bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dedicated Host Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for DedicatedHosts Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/hostGroups/read\",\n \"Microsoft.Compute/hostGroups/write\",\n \"Microsoft.Compute/hostGroups/delete\",\n \"Microsoft.Compute/hostGroups/hosts/read\",\n \"Microsoft.Compute/hostGroups/hosts/write\",\n \"Microsoft.Compute/hostGroups/hosts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Fleet Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Compute Fleet resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureFleet/fleets/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2bed379c-9fba-455b-99e4-6b911073bcf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2bed379c-9fba-455b-99e4-6b911073bcf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Credential Access Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane get credentials operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/getCredentials/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"updatedOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1df7cd83-1d3f-41df-95b0-53b30d963369\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1df7cd83-1d3f-41df-95b0-53b30d963369\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Federated Identity Credential Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity Federated Identity Credentials(FIC)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"updatedOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e559ce2-48d7-4b27-9128-fa1b247f1308\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e559ce2-48d7-4b27-9128-fa1b247f1308\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides full access to manage all Azure File Sync (Storage Sync Service) resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/register/action\",\n \"Microsoft.StorageSync/unregister/action\",\n \"Microsoft.StorageSync/locations/*\",\n \"Microsoft.StorageSync/deployments/preflight/action\",\n \"Microsoft.StorageSync/storageSyncServices/*\",\n \"Microsoft.StorageSync/operations/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:11:32.1254077Z\",\n \"updatedOn\": \"2025-05-21T16:06:38.6938985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92b92042-07d9-4307-87f7-36a593fc5850\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to Azure File Sync service (Storage Sync Service).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:26:47.840119Z\",\n \"updatedOn\": \"2025-03-27T21:26:47.840119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/754c1a27-40dc-4708-8ad4-2bffdeee09e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"754c1a27-40dc-4708-8ad4-2bffdeee09e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Cluster API Provider\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions to allow cluster API to manage nodes, networks and disks for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-28T17:59:48.0497955Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5098891Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88366f10-ed47-4cc0-9fab-c8a06148393e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88366f10-ed47-4cc0-9fab-c8a06148393e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions for all management operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"updatedOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c7a01fe-5518-4a42-93c2-658e45441691\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c7a01fe-5518-4a42-93c2-658e45441691\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale Storage Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale Storage Vaults\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exascaleDbStorageVaults/write\",\n \"Oracle.Database/exascaleDbStorageVaults/delete\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3733644Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2643111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a00ed373-f085-4b75-a950-53eacdc52ac0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a00ed373-f085-4b75-a950-53eacdc52ac0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"updatedOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58b80de8-4b34-424c-9e47-23faf0f7cfe2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58b80de8-4b34-424c-9e47-23faf0f7cfe2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Flux Configurations Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Flux Configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/write\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/delete\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"updatedOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61eb6405-5f4a-440b-ad03-fe06c5c85e44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61eb6405-5f4a-440b-ad03-fe06c5c85e44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Issue Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all issues data and update issues settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AlertsManagement/Issues/*\",\n \"microsoft.monitor/accounts/issues/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:12.3898424Z\",\n \"updatedOn\": \"2025-08-08T06:45:21.8923687Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d7ecc5c-f27b-43cf-883f-46409d445502\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d7ecc5c-f27b-43cf-883f-46409d445502\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Credential Sets in Container Registry. This role doesn't affect the needed permissions for storing content inside Azure Key Vault. This role also doesn't grant permissions to manage Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/write\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/delete\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f094fb07-0703-4400-ad6a-e16dd8000e14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f094fb07-0703-4400-ad6a-e16dd8000e14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale VmCluster Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale VmClusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/exadbVmClusters/*/write\",\n \"Oracle.Database/exadbVmClusters/*/delete\",\n \"Oracle.Database/exadbVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0869d06d-e3d1-4472-8764-1bb71b2bdaf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0869d06d-e3d1-4472-8764-1bb71b2bdaf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Credential Sets in Container Registry. This permission doesn't allow permission to see content inside Azure Key vault only the content inside Container Registry. This permission doesn't grant permission to read Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29093635-9924-4f2c-913b-650a12949526\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29093635-9924-4f2c-913b-650a12949526\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Cache Rules in Container Registry. This permission doesn't grant permission to read Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c357b964-0002-4b64-a50d-7a28f02edc52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c357b964-0002-4b64-a50d-7a28f02edc52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Cache Rules in Container Registry. This role doesn't grant permissions to manage Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/write\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/delete\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df87f177-bb12-4db1-9793-a413691eff94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df87f177-bb12-4db1-9793-a413691eff94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Account resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/accounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2593f4c7-8bf4-4fff-9804-2ee069b41902\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2593f4c7-8bf4-4fff-9804-2ee069b41902\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Enterprise Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Enterprise Policy resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/enterprisePolicies/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/babe7770-cdbc-4f46-9bd7-b90b34842946\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"babe7770-cdbc-4f46-9bd7-b90b34842946\"\n },\n {\n \"properties\": {\n \"roleName\": \"Usage Billing Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.UsageBilling/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/33cdeeac-0940-4f85-9317-7e2432c17289\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"33cdeeac-0940-4f85-9317-7e2432c17289\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Solution External Validator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to fetch targets, solution templates, solutions and update the external validation status\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/targets/read\",\n \"Microsoft.Edge/solutionTemplates/read\",\n \"Microsoft.Edge/solutionTemplates/versions/read\",\n \"Microsoft.Edge/targets/solutions/versions/read\",\n \"Microsoft.Edge/targets/updateExternalValidationStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db9875ba-bd2b-4e98-934d-0daa549a07f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db9875ba-bd2b-4e98-934d-0daa549a07f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Project Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/accounts/*/read\",\n \"Microsoft.CognitiveServices/accounts/projects/*\",\n \"Microsoft.CognitiveServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.5915009Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eadc314b-1a2d-4efa-be10-5d325db5065e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Dashboards with Grafana Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage dashboards with Grafana.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/dashboards/read\",\n \"Microsoft.Dashboard/dashboards/write\",\n \"Microsoft.Dashboard/dashboards/delete\",\n \"Microsoft.Dashboard/locations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"updatedOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0618ae3d-2930-4bb7-aa00-718db34ee9f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0618ae3d-2930-4bb7-aa00-718db34ee9f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage AI projects and accounts. Grants conditional assignment of the Azure AI User role to other user principles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-05-01T00:11:10.589501Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.589501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e47c6f54-e4a2-4754-9501-8e0985b135e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e47c6f54-e4a2-4754-9501-8e0985b135e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Secrets Store Extension Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, create and modify secretsync and secretproviderclass objects. Register and deregister the provider from the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecretSyncController/register/action\",\n \"Microsoft.SecretSyncController/unregister/action\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/read\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/write\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/delete\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/read\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/write\",\n \"Microsoft.SecretSyncController/operations/read\",\n \"Microsoft.SecretSyncController/secretSyncs/read\",\n \"Microsoft.SecretSyncController/secretSyncs/write\",\n \"Microsoft.SecretSyncController/secretSyncs/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"updatedOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c227a58-cff3-4b51-9fa3-51bdafb6ca55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c227a58-cff3-4b51-9fa3-51bdafb6ca55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants reader access to AI projects, reader access to AI accounts, and data actions for an AI project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"updatedOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53ca6127-db72-4b80-b1b0-d745d6d5456d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53ca6127-db72-4b80-b1b0-d745d6d5456d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Control Plane Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables the control plane operator to read resources necessary for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.113071Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.113071Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0ff367d-66d8-445e-917c-583feb0ef0d4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0ff367d-66d8-445e-917c-583feb0ef0d4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Azure resources needed by Azure Kubernetes Fleet Manager hub agents.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/trafficManagerProfiles/read\",\n \"Microsoft.Network/trafficManagerProfiles/write\",\n \"Microsoft.Network/trafficManagerProfiles/delete\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/read\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/write\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-05T15:00:30.7938727Z\",\n \"updatedOn\": \"2025-05-23T17:06:06.3537994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de2b316d-7a2c-4143-b4cd-c148f6a355a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de2b316d-7a2c-4143-b4cd-c148f6a355a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration IT Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to manage the IT Admin operations for Workload Orchestration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/eventGridFilters/delete\",\n \"Microsoft.Edge/contexts/eventGridFilters/read\",\n \"Microsoft.Edge/contexts/eventGridFilters/write\",\n \"Microsoft.Edge/contexts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"updatedOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63304235-eaf4-4c15-8e93-46c483611231\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63304235-eaf4-4c15-8e93-46c483611231\"\n },\n {\n \"properties\": {\n \"roleName\": \"Arc Gateway Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Arc Gateway Resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-08T18:19:27.614475Z\",\n \"updatedOn\": \"2025-05-08T18:19:27.614475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6e92014-8af2-414d-9948-9b1abf559285\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6e92014-8af2-414d-9948-9b1abf559285\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Machine Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for machine related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/deleteMachines/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"updatedOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e253927-1f29-4d89-baa2-c3a549eff423\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e253927-1f29-4d89-baa2-c3a549eff423\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/DevicePools/read\",\n \"Microsoft.AzureStackHCI/DevicePools/ClaimDevices/action\",\n \"Microsoft.AzureStackHCI/DevicePools/ReleaseDevices/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:48.828656Z\",\n \"updatedOn\": \"2025-05-15T08:48:48.828656Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adc3c795-c41e-4a89-a478-0b321783324c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adc3c795-c41e-4a89-a478-0b321783324c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/Read/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/Jobs/Read/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"updatedOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5f569efd-4da5-4123-99cd-d42fbb2a836e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5f569efd-4da5-4123-99cd-d42fbb2a836e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all monitoring data, update permissions for monitoring settings and permissions to deploy and remediate Azure Monitor alert policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PolicyInsights/remediations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"updatedOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47be4a87-7950-4631-9daf-b664a405f074\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47be4a87-7950-4631-9daf-b664a405f074\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for a file or Azure file share that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"updatedOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage table that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"updatedOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/965033a5-c8eb-4f35-b82f-fef460a3606d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"965033a5-c8eb-4f35-b82f-fef460a3606d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage queue that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"updatedOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ee386e9-84f0-448e-80a6-f185f6533131\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ee386e9-84f0-448e-80a6-f185f6533131\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteCreate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDelete/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-23T15:34:55.7571301Z\",\n \"updatedOn\": \"2025-06-06T16:43:20.1338695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6fbca9a8-3561-41fd-8b20-6576043c1076\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6fbca9a8-3561-41fd-8b20-6576043c1076\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Machine Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Machine Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/delete\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/delete\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\",\n \"Microsoft.HybridCompute/machines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-28T15:24:16.9803048Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.7881209Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"AI Model Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for AI access to AI services and resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/versions/read\",\n \"Microsoft.MachineLearningServices/workspaces/datastores/read\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/artifacts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-11T15:26:11.6009304Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9beb50-e28c-4879-8472-24c9d328085f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9beb50-e28c-4879-8472-24c9d328085f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to read Azure Kubernetes Service namespace resources. In-cluster namespace access further requires assignment of Azure Kubernetes Service RBAC roles to the namespace resource for an Entra ID enabled cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/listCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"updatedOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9f76ca8-b262-4b10-8ed2-09cf0948aa35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9f76ca8-b262-4b10-8ed2-09cf0948aa35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Azure Kubernetes Service namespace resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"updatedOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/289d8817-ee69-43f1-a0af-43a45505b488\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"289d8817-ee69-43f1-a0af-43a45505b488\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))\"\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4834641Z\",\n \"updatedOn\": \"2025-07-03T17:24:32.4630198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c6569b6-f23e-4295-9b90-bd4cc4ff3292\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevOps Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on Managed DevOps Pools\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevOpsInfrastructure/register/action\",\n \"Microsoft.DevOpsInfrastructure/unregister/action\",\n \"Microsoft.DevOpsInfrastructure/*/read\",\n \"Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write\",\n \"Microsoft.DevOpsInfrastructure/pools/write\",\n \"Microsoft.DevOpsInfrastructure/pools/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4784655Z\",\n \"updatedOn\": \"2025-07-17T00:34:35.8546315Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76153a9e-0edb-49bc-8e01-93c47e6b5180\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view billing information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"updatedOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/32c34659-0f83-4a4c-80f2-63a244f8ae0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"32c34659-0f83-4a4c-80f2-63a244f8ae0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view sensitive security information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"updatedOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Edge Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role for managing operations in azure stack edge\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/downloadUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/generateCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/getExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/installUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/listDCAccessCode/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/scanForUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/update/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/uploadCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"updatedOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12b8206a-0216-4469-908d-a3e2025fe085\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12b8206a-0216-4469-908d-a3e2025fe085\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grounding with Bing User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enable Approved Microsoft Applications to connect to Bing to retrieve and ground responses using real-time data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Bing/accounts/useGrounding/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T15:16:52.842097Z\",\n \"updatedOn\": \"2025-06-25T15:16:52.842097Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2016c9ed-c18d-4120-93d7-178e583efe92\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2016c9ed-c18d-4120-93d7-178e583efe92\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Advisor Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission to delete and write access for suppressions, configurations and assmessments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/suppressions/write\",\n \"Microsoft.Advisor/suppressions/delete\",\n \"Microsoft.Advisor/recommendations/suppressions/write\",\n \"Microsoft.Advisor/recommendations/suppressions/delete\",\n \"Microsoft.Advisor/assessments/write\",\n \"Microsoft.Advisor/configurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T19:21:21.1733164Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.2108089Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a41f41-6dce-4ea7-8a34-8e095ddba55c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a41f41-6dce-4ea7-8a34-8e095ddba55c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Resource Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Resource Admin\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"updatedOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/548d7e7c-65ee-412b-ae37-2dbb419d4207\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"548d7e7c-65ee-412b-ae37-2dbb419d4207\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Bulk Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to perform bulk operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/bulkOperator/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/bulkOperator/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"updatedOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Administrator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/checkNameAvailability/action\",\n \"Microsoft.Discovery/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830}))\"\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-23T16:53:36.843759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a2b6e6c-472e-4b39-8878-a26eb63d75c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a2b6e6c-472e-4b39-8878-a26eb63d75c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants readonly permissions to view Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bb7c424-af4e-436b-bfcc-8779c8934c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bb7c424-af4e-436b-bfcc-8779c8934c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view and operate on most Discovery platform resources, including workspaces, supercomputers, storages, agents, bookshelves, data containers, models, tools, workflows, and investigations, as well as perform data plane actions, but does not allow creating, updating, or deleting core resources such as workspaces, supercomputers, storages, bookshelves, node pools, or projects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Discovery/workspaces/read\",\n \"Microsoft.Discovery/supercomputers/read\",\n \"Microsoft.Discovery/storages/read\",\n \"Microsoft.Discovery/agents/*\",\n \"Microsoft.Discovery/bookshelves/read\",\n \"Microsoft.Discovery/dataContainers/*\",\n \"Microsoft.Discovery/dataContainers/dataAssets/*\",\n \"Microsoft.Discovery/models/*\",\n \"Microsoft.Discovery/supercomputers/nodePools/read\",\n \"Microsoft.Discovery/tools/*\",\n \"Microsoft.Discovery/workflows/*\",\n \"Microsoft.Discovery/workspaces/projects/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.Discovery/workspaces/write\",\n \"Microsoft.Discovery/workspaces/delete\",\n \"Microsoft.Discovery/supercomputers/write\",\n \"Microsoft.Discovery/supercomputers/delete\",\n \"Microsoft.Discovery/storages/write\",\n \"Microsoft.Discovery/storages/delete\",\n \"Microsoft.Discovery/bookshelves/write\",\n \"Microsoft.Discovery/bookshelves/delete\",\n \"Microsoft.Discovery/supercomputers/nodePools/write\",\n \"Microsoft.Discovery/supercomputers/nodePools/delete\",\n \"Microsoft.Discovery/workspaces/projects/write\",\n \"Microsoft.Discovery/workspaces/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2814036Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/01288891-85ee-45a7-b367-9db3b752fc65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"01288891-85ee-45a7-b367-9db3b752fc65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, edit and delete AIO resources. Manage all resources, including instance and its downstream resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DeviceRegistry/Assets/*\",\n \"Microsoft.DeviceRegistry/AssetEndpointProfiles/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Assets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Devices/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredAssets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredDevices/*\",\n \"Microsoft.DeviceRegistry/SchemaRegistries/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T19:55:14.5761643Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"User can Azure arc connect and deploy Azure IoT Operations securely.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.DeviceRegistry/register/action\",\n \"Microsoft.DeviceRegistry/schemaRegistries/read\",\n \"Microsoft.DeviceRegistry/schemaRegistries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/*/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T20:10:17.4373209Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write connectors and have basic customer permissions like reading authorizations, alert rules and resourceGroups\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"updatedOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c459b115-f629-486b-b359-35feb5568b83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c459b115-f629-486b-b359-35feb5568b83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Virtual Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"updatedOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1abf4029-2200-4343-800c-e4c4c01eddbd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1abf4029-2200-4343-800c-e4c4c01eddbd\"\n },\n {\n \"properties\": {\n \"roleName\": \"NginxPlus Contributor service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Nginx.NginxPlus Control Plane operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NGINX.NGINXPLUS/register/action\",\n \"NGINX.NGINXPLUS/unregister/action\",\n \"NGINX.NGINXPLUS/locations/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Delete\",\n \"NGINX.NGINXPLUS/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-11T15:44:56.6598995Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.5007488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61aed14c-6c9a-4ed5-aa44-49fc5e96a167\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61aed14c-6c9a-4ed5-aa44-49fc5e96a167\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure CosmosDB Fleets and related child resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/fleets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/35ffec73-9cb8-4593-8718-40d5bc4b7f6f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"35ffec73-9cb8-4593-8718-40d5bc4b7f6f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Apis contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows all actions on healthcareapis provider resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HealthcareApis/services/*\",\n \"Microsoft.HealthcareApis/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29f61507-bdfb-4987-b629-20033be2d6c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29f61507-bdfb-4987-b629-20033be2d6c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Datadog Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Datadog Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Datadog/register/action\",\n \"Microsoft.Datadog/unregister/action\",\n \"Microsoft.Datadog/agreements/read\",\n \"Microsoft.Datadog/agreements/write\",\n \"Microsoft.Datadog/locations/read\",\n \"Microsoft.Datadog/locations/operationStatuses/read\",\n \"Microsoft.Datadog/locations/operationStatuses/write\",\n \"Microsoft.Datadog/monitors/read\",\n \"Microsoft.Datadog/monitors/write\",\n \"Microsoft.Datadog/monitors/delete\",\n \"Microsoft.Datadog/monitors/listApiKeys/action\",\n \"Microsoft.Datadog/monitors/getDefaultKey/action\",\n \"Microsoft.Datadog/monitors/setDefaultKey/action\",\n \"Microsoft.Datadog/monitors/refreshSetPasswordLink/action\",\n \"Microsoft.Datadog/monitors/listLinkedResources/action\",\n \"Microsoft.Datadog/monitors/listHosts/read\",\n \"Microsoft.Datadog/monitors/listLinkedResources/read\",\n \"Microsoft.Datadog/monitors/listMonitoredResources/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/read\",\n \"Microsoft.Datadog/monitors/tagRules/read\",\n \"Microsoft.Datadog/monitors/tagRules/write\",\n \"Microsoft.Datadog/registeredSubscriptions/read\",\n \"Microsoft.Datadog/subscriptionStatuses/read\",\n \"Microsoft.Datadog/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3027767Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81b67e46-ef5b-4404-bddd-090985bb4a28\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81b67e46-ef5b-4404-bddd-090985bb4a28\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Elastic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Elastic/getOrganizationApiKey/action\",\n \"Microsoft.Elastic/checkNameAvailability/action\",\n \"Microsoft.Elastic/register/action\",\n \"Microsoft.Elastic/locations/read\",\n \"Microsoft.Elastic/locations/operationStatuses/read\",\n \"Microsoft.Elastic/locations/operationStatuses/write\",\n \"Microsoft.Elastic/monitors/read\",\n \"Microsoft.Elastic/monitors/write\",\n \"Microsoft.Elastic/monitors/delete\",\n \"Microsoft.Elastic/monitors/listMonitoredResources/action\",\n \"Microsoft.Elastic/monitors/listVMHost/action\",\n \"Microsoft.Elastic/monitors/createOrUpdateExternalUser/action\",\n \"Microsoft.Elastic/monitors/listAllTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/listAssociatedTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/createAndAssociateIPFilter/action\",\n \"Microsoft.Elastic/monitors/createAndAssociatePLFilter/action\",\n \"Microsoft.Elastic/monitors/associateTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachAndDeleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/deleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/listUpgradableVersions/action\",\n \"Microsoft.Elastic/monitors/getBillingInfo/action\",\n \"Microsoft.Elastic/monitors/listConnectedPartnerResources/action\",\n \"Microsoft.Elastic/monitors/upgrade/action\",\n \"Microsoft.Elastic/monitors/vmIngestionDetails/action\",\n \"Microsoft.Elastic/monitors/vmCollectionUpdate/action\",\n \"Microsoft.Elastic/monitors/listDeploymentInfo/action\",\n \"Microsoft.Elastic/monitors/resubscribe/action\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/read\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/getStatus/action\",\n \"Microsoft.Elastic/monitors/tagRules/read\",\n \"Microsoft.Elastic/monitors/tagRules/write\",\n \"Microsoft.Elastic/registeredSubscriptions/read\",\n \"Microsoft.Elastic/elasticVersions/read\",\n \"Microsoft.Elastic/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3017765Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.4997487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d68eeb8d-afae-4932-a331-203b7957e509\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d68eeb8d-afae-4932-a331-203b7957e509\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Elastic resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Elastic/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/225efd4d-4ca0-42a1-ae53-5f233ba23c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"225efd4d-4ca0-42a1-ae53-5f233ba23c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Newrelic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Newrelic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NewRelic.Observability/register/action\",\n \"NewRelic.Observability/unregister/action\",\n \"NewRelic.Observability/accounts/read\",\n \"NewRelic.Observability/plans/read\",\n \"NewRelic.Observability/organizations/read\",\n \"NewRelic.Observability/locations/read\",\n \"NewRelic.Observability/locations/operationStatuses/read\",\n \"NewRelic.Observability/locations/operationStatuses/write\",\n \"NewRelic.Observability/monitors/read\",\n \"NewRelic.Observability/monitors/write\",\n \"NewRelic.Observability/monitors/delete\",\n \"NewRelic.Observability/monitors/monitoredResources/action\",\n \"NewRelic.Observability/monitors/vmHostPayloads/action\",\n \"NewRelic.Observability/monitors/listAppServices/action\",\n \"NewRelic.Observability/monitors/listHosts/action\",\n \"NewRelic.Observability/monitors/refreshIngestionKey/action\",\n \"NewRelic.Observability/monitors/getMetricRules/action\",\n \"NewRelic.Observability/monitors/getMetricStatus/action\",\n \"NewRelic.Observability/monitors/switchBilling/action\",\n \"NewRelic.Observability/monitors/latestLinkedSaaS/action\",\n \"NewRelic.Observability/monitors/linkSaaS/action\",\n \"NewRelic.Observability/monitors/resubscribe/action\",\n \"NewRelic.Observability/monitors/getBillingInfo/action\",\n \"NewRelic.Observability/monitors/listConnectedPartnerResources/action\",\n \"NewRelic.Observability/monitors/listLinkedResources/action\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/read\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/write\",\n \"NewRelic.Observability/monitors/tagRules/read\",\n \"NewRelic.Observability/monitors/tagRules/write\",\n \"NewRelic.Observability/registeredSubscriptions/read\",\n \"NewRelic.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a60da355-bdec-443f-8d42-a03f0422f04d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a60da355-bdec-443f-8d42-a03f0422f04d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Enrollments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the creation and modification of policy enrollments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T16:55:07.415008Z\",\n \"updatedOn\": \"2025-07-16T16:55:07.415008Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/285ce6d6-fa11-43bd-94ef-42a9b3740bfd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"285ce6d6-fa11-43bd-94ef-42a9b3740bfd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dynatrace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dynatrace Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Dynatrace.Observability/checkNameAvailability/action\",\n \"Dynatrace.Observability/register/action\",\n \"Dynatrace.Observability/unregister/action\",\n \"Dynatrace.Observability/getMarketplaceSaaSResourceDetails/action\",\n \"Dynatrace.Observability/locations/read\",\n \"Dynatrace.Observability/locations/operationStatuses/read\",\n \"Dynatrace.Observability/locations/operationStatuses/write\",\n \"Dynatrace.Observability/monitors/read\",\n \"Dynatrace.Observability/monitors/write\",\n \"Dynatrace.Observability/monitors/delete\",\n \"Dynatrace.Observability/monitors/listMonitoredResources/action\",\n \"Dynatrace.Observability/monitors/getVMHostPayload/action\",\n \"Dynatrace.Observability/monitors/listHosts/action\",\n \"Dynatrace.Observability/monitors/listAppServices/action\",\n \"Dynatrace.Observability/monitors/getSSODetails/action\",\n \"Dynatrace.Observability/monitors/listLinkableEnvironments/action\",\n \"Dynatrace.Observability/monitors/getMetricStatus/action\",\n \"Dynatrace.Observability/monitors/manageAgentInstallation/action\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/read\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/read\",\n \"Dynatrace.Observability/monitors/tagRules/read\",\n \"Dynatrace.Observability/monitors/tagRules/write\",\n \"Dynatrace.Observability/registeredSubscriptions/read\",\n \"Dynatrace.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-17T04:54:12.9049103Z\",\n \"updatedOn\": \"2025-08-01T11:55:53.7346372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa96a588-3fac-4adb-bfb2-f8404ece07e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa96a588-3fac-4adb-bfb2-f8404ece07e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.OffAzureSpringBoot Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Microsoft.OffAzureSpringBoot Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OffAzureSpringBoot/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-18T10:13:03.6807059Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79732128-7761-4733-aebf-35590da9f29b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79732128-7761-4733-aebf-35590da9f29b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexus network fabric resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.ManagedNetworkFabric/*/action\",\n \"Microsoft.ManagedNetworkFabric/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/46c70067-0f50-457f-8137-2449c90de518\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"46c70067-0f50-457f-8137-2449c90de518\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Identity Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexusidentity resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NexusIdentity/*/read\",\n \"Microsoft.NexusIdentity/*/write\",\n \"Microsoft.NexusIdentity/*/action\",\n \"Microsoft.NexusIdentity/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/374a1cc6-96cb-4946-8d8b-a41054c8ae97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"374a1cc6-96cb-4946-8d8b-a41054c8ae97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Conversation Session User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows sending a message to the agent and receive a response, using the conversation session API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ConversationSession/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"updatedOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b3eb788f-5426-48bd-821d-561701ede368\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b3eb788f-5426-48bd-821d-561701ede368\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Analytics Storage Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write telemetry data from the Fleet Analytics Synapse workspace to customer-provided storage accounts or Fabric Lakehouses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T01:43:25.8457961Z\",\n \"updatedOn\": \"2025-08-28T01:46:02.2595107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf41e52e-617f-4981-8b7a-47431bd4e011\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf41e52e-617f-4981-8b7a-47431bd4e011\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Data Transfer Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete pipelines, connections, and flows in Azure Data Transfer. Also perform any appropriate control plane operations for managing Azure Data Transfer resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureDataTransfer/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"updatedOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eded264d-1796-4e25-8500-a78427f8a316\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eded264d-1796-4e25-8500-a78427f8a316\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Video Indexer Account resources and generate access tokens for data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/checknameavailability/action\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/read\",\n \"Microsoft.VideoIndexer/accounts/write\",\n \"Microsoft.VideoIndexer/accounts/delete\",\n \"Microsoft.VideoIndexer/accounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/read\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/write\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/delete\",\n \"Microsoft.VideoIndexer/accounts/privateLinkResources/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/write\",\n \"Microsoft.VideoIndexer/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-07-28T15:04:33.545254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f99eaab-6f59-4877-adf5-1cacd22e20b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f99eaab-6f59-4877-adf5-1cacd22e20b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity DUPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Deleted Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/deletedUnifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-08-21T13:32:13.8007194Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4eb044f-76b9-47af-92f9-1d95c4c14ab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4eb044f-76b9-47af-92f9-1d95c4c14ab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all Sites related resources but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurationReferences/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59f98be6-0817-488b-831e-36a353c8000b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59f98be6-0817-488b-831e-36a353c8000b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Edge Sites Owner role - Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/sites/write\",\n \"Microsoft.Edge/sites/delete\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/write\",\n \"Microsoft.Edge/configurations/delete\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/write\",\n \"Microsoft.Edge/configurations/networkConfigurations/delete\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/write\",\n \"Microsoft.Edge/configurations/securityConfigurations/delete\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/write\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/delete\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/write\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/delete\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/write\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/delete\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/write\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/delete\",\n \"Microsoft.Edge/configurationReferences/read\",\n \"Microsoft.Edge/configurationReferences/write\",\n \"Microsoft.Edge/configurationReferences/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1cd7e4da-2789-457f-adbe-3e9e84037a93\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1cd7e4da-2789-457f-adbe-3e9e84037a93\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr PureStorage Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all PureStorage related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"PureStorage.Block/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85546f1f-f28b-4cb3-b852-73e422a96897\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85546f1f-f28b-4cb3-b852-73e422a96897\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dell Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Dell related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Dell.Storage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d683b71b-2b91-4fc1-a43e-b53b3d85bed9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d683b71b-2b91-4fc1-a43e-b53b3d85bed9\"\n },\n {\n \"properties\": {\n \"roleName\": \"SupportPlan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor role for Enterprise Support Resource Provider\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EnterpriseSupport/services/delete\",\n \"Microsoft.EnterpriseSupport/services/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T21:45:45.323115Z\",\n \"updatedOn\": \"2025-07-30T21:45:45.323115Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d6f52ba-a7de-4c56-a58f-522154514fba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d6f52ba-a7de-4c56-a58f-522154514fba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Spring Apps Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-31T11:03:44.7831528Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4037dd68-1cc7-4a64-8765-3a79963a9940\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4037dd68-1cc7-4a64-8765-3a79963a9940\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Networking Outbound Rules Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-in role that can authorize users to access and update the managed network settings of a machine learning workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/delete\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/batchOutboundRules/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25cabde7-1a6c-4350-8877-cb6fe59f1399\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25cabde7-1a6c-4350-8877-cb6fe59f1399\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity UPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/unifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5108882Z\",\n \"updatedOn\": \"2025-08-21T13:32:14.8037229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"LambdaTest.HyperExecute Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all LambdaTest.HyperExecute related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"LambdaTest.HyperExecute/checkNameAvailability/action\",\n \"LambdaTest.HyperExecute/register/action\",\n \"LambdaTest.HyperExecute/unregister/action\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/read\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/write\",\n \"LambdaTest.HyperExecute/operations/read\",\n \"LambdaTest.HyperExecute/organizations/read\",\n \"LambdaTest.HyperExecute/organizations/write\",\n \"LambdaTest.HyperExecute/organizations/delete\",\n \"LambdaTest.HyperExecute/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44a00263-b2a0-45d5-a618-5d8d11709349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44a00263-b2a0-45d5-a618-5d8d11709349\"\n },\n {\n \"properties\": {\n \"roleName\": \"ArizeAi.ObservabilityEval Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all ArizeAi.ObservabilityEval related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"ArizeAi.ObservabilityEval/checkNameAvailability/action\",\n \"ArizeAi.ObservabilityEval/register/action\",\n \"ArizeAi.ObservabilityEval/unregister/action\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/read\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/write\",\n \"ArizeAi.ObservabilityEval/operations/read\",\n \"ArizeAi.ObservabilityEval/organizations/read\",\n \"ArizeAi.ObservabilityEval/organizations/write\",\n \"ArizeAi.ObservabilityEval/organizations/delete\",\n \"ArizeAi.ObservabilityEval/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dca88c6f-5090-44cd-a0ff-a88f337b12a5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dca88c6f-5090-44cd-a0ff-a88f337b12a5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Pinecone.VectorDb Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Pinecone.VectorDb related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Pinecone.VectorDb/checkNameAvailability/action\",\n \"Pinecone.VectorDb/register/action\",\n \"Pinecone.VectorDb/unregister/action\",\n \"Pinecone.VectorDb/locations/operationStatuses/read\",\n \"Pinecone.VectorDb/locations/operationStatuses/write\",\n \"Pinecone.VectorDb/operations/read\",\n \"Pinecone.VectorDb/organizations/read\",\n \"Pinecone.VectorDb/organizations/write\",\n \"Pinecone.VectorDb/organizations/delete\",\n \"Pinecone.VectorDb/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd799a69-ffc8-4aa8-9701-b51f686857d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd799a69-ffc8-4aa8-9701-b51f686857d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.WeightsAndBiases Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Microsoft.WeightsAndBiases related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WeightsAndBiases/checkNameAvailability/action\",\n \"Microsoft.WeightsAndBiases/register/action\",\n \"Microsoft.WeightsAndBiases/unregister/action\",\n \"Microsoft.WeightsAndBiases/instances/read\",\n \"Microsoft.WeightsAndBiases/instances/write\",\n \"Microsoft.WeightsAndBiases/instances/delete\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/read\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/write\",\n \"Microsoft.WeightsAndBiases/operations/read\",\n \"Microsoft.WeightsAndBiases/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:57.794372Z\",\n \"updatedOn\": \"2025-08-06T15:22:57.794372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/246fffca-69ee-4945-bbf1-2a867dce4fda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"246fffca-69ee-4945-bbf1-2a867dce4fda\"\n },\n {\n \"properties\": {\n \"roleName\": \"Recurring Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Recurring Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"updatedOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/376d0802-aca8-4c2d-83a5-c88630f396fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"376d0802-aca8-4c2d-83a5-c88630f396fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\",\n \"/providers/Microsoft.Management/serviceGroups\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-09-18T10:30:29.9987541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d2e8fe82-9212-490f-af3e-34bb52d87d3d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d2e8fe82-9212-490f-af3e-34bb52d87d3d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff09793b-be48-49f6-ad96-70d32039c0b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff09793b-be48-49f6-ad96-70d32039c0b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c914561b-1575-4601-af9c-a1356bf59818\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c914561b-1575-4601-af9c-a1356bf59818\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"updatedOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e131102b-11a5-4ff4-8508-ed922132b74c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e131102b-11a5-4ff4-8508-ed922132b74c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Order Partner Inventory Manager Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage inventory metadata and inventory links associated with Edge Order Partner scenarios. Enables configuration and control of inventory resources for tracking and fulfillment purposes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageLink/action\",\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageInventoryMetadata/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-12T15:18:36.5429246Z\",\n \"updatedOn\": \"2025-09-05T06:37:32.5466384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f24a559b-c2fc-4409-b96e-9af4b0c28ad6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f24a559b-c2fc-4409-b96e-9af4b0c28ad6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender For Container Registries Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registries\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T15:27:47.0452902Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5c82243-e78e-43f9-8428-793bba85b28e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5c82243-e78e-43f9-8428-793bba85b28e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Change Safety Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage all Microsoft.ChangeSafety resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ChangeSafety/changeStates/read\",\n \"Microsoft.ChangeSafety/changeStates/write\",\n \"Microsoft.ChangeSafety/changeStates/delete\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/read\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/write\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/delete\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/read\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/write\",\n \"Microsoft.ChangeSafety/safeRollouts/read\",\n \"Microsoft.ChangeSafety/safeRollouts/write\",\n \"Microsoft.ChangeSafety/safeRollouts/delete\",\n \"Microsoft.ChangeSafety/safeRollouts/steps/read\",\n \"Microsoft.ChangeSafety/stageMaps/read\",\n \"Microsoft.ChangeSafety/stageMaps/write\",\n \"Microsoft.ChangeSafety/stageMaps/delete\",\n \"Microsoft.ChangeSafety/validations/read\",\n \"Microsoft.ChangeSafety/validations/write\",\n \"Microsoft.ChangeSafety/validations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"updatedOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Clinical Coder Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in Clinical Coder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/AIActions/ClinicalCoder/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"updatedOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0a94e7a-d791-4571-b2e0-8bdd8f867544\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0a94e7a-d791-4571-b2e0-8bdd8f867544\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Data Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Data Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.operationalinsights/workspaces/read\",\n \"Microsoft.operationalinsights/workspaces/write\",\n \"Microsoft.operationalinsights/workspaces/query/read\",\n \"Microsoft.operationalinsights/workspaces/tables/write\",\n \"Microsoft.operationalinsights/workspaces/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-22T09:09:13.51896Z\",\n \"updatedOn\": \"2025-08-22T09:09:13.51896Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40ead2a5-466e-4039-8a80-325542d9d2dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40ead2a5-466e-4039-8a80-325542d9d2dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Local Disconnected Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Local Disconnected Operations Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/disconnectedOperations/*/read\",\n \"Microsoft.Edge/disconnectedOperations/*/write\",\n \"Microsoft.Edge/disconnectedOperations/*/delete\",\n \"Microsoft.Edge/winfields/*/read\",\n \"Microsoft.Edge/winfields/*/write\",\n \"Microsoft.Edge/winfields/*/delete\",\n \"Microsoft.Edge/winfields/*/action\",\n \"Microsoft.Edge/disconnectedOperations/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/478d20ba-a53e-4946-b33c-8078a92f2d0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"478d20ba-a53e-4946-b33c-8078a92f2d0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Workload Orchestration Administrator Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/*\",\n \"Microsoft.Edge/configTemplates/*\",\n \"Microsoft.Edge/solutionTemplates/*\",\n \"Microsoft.Edge/configurations/*\",\n \"Microsoft.Edge/configurationreferences/*\",\n \"Microsoft.Edge/schemas/*\",\n \"Microsoft.Edge/schemaReferences/*\",\n \"Microsoft.Edge/targets/*\",\n \"Microsoft.Edge/jobs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"updatedOn\": \"2025-09-04T04:15:37.014131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cbb820e9-e561-45bb-84c2-ef45d0a13f7d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cbb820e9-e561-45bb-84c2-ef45d0a13f7d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View firmware images but not upload them or perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*/read\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"updatedOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a94a2fd-3c4f-45d1-847d-6585ba88af94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a94a2fd-3c4f-45d1-847d-6585ba88af94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read, write, destructive and scripting actions on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"updatedOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04f6c337-ffae-414c-b00f-3e80c9ab8a2c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04f6c337-ffae-414c-b00f-3e80c9ab8a2c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Script Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows execution and management of scripts on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scripteval/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptevalsha/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptexists/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptflush/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptload/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:39:28.929238Z\",\n \"updatedOn\": \"2025-08-27T17:39:28.929238Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7021ea36-e168-4bc0-af53-88de51d20665\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7021ea36-e168-4bc0-af53-88de51d20665\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d9cd91b9-dada-4fa9-9406-454c4659c137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d9cd91b9-dada-4fa9-9406-454c4659c137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/append/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/del/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/expire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpersist/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hsetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/msetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psetex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readwrite/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/set/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setrange/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smove/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/spop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunionstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unlink/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangestore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebylex/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyrank/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyscore/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunionstore/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1694e55a-2496-4d07-b005-7259aa3fcbe8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1694e55a-2496-4d07-b005-7259aa3fcbe8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"updatedOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca62263b-07d5-4b48-b437-088803f5c2ff\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca62263b-07d5-4b48-b437-088803f5c2ff\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"updatedOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1fd5d8bf-9037-4ede-89bf-680f798e2765\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1fd5d8bf-9037-4ede-89bf-680f798e2765\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:38:33.2080873Z\",\n \"updatedOn\": \"2025-09-11T12:26:00.2449399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Contributor and Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Contributor and Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:53:37.3243745Z\",\n \"updatedOn\": \"2025-09-18T08:00:00.7910377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/625a1cea-653b-4a19-bd3a-df1d66ab6637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"625a1cea-653b-4a19-bd3a-df1d66ab6637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T15:23:46.8702579Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78b7345a-1e1b-483a-ac62-62228c6ea89d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78b7345a-1e1b-483a-ac62-62228c6ea89d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Azure Monitor Pipeline resources, providing full read and write access to pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/679dc20a-52e8-4ac0-a23c-3b557dfb1e24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"679dc20a-52e8-4ac0-a23c-3b557dfb1e24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Azure Monitor Pipeline resources, including pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to all SRE Agent data, including chats, incidents, logs, and configurations. Does not permit interaction with the agent.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.0394523Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b156ac-253f-4a1a-9851-96d62b71b047\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b156ac-253f-4a1a-9851-96d62b71b047\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Connectivity contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.HybridConnectivity contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/listIngressGatewayCredentials/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/delete\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/testPermissions/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/write\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/delete\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/syncNow/action\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.251471Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.251471Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0f57965-de58-41bc-ba76-2aaab4d09f30\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0f57965-de58-41bc-ba76-2aaab4d09f30\"\n },\n {\n \"properties\": {\n \"roleName\": \"Aws Connector contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AwsConnector contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/delete\",\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/write\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/delete\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/write\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/delete\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/write\",\n \"Microsoft.AwsConnector/apiGatewayStages/delete\",\n \"Microsoft.AwsConnector/apiGatewayStages/write\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/delete\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/write\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/delete\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/write\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/delete\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/write\",\n \"Microsoft.AwsConnector/cloudFormationStacks/delete\",\n \"Microsoft.AwsConnector/cloudFormationStacks/write\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/delete\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/write\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/delete\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/write\",\n \"Microsoft.AwsConnector/cloudTrailTrails/delete\",\n \"Microsoft.AwsConnector/cloudTrailTrails/write\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/delete\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/write\",\n \"Microsoft.AwsConnector/codeBuildProjects/delete\",\n \"Microsoft.AwsConnector/codeBuildProjects/write\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/delete\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/write\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/delete\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/write\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/delete\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/write\",\n \"Microsoft.AwsConnector/daxClusters/delete\",\n \"Microsoft.AwsConnector/daxClusters/write\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/delete\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/write\",\n \"Microsoft.AwsConnector/dynamoDBTables/delete\",\n \"Microsoft.AwsConnector/dynamoDBTables/write\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/delete\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/write\",\n \"Microsoft.AwsConnector/ec2Addresses/delete\",\n \"Microsoft.AwsConnector/ec2Addresses/write\",\n \"Microsoft.AwsConnector/ec2FlowLogs/delete\",\n \"Microsoft.AwsConnector/ec2FlowLogs/write\",\n \"Microsoft.AwsConnector/ec2Images/delete\",\n \"Microsoft.AwsConnector/ec2Images/write\",\n \"Microsoft.AwsConnector/ec2Instances/delete\",\n \"Microsoft.AwsConnector/ec2Instances/start/action\",\n \"Microsoft.AwsConnector/ec2Instances/stop/action\",\n \"Microsoft.AwsConnector/ec2Instances/write\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/delete\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/write\",\n \"Microsoft.AwsConnector/ec2Ipams/delete\",\n \"Microsoft.AwsConnector/ec2Ipams/write\",\n \"Microsoft.AwsConnector/ec2KeyPairs/delete\",\n \"Microsoft.AwsConnector/ec2KeyPairs/write\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/delete\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/write\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/delete\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/write\",\n \"Microsoft.AwsConnector/ec2RouteTables/delete\",\n \"Microsoft.AwsConnector/ec2RouteTables/write\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/delete\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/write\",\n \"Microsoft.AwsConnector/ec2Snapshots/delete\",\n \"Microsoft.AwsConnector/ec2Snapshots/write\",\n \"Microsoft.AwsConnector/ec2Subnets/delete\",\n \"Microsoft.AwsConnector/ec2Subnets/write\",\n \"Microsoft.AwsConnector/ec2Volumes/delete\",\n \"Microsoft.AwsConnector/ec2Volumes/write\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/delete\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/write\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/delete\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/write\",\n \"Microsoft.AwsConnector/ec2Vpcs/delete\",\n \"Microsoft.AwsConnector/ec2Vpcs/write\",\n \"Microsoft.AwsConnector/ecrImageDetails/delete\",\n \"Microsoft.AwsConnector/ecrImageDetails/write\",\n \"Microsoft.AwsConnector/ecrRepositories/delete\",\n \"Microsoft.AwsConnector/ecrRepositories/write\",\n \"Microsoft.AwsConnector/ecsClusters/delete\",\n \"Microsoft.AwsConnector/ecsClusters/write\",\n \"Microsoft.AwsConnector/ecsServices/delete\",\n \"Microsoft.AwsConnector/ecsServices/write\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/delete\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/write\",\n \"Microsoft.AwsConnector/efsFileSystems/delete\",\n \"Microsoft.AwsConnector/efsFileSystems/write\",\n \"Microsoft.AwsConnector/efsMountTargets/delete\",\n \"Microsoft.AwsConnector/efsMountTargets/write\",\n \"Microsoft.AwsConnector/eksClusters/delete\",\n \"Microsoft.AwsConnector/eksClusters/write\",\n \"Microsoft.AwsConnector/eksNodegroups/delete\",\n \"Microsoft.AwsConnector/eksNodegroups/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/write\",\n \"Microsoft.AwsConnector/elasticsearchDomains/delete\",\n \"Microsoft.AwsConnector/elasticsearchDomains/write\",\n \"Microsoft.AwsConnector/emrClusters/delete\",\n \"Microsoft.AwsConnector/emrClusters/write\",\n \"Microsoft.AwsConnector/guardDutyDetectors/delete\",\n \"Microsoft.AwsConnector/guardDutyDetectors/write\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/write\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/write\",\n \"Microsoft.AwsConnector/iamGroups/delete\",\n \"Microsoft.AwsConnector/iamGroups/write\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/delete\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/write\",\n \"Microsoft.AwsConnector/iamManagedPolicies/delete\",\n \"Microsoft.AwsConnector/iamManagedPolicies/write\",\n \"Microsoft.AwsConnector/iamMFADevices/delete\",\n \"Microsoft.AwsConnector/iamMFADevices/write\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/delete\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/write\",\n \"Microsoft.AwsConnector/iamPolicyVersions/delete\",\n \"Microsoft.AwsConnector/iamPolicyVersions/write\",\n \"Microsoft.AwsConnector/iamRoles/delete\",\n \"Microsoft.AwsConnector/iamRoles/write\",\n \"Microsoft.AwsConnector/iamServerCertificates/delete\",\n \"Microsoft.AwsConnector/iamServerCertificates/write\",\n \"Microsoft.AwsConnector/iamUserPolicies/delete\",\n \"Microsoft.AwsConnector/iamUserPolicies/write\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/delete\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/write\",\n \"Microsoft.AwsConnector/kmsAliases/delete\",\n \"Microsoft.AwsConnector/kmsAliases/write\",\n \"Microsoft.AwsConnector/kmsKeys/delete\",\n \"Microsoft.AwsConnector/kmsKeys/write\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/write\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/write\",\n \"Microsoft.AwsConnector/lambdaFunctions/delete\",\n \"Microsoft.AwsConnector/lambdaFunctions/write\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/delete\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/write\",\n \"Microsoft.AwsConnector/lightsailBuckets/delete\",\n \"Microsoft.AwsConnector/lightsailBuckets/write\",\n \"Microsoft.AwsConnector/lightsailInstances/delete\",\n \"Microsoft.AwsConnector/lightsailInstances/write\",\n \"Microsoft.AwsConnector/Locations/OperationStatuses/write\",\n \"Microsoft.AwsConnector/logsLogGroups/delete\",\n \"Microsoft.AwsConnector/logsLogGroups/write\",\n \"Microsoft.AwsConnector/logsLogStreams/delete\",\n \"Microsoft.AwsConnector/logsLogStreams/write\",\n \"Microsoft.AwsConnector/logsMetricFilters/delete\",\n \"Microsoft.AwsConnector/logsMetricFilters/write\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/delete\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/write\",\n \"Microsoft.AwsConnector/macie2JobSummaries/delete\",\n \"Microsoft.AwsConnector/macie2JobSummaries/write\",\n \"Microsoft.AwsConnector/macieAllowLists/delete\",\n \"Microsoft.AwsConnector/macieAllowLists/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/write\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/delete\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/write\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/delete\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/write\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/delete\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/write\",\n \"Microsoft.AwsConnector/organizationsAccounts/delete\",\n \"Microsoft.AwsConnector/organizationsAccounts/write\",\n \"Microsoft.AwsConnector/organizationsOrganizations/delete\",\n \"Microsoft.AwsConnector/organizationsOrganizations/write\",\n \"Microsoft.AwsConnector/rdsDBClusters/delete\",\n \"Microsoft.AwsConnector/rdsDBClusters/write\",\n \"Microsoft.AwsConnector/rdsDBInstances/delete\",\n \"Microsoft.AwsConnector/rdsDBInstances/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/write\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/delete\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/write\",\n \"Microsoft.AwsConnector/rdsExportTasks/delete\",\n \"Microsoft.AwsConnector/rdsExportTasks/write\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/delete\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/write\",\n \"Microsoft.AwsConnector/redshiftClusters/delete\",\n \"Microsoft.AwsConnector/redshiftClusters/write\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/delete\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/write\",\n \"Microsoft.AwsConnector/route53HostedZones/delete\",\n \"Microsoft.AwsConnector/route53HostedZones/write\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/delete\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/write\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/delete\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/write\",\n \"Microsoft.AwsConnector/s3AccessPoints/delete\",\n \"Microsoft.AwsConnector/s3AccessPoints/write\",\n \"Microsoft.AwsConnector/s3BucketPolicies/delete\",\n \"Microsoft.AwsConnector/s3BucketPolicies/write\",\n \"Microsoft.AwsConnector/s3Buckets/delete\",\n \"Microsoft.AwsConnector/s3Buckets/write\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/delete\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/write\",\n \"Microsoft.AwsConnector/sageMakerApps/delete\",\n \"Microsoft.AwsConnector/sageMakerApps/write\",\n \"Microsoft.AwsConnector/sageMakerDevices/delete\",\n \"Microsoft.AwsConnector/sageMakerDevices/write\",\n \"Microsoft.AwsConnector/sageMakerImages/delete\",\n \"Microsoft.AwsConnector/sageMakerImages/write\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/delete\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/write\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/delete\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/write\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/delete\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/write\",\n \"Microsoft.AwsConnector/snsSubscriptions/delete\",\n \"Microsoft.AwsConnector/snsSubscriptions/write\",\n \"Microsoft.AwsConnector/snsTopics/delete\",\n \"Microsoft.AwsConnector/snsTopics/write\",\n \"Microsoft.AwsConnector/sqsQueues/delete\",\n \"Microsoft.AwsConnector/sqsQueues/write\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/delete\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/write\",\n \"Microsoft.AwsConnector/ssmParameters/delete\",\n \"Microsoft.AwsConnector/ssmParameters/write\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/delete\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/write\",\n \"Microsoft.AwsConnector/wafv2IPSets/delete\",\n \"Microsoft.AwsConnector/wafv2IPSets/write\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/delete\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/write\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/delete\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/write\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/delete\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/98c206fe-ea1b-4578-93f8-83a99a5628fc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"98c206fe-ea1b-4578-93f8-83a99a5628fc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB MI Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin-level access for managed identities on files/directories in Azure file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a235d3ee-5935-4cfb-8cc5-a3303ad5995e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Common Edge Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Common Edge Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/connectivityStatuses/delete\",\n \"Microsoft.Edge/connectivityStatuses/write\",\n \"Microsoft.Edge/locations/operationStatuses/write\",\n \"Microsoft.Edge/updates/delete\",\n \"Microsoft.Edge/updates/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b256d512-9a3a-4a96-9366-9f54f900e58b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b256d512-9a3a-4a96-9366-9f54f900e58b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Upload and analyze firmware images but not perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/register/action\",\n \"Microsoft.IoTFirmwareDefense/unregister/action\",\n \"Microsoft.IoTFirmwareDefense/workspaces/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53b2724d-1e51-44fa-b586-bcace0c82609\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53b2724d-1e51-44fa-b586-bcace0c82609\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Standard User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to interact with the SRE Agent to triage incidents and run diagnostics.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\",\n \"Microsoft.App/agents/threads/write\",\n \"Microsoft.App/agents/graph/write\",\n \"Microsoft.App/agents/memory/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8379721Z\",\n \"updatedOn\": \"2025-09-16T15:14:52.3167343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d84a65a-63b2-4343-bbb6-31105d857bc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d84a65a-63b2-4343-bbb6-31105d857bc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full control of the agent—manage chats, incident response plans, and agent run modes; approve and execute commands.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/*/read\",\n \"Microsoft.App/agents/*/write\",\n \"Microsoft.App/agents/*/delete\",\n \"Microsoft.App/agents/threads/approve/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8389733Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e79298df-d852-4c6d-84f9-5d13249d1e55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e79298df-d852-4c6d-84f9-5d13249d1e55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Kubernetes Fleet Manager as well as the Kubernetes config file to connect to the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/listCredentials/action\",\n \"Microsoft.ContainerService/fleets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"updatedOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/850c5848-fc51-4a9a-8823-f220370626e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"850c5848-fc51-4a9a-8823-f220370626e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Data Reader can query and search the logs it is allowed to view over Log Analytics workspaces and tables\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"updatedOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b03c2da-16b3-4a49-8834-0f8130efdd3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b03c2da-16b3-4a49-8834-0f8130efdd3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dynamics 365 Customer Insights Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables Diagnostic Logging setup for Customer Insights instances.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.D365CustomerInsights/instances/write\",\n \"Microsoft.D365CustomerInsights/instances/providers/Microsoft.Insights/diagnosticSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"updatedOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Blob Data Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions - Storage Task to list & perform operations on the Storage Account blobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/runAsSuperUser/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/immutableStorage/runAsSuperUser/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4bad4d9e-2a13-4888-94bb-c8432f6f3040\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4bad4d9e-2a13-4888-94bb-c8432f6f3040\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Task Assignment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions assigner to create a Task Assignment on their target Storage Account, with RBAC privileges for Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/reports/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/write\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/delete\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/reports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040}))\"\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77789c21-1643-48a2-8f27-47f858540b51\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77789c21-1643-48a2-8f27-47f858540b51\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Native Dynatrace Agent Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage Dynatrace Agent on compute resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/55077723-1b30-4603-a70b-68de134cfa20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"55077723-1b30-4603-a70b-68de134cfa20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions author to create, read, update, and delete Storage Actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StorageActions/storageTasks/read\",\n \"Microsoft.StorageActions/storageTasks/write\",\n \"Microsoft.StorageActions/storageTasks/delete\",\n \"Microsoft.StorageActions/storageTasks/storageTaskAssignments/read\",\n \"Microsoft.StorageActions/storageTasks/reports/read\",\n \"Microsoft.StorageActions/locations/previewActions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Essential Machine Management Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can managed Essential Machine Management resources for subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/dataCollectionRules/read\",\n \"Microsoft.Insights/dataCollectionRules/write\",\n \"Microsoft.Monitor/accounts/write\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.ManagedOps/managedOps/read\",\n \"Microsoft.ManagedOps/managedOps/write\",\n \"Microsoft.ManagedOps/managedOps/delete\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationsManagement/solutions/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/metricAlerts/write\",\n \"Microsoft.Insights/metricAlerts/read\",\n \"Microsoft.Security/pricings/write\",\n \"Microsoft.Security/pricings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"updatedOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34013b0a-565b-43aa-8755-1b7c286f6cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34013b0a-565b-43aa-8755-1b7c286f6cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/da9adf61-39cd-41d5-87a0-30b21f7270d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"da9adf61-39cd-41d5-87a0-30b21f7270d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numsub/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numpat/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/publish/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56e95fdc-3337-468d-b964-30d07f2a2018\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56e95fdc-3337-468d-b964-30d07f2a2018\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tenant Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Entra ID Tenants.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [],\n \"createdOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"updatedOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a7c2fa1-6f28-41a4-86b8-e74937c63222\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a7c2fa1-6f28-41a4-86b8-e74937c63222\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin access equivalent to storage account key for end users over SMB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-30T15:23:51.084353Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Supercomputer Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Supercomputer Infrastructure resources, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SupercomputerInfrastructure/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"updatedOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68899692-f960-4247-af28-82f55b357997\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68899692-f960-4247-af28-82f55b357997\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions?api-version=2022-05-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZURlZmluaXRpb25zP2FwaS12ZXJzaW9uPTIwMjItMDUtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "57ca87d1-f6da-4ede-b19a-6945018f877b" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "9b99e203-453a-4ec6-baa9-ef8c49e19ab8" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/b6ae1cc2-6bcc-48b8-972d-79c513d94cfc" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "b352da6c-f218-42c8-ad08-f627a87fce1e" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101951Z:b352da6c-f218-42c8-ad08-f627a87fce1e" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: 784E175B04CF46F3873D7EDEA061038B Ref B: DUB241062306060 Ref C: 2025-10-04T10:19:51Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:51 GMT" + ], + "Content-Length": [ + "993823" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleName\": \"AcrPush\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr push\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-29T17:52:32.5201177Z\",\n \"updatedOn\": \"2021-11-11T20:13:07.4993029Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8311e382-0749-4cb8-b61a-304f252e45ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service and the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8650193Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.3179618Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"312a565d-c81f-4fd8-895a-4e21e48d571c\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrPull\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr pull\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-22T19:01:56.8227182Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.8779328Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f951dda-4ed3-4680-a7ca-43fe172d538d\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrImageSigner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Planned DEPRECATION on March 31, 2028. Grant the signing permission for content trust. As content trust is being deprecated and will be completely removed on March 31, 2028, this role will also be removed. Refer to https://aka.ms/acr/dctdeprecation for details and transition guidance.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/sign/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/trustedCollections/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-15T23:23:08.4038322Z\",\n \"updatedOn\": \"2025-10-03T10:06:29.6549664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cef56e8-d556-48e5-a04f-b8e64114680f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cef56e8-d556-48e5-a04f-b8e64114680f\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrDelete\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr delete\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-11T20:19:31.6682804Z\",\n \"updatedOn\": \"2021-11-11T20:13:09.9631744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2f4ef07-c644-48eb-af81-4b1b4947fb11\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:27:39.9596835Z\",\n \"updatedOn\": \"2021-11-11T20:13:10.3188052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cdda3590-29a3-44f6-95f2-9f980659eb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cdda3590-29a3-44f6-95f2-9f980659eb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineWriter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data writer\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\",\n \"Microsoft.ContainerRegistry/registries/quarantine/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\",\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:26:37.587182Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.3488079Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d4ff99-41c3-41a8-9f60-21dfdad59608\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service but not the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/backup/action\",\n \"Microsoft.ApiManagement/service/delete\",\n \"Microsoft.ApiManagement/service/managedeployments/action\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/restore/action\",\n \"Microsoft.ApiManagement/service/updatecertificate/action\",\n \"Microsoft.ApiManagement/service/updatehostname/action\",\n \"Microsoft.ApiManagement/service/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:03:42.1194019Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.5244023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e022efe7-f5ba-4159-bbe4-b44f577e9b61\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to service and APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:26:45.1540473Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.8704466Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"71522526-b88f-4d52-b57f-d31fc3546d0d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Component Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Application Insights components\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:12.6428401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae349356-3a1b-4a5e-921d-050484c6347e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae349356-3a1b-4a5e-921d-050484c6347e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Snapshot Debugger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives user permission to use Application Insights Snapshot Debugger features\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T21:25:12.3728747Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.0034435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08954f03-6346-4c2e-81c0-ec3a5cfae23b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08954f03-6346-4c2e-81c0-ec3a5cfae23b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read the attestation provider properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-25T19:42:59.157671Z\",\n \"updatedOn\": \"2024-07-11T17:43:35.9489411Z\",\n \"createdBy\": null,\n \"updatedBy\": \"SYSTEM\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd1bd22b-8476-40bc-a0bc-69b95687b9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd1bd22b-8476-40bc-a0bc-69b95687b9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Job Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Manage Jobs using Automation Runbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:52:41.0020018Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.706566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fe576fe-1146-4730-92eb-48519fa6bf9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fe576fe-1146-4730-92eb-48519fa6bf9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Runbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Runbook properties - to be able to create Jobs of the runbook.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:47:49.5640674Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.8815461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Automation Operators are able to start, stop, suspend, and resume jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/read\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/write\",\n \"Microsoft.Automation/automationAccounts/linkedWorkspace/read\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/schedules/read\",\n \"Microsoft.Automation/automationAccounts/schedules/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-08-18T01:05:03.391613Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.0515408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d3881f73-407a-4167-8283-e981cbba0404\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d3881f73-407a-4167-8283-e981cbba0404\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create and manage an Avere vFXT cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/proximityPlacementGroups/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/disks/*\",\n \"Microsoft.Network/*/read\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/*/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:00:58.9207889Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.2265665Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f8fab4f-1852-4a58-a46a-8eaf358af14a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f8fab4f-1852-4a58-a46a-8eaf358af14a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Avere vFXT cluster to manage the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:02:38.3399857Z\",\n \"updatedOn\": \"2021-11-11T20:13:15.1065886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action\",\n \"Microsoft.ContainerService/managedClusters/accessProfiles/listCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/runcommand/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T21:38:18.5953853Z\",\n \"updatedOn\": \"2022-05-17T01:51:12.0390652Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T22:04:53.4037241Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.4351976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4abbcc35-e782-43d8-92c5-2d3f1bd2253f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4abbcc35-e782-43d8-92c5-2d3f1bd2253f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-05T19:47:03.472307Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.9582685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Registration Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Stack registrations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStack/edgeSubscriptions/read\",\n \"Microsoft.AzureStack/registrations/products/*/action\",\n \"Microsoft.AzureStack/registrations/products/read\",\n \"Microsoft.AzureStack/registrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-11-13T23:42:06.2161827Z\",\n \"updatedOn\": \"2021-11-11T20:13:23.295782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f12a6df-dd06-4f3e-bcb1-ce8be600526a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f12a6df-dd06-4f3e-bcb1-ce8be600526a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backups, but can't delete vaults and give access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/*\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/Vaults/usages/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/vaults/operationStatus/read\",\n \"Microsoft.RecoveryServices/vaults/operationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/delete\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/write\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/write\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/locations/checkNameAvailability/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/SuspendBackups/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:12:15.7321344Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2904248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e467623-bb1f-42f4-a55d-6e525e11384b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e467623-bb1f-42f4-a55d-6e525e11384b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to billing data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Billing/*/read\",\n \"Microsoft.Commerce/*/read\",\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T02:13:38.9054151Z\",\n \"updatedOn\": \"2021-11-11T20:13:24.5342563Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view backup services, but can't make changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:18:41.3893065Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.9723749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a795c7a0-d4a2-40c1-ae25-d81f01202912\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a795c7a0-d4a2-40c1-ae25-d81f01202912\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blockchain Member Node Access (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Blockchain Member nodes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T10:33:01.9604839Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.055892Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31a002a1-acaf-453e-8a5b-297c9ca1ea24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31a002a1-acaf-453e-8a5b-297c9ca1ea24\"\n },\n {\n \"properties\": {\n \"roleName\": \"BizTalk Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage BizTalk services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BizTalkServices/BizTalk/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.2359269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e3c6656-6cfa-4708-81fe-0de47ac73342\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T08:06:49.788929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"426e0c7f-0c7e-4658-b36f-ff54d6c29b45\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-06T16:25:55.5514166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ec156ff8-a8d1-4d15-830c-5b80698ca432\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Cdn/profiles/CheckResourceUsage/action\",\n \"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f96442b-4075-438f-813d-ad51ab4019af\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicNetwork/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.4433301Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b34d265f-36f7-4a0d-a4d4-e158ca92e90f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic storage accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.6183566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86e8f5dc-a6e9-4c67-9d15-de283e8eac25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86e8f5dc-a6e9-4c67-9d15-de283e8eac25\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicStorage/storageAccounts/listkeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:22:52.14611Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.9796021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/985d6b00-f706-48f5-a6fe-d0ca12fb668d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"985d6b00-f706-48f5-a6fe-d0ca12fb668d\"\n },\n {\n \"properties\": {\n \"roleName\": \"ClearDB MySQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage ClearDB MySQL databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"successbricks.cleardb/databases/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.1646373Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9106cda0-8a86-4e81-b686-29a22c54effe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9106cda0-8a86-4e81-b686-29a22c54effe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/domainNames/*\",\n \"Microsoft.ClassicCompute/virtualMachines/*\",\n \"Microsoft.ClassicNetwork/networkSecurityGroups/join/action\",\n \"Microsoft.ClassicNetwork/reservedIps/link/action\",\n \"Microsoft.ClassicNetwork/reservedIps/read\",\n \"Microsoft.ClassicNetwork/virtualNetworks/join/action\",\n \"Microsoft.ClassicNetwork/virtualNetworks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/disks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/images/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-04-25T00:37:56.5416086Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.3446332Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d73bb868-a0df-4d4d-bd69-98a00b01fccb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d73bb868-a0df-4d4d-bd69-98a00b01fccb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and list keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:23:43.7701274Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.5316443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a97b65f3-24c7-4388-baec-2e87135dc908\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read Cognitive Services data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-13T20:02:12.6849986Z\",\n \"updatedOn\": \"2024-10-10T18:41:31.3351912Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b59867f0-fa02-499b-be73-45a86b5b3e1c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create, read, update, delete and manage keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:18:39.2257848Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.911623Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosBackupOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can submit restore request for a Cosmos DB database or a container for an account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/databaseAccounts/backup/action\",\n \"Microsoft.DocumentDB/databaseAccounts/restore/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-07T19:47:14.965156Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.4333692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7b14f2-5adf-42da-9f96-f2ee17bab5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7b14f2-5adf-42da-9f96-f2ee17bab5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [\n \"Microsoft.Authorization/*/Delete\",\n \"Microsoft.Authorization/*/Write\",\n \"Microsoft.Authorization/elevateAccess/Action\",\n \"Microsoft.Blueprint/blueprintAssignments/write\",\n \"Microsoft.Blueprint/blueprintAssignments/delete\",\n \"Microsoft.Compute/galleries/share/action\",\n \"Microsoft.Purview/consents/write\",\n \"Microsoft.Purview/consents/delete\",\n \"Microsoft.Resources/deploymentStacks/manageDenySetting/action\",\n \"Microsoft.Subscription/cancel/action\",\n \"Microsoft.Subscription/enable/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2024-11-19T20:03:30.321264Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b24988ac-6180-42a0-ab88-20f7382dd24c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Account Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read Azure Cosmos DB Accounts data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDB/*/read\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlykeys/action\",\n \"Microsoft.Insights/MetricDefinitions/read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-10-30T17:53:54.6005577Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.7911765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbdf93bf-df7d-467e-a4d2-9458aa1360c8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbdf93bf-df7d-467e-a4d2-9458aa1360c8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view costs and manage cost configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*\",\n \"Microsoft.CostManagement/*\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.4851851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434105ed-43f6-45c7-a02f-909b2ba83430\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434105ed-43f6-45c7-a02f-909b2ba83430\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view cost data and configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.66018Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/72fafb9e-0641-4937-9268-a91bfd8191a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"72fafb9e-0641-4937-9268-a91bfd8191a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage everything under Data Box Service except giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Databox/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:28:42.714021Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.3737856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/add466c9-e687-43fc-8d98-dfcf8d720be5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"add466c9-e687-43fc-8d98-dfcf8d720be5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Data Box Service except creating order or editing order details and giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Databox/*/read\",\n \"Microsoft.Databox/jobs/listsecrets/action\",\n \"Microsoft.Databox/jobs/listcredentials/action\",\n \"Microsoft.Databox/locations/availableSkus/action\",\n \"Microsoft.Databox/locations/validateInputs/action\",\n \"Microsoft.Databox/locations/regionConfiguration/action\",\n \"Microsoft.Databox/locations/validateAddress/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:26:21.9284772Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.5546117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Factory Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage data factories, as well as child resources within them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DataFactory/dataFactories/*\",\n \"Microsoft.DataFactory/factories/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.EventGrid/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.7420174Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"673868aa-7521-48a0-acc6-0f60742d39f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Purger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can purge analytics data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Insights/components/purge/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/purge/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-04-30T22:39:49.61677Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.2788395Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"150f5e0c-0603-4f03-8c7f-cf70034c4e90\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Lake Analytics Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BigAnalytics/accounts/*\",\n \"Microsoft.DataLakeAnalytics/accounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.BigAnalytics/accounts/Delete\",\n \"Microsoft.BigAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.BigAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.DataLakeAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-20T00:33:29.3115234Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.4688491Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47b7735b-770e-4598-a7da-8b91488b4c88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47b7735b-770e-4598-a7da-8b91488b4c88\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevTest Labs User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.DevTestLab/*/read\",\n \"Microsoft.DevTestLab/labs/claimAnyVm/action\",\n \"Microsoft.DevTestLab/labs/createEnvironment/action\",\n \"Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action\",\n \"Microsoft.DevTestLab/labs/formulas/delete\",\n \"Microsoft.DevTestLab/labs/formulas/read\",\n \"Microsoft.DevTestLab/labs/formulas/write\",\n \"Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/claim/action\",\n \"Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkInterfaces/*/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/publicIPAddresses/*/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/virtualMachines/vmSizes/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-08T21:52:45.0657582Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.1746507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76283e04-6283-4c54-8f91-bcf1374a3c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76283e04-6283-4c54-8f91-bcf1374a3c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"DocumentDB Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DocumentDB accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.3496502Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bd9cd88-fe45-4216-938b-f97437e15450\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bd9cd88-fe45-4216-938b-f97437e15450\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/dnsZones/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.5233957Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"befefa01-2a29-4197-83a8-272ff33ce314\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid event subscription operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/*\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-08T23:27:28.3130743Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.4166738Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"428e0ff0-5e57-4d9c-a221-2c70d0e0a443\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read EventGrid event subscriptions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-09T17:29:28.1417894Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.7846748Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2414bbcf-6497-4faf-8c65-045460748405\"\n },\n {\n \"properties\": {\n \"roleName\": \"Graph Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage all aspects of the Enterprise Graph - Ontology, Schema mapping, Conflation and Conversational AI and Ingestions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/delete\",\n \"Microsoft.EnterpriseKnowledgeGraph/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:07:22.5844236Z\",\n \"updatedOn\": \"2021-11-11T20:13:34.6707886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b60367af-1334-4454-b71e-769d9a4f83d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b60367af-1334-4454-b71e-769d9a4f83d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AAD/*/read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.AAD/domainServices/oucontainer/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-12T22:42:51.7451109Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.3921342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d8d5a11-05d3-4bda-a417-a08778121c7c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Intelligent Systems Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Intelligent Systems accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.IntelligentSystems/accounts/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.9371582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"03a6d094-3444-4b3d-88af-7477090a9e5e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage key vaults, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/hsmPools/*\",\n \"Microsoft.KeyVault/managedHsms/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-02-25T17:08:28.5184971Z\",\n \"updatedOn\": \"2021-11-11T20:13:36.1170988Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f25e0fa2-a7c8-4377-a976-54943a77a395\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f25e0fa2-a7c8-4377-a976-54943a77a395\"\n },\n {\n \"properties\": {\n \"roleName\": \"Knowledge Consumer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Knowledge Read permission to consume Enterprise Graph Knowledge using entity search and graph query\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:23:31.4037552Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.0021342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ee361c5d-f7b5-4119-b4b6-892157c8f64c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ee361c5d-f7b5-4119-b4b6-892157c8f64c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Creator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create new labs under your Azure Lab Accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.LabServices/labAccounts/*/read\",\n \"Microsoft.LabServices/labAccounts/createLab/action\",\n \"Microsoft.LabServices/labAccounts/getPricingAndAvailability/action\",\n \"Microsoft.LabServices/labAccounts/getRestrictionsAndUsage/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-01-18T23:38:58.1036141Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.1821588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-02T00:20:28.1449012Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c42c96-874c-492b-b04d-ab87d138a893\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/extensions/*\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.Compute/virtualMachines/extensions/*\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/*\",\n \"Microsoft.OperationsManagement/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T21:51:45.3174711Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92aaf0da-9dab-42b6-94a3-d43ce8d16293\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, enable and disable logic app.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*/read\",\n \"Microsoft.Insights/metricAlerts/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.Insights/metricDefinitions/*/read\",\n \"Microsoft.Logic/*/read\",\n \"Microsoft.Logic/workflows/disable/action\",\n \"Microsoft.Logic/workflows/enable/action\",\n \"Microsoft.Logic/workflows/validate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*/read\",\n \"Microsoft.Web/connections/*/read\",\n \"Microsoft.Web/customApis/*/read\",\n \"Microsoft.Web/serverFarms/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.0573444Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage logic app, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logdefinitions/*\",\n \"Microsoft.Insights/metricDefinitions/*\",\n \"Microsoft.Logic/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/functions/listSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.2523833Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"87a39d53-fc1b-424a-814c-f7e04687dc9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and perform actions on Managed Application resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/read\",\n \"Microsoft.Solutions/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T00:59:33.7988813Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.5973763Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7393b34-138c-406f-901b-d8cf2b17e6ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7393b34-138c-406f-901b-d8cf2b17e6ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Publisher Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the publisher to read resources in the managed resource group for Managed Application and request JIT access for additional operations. This role is only used by the Managed Application service to provide access to publishers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Solutions/jitRequests/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-06T00:33:58.3651522Z\",\n \"updatedOn\": \"2025-05-01T17:14:44.1844267Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9331d33-8a36-4f8c-b097-4f54124fdb44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9331d33-8a36-4f8c-b097-4f54124fdb44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and Assign User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/assign/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:52:04.3924594Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.9523759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1a07417-d97a-45cb-824c-7a7467783830\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1a07417-d97a-45cb-824c-7a7467783830\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/revokeTokens/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:53:42.8804692Z\",\n \"updatedOn\": \"2024-03-29T00:22:59.7937695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/delete\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/delete\",\n \"Microsoft.Management/managementGroups/subscriptions/write\",\n \"Microsoft.Management/managementGroups/write\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:28:29.0523964Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:31:03.4295347Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ac63b705-f282-497d-ac71-919bf39d939d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ac63b705-f282-497d-ac71-919bf39d939d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:19:52.4939376Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/43d0d8ad-25c7-4714-9337-8ba259a9fe05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"43d0d8ad-25c7-4714-9337-8ba259a9fe05\"\n },\n {\n \"properties\": {\n \"roleName\": \"Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:44.6328966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d97b98b-1d4f-4787-a291-c67834d212e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"New Relic APM Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"NewRelic.APM/accounts/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.7178576Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d28c62d-5b37-4476-8438-e587778df237\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d28c62d-5b37-4476-8438-e587778df237\"\n },\n {\n \"properties\": {\n \"roleName\": \"Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.8978856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e3af657-a8ff-443c-a75c-2fe8c4bcb635\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:47.8628684Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"acdd72a7-3385-48ef-bd42-f606fba81ae7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Redis Cache Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Redis caches, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cache/register/action\",\n \"Microsoft.Cache/redis/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.0528671Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e0f68234-74aa-48ed-b826-c38b57376e17\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader and Data Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/ListAccountSas/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-27T23:20:46.1498906Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.2278951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c12c1c16-33a1-487b-954d-41c89c60f349\"\n },\n {\n \"properties\": {\n \"roleName\": \"Resource Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/policyassignments/*\",\n \"Microsoft.Authorization/policydefinitions/*\",\n \"Microsoft.Authorization/policyexemptions/*\",\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/policysetdefinitions/*\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-08-25T19:08:01.3861639Z\",\n \"updatedOn\": \"2025-03-25T15:25:05.1731507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36243c78-bf99-498c-9df9-86d9f8d28608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36243c78-bf99-498c-9df9-86d9f8d28608\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduler Job Collections Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Scheduler job collections, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Scheduler/jobcollections/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:49.8429293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"188a0f2f-5c9e-469b-ae67-2aa5ce574b94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Search services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Search/searchServices/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.0229309Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ca78c08-252a-4471-8644-bb5ff32d4ba0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Manager (Legacy)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is a legacy role. Please use Security Administrator instead\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/*/write\",\n \"Microsoft.ClassicNetwork/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-22T17:45:15.8986455Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.5729549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e3d13bf0-dd5a-482e-ba6b-9b8433878d10\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e3d13bf0-dd5a-482e-ba6b-9b8433878d10\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*/read\",\n \"Microsoft.IoTSecurity/*/read\",\n \"Microsoft.Support/*/read\",\n \"Microsoft.Security/iotDefenderSettings/packageDownloads/action\",\n \"Microsoft.Security/iotDefenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Security/iotSensors/downloadResetPassword/action\",\n \"Microsoft.IoTSecurity/defenderSettings/packageDownloads/action\",\n \"Microsoft.IoTSecurity/defenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Management/managementGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:48:49.0516559Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.7479015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39bc4728-0917-49c7-9d2c-d95423bc2eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39bc4728-0917-49c7-9d2c-d95423bc2eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, but not delete them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:41.1420864Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.28294Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Site Recovery service except vault creation and role assignment\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/*\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/*\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/*\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/*\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/*\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/*\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/vaults/replicationOperationStatus/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:46:17.4592776Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.4579503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6670b86e-a3f7-4917-ac9b-5d6ab1be4567\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6670b86e-a3f7-4917-ac9b-5d6ab1be4567\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you failover and failback but not perform other Site Recovery management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:47:50.1341148Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.6263418Z\",\n \"createdBy\": null,\n \"updatedBy\": \"\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494ae006-db33-4328-bf46-533a6560a3ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494ae006-db33-4328-bf46-533a6560a3ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you locate and read properties of spatial anchors in your account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:42.9271004Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.8013467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d51204f-eb77-4b1c-b86a-2ec626c49413\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d51204f-eb77-4b1c-b86a-2ec626c49413\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Site Recovery status but not perform other management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/read\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:35:40.0093634Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.9763366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dbaa88c4-0c30-4179-9fb3-46319faa6149\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dbaa88c4-0c30-4179-9fb3-46319faa6149\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/delete\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:43.5489832Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.166325Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/70bbe301-9835-447d-afdd-19eb3167307c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"70bbe301-9835-447d-afdd-19eb3167307c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Managed Instance Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/*\",\n \"Microsoft.Network/routeTables/*\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/locations/instanceFailoverGroups/*\",\n \"Microsoft.Sql/managedInstances/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/*\",\n \"Microsoft.Network/virtualNetworks/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-10T22:57:14.2937983Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.3513507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/databases/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/write\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/action\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.5363219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Security Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the security-related policies of SQL servers and databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/administratorAzureAsyncOperation/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/read\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/write\",\n \"Microsoft.Sql/locations/serverConfigurationOptionAzureAsyncOperation/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/read\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/servers/databases/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/firewallRules/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/*\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*\",\n \"Microsoft.Security/sqlVulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/administrators/read\",\n \"Microsoft.Sql/servers/administrators/read\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/*\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsAzureAsyncOperation/read\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsOperationResults/read\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-16T18:44:40.4607572Z\",\n \"updatedOn\": \"2025-10-01T18:55:10.630521Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"056cd41c-7e88-42e1-933e-88ba6a50c9c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.2363539Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"17d1049b-9a84-46fb-8f53-869881c3d3ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/write\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/delete\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-04-28T23:10:45.2206234Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:26:11.577057Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.7697481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81a9662b-bebf-436f-a333-f67b29880f12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81a9662b-bebf-436f-a333-f67b29880f12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.9397456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba92f5b4-2d11-453d-a403-e96b0029c9fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-04T07:02:58.2775257Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.1225062Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7e6dc6d-f1e8-4753-8033-0f276bb0955b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.2975076Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.4725469Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/974c5e8b-45b9-4653-ba55-5f855dd0fb88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"974c5e8b-45b9-4653-ba55-5f855dd0fb88\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Processor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for peek, receive, and delete access to Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:27:04.8947111Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.6575408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a0f0c08-91a1-4084-bc3d-661d67233fed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a0f0c08-91a1-4084-bc3d-661d67233fed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for sending of Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:28:34.7459724Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.8325508Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.0178497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19e7f393-937e-4f77-808e-94535e297925\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19e7f393-937e-4f77-808e-94535e297925\"\n },\n {\n \"properties\": {\n \"roleName\": \"Support Request Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create and manage Support requests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-06-22T22:25:37.8053068Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.7444481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Traffic Manager Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Traffic Manager profiles, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/trafficManagerProfiles/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.2744497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"User Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage user access to Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.7932023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/virtualMachineScaleSets/*\",\n \"Microsoft.Compute/cloudServices/*\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/hostgroups/write\",\n \"Microsoft.Compute/hostgroups/hosts/write\",\n \"Microsoft.DevTestLab/schedules/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/applicationGateways/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/loadBalancers/probes/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/locations/*\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/write\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SerialConsole/serialPorts/connect/action\",\n \"Microsoft.SqlVirtualMachine/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2025-02-06T01:34:42.8731411Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9980e02c-c2be-4d73-94e8-173b1dc7cf3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web Plan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the web plans for websites, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/hostingEnvironments/Join/Action\",\n \"Microsoft.Insights/autoscalesettings/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-09-05T15:10:54.6819807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Website Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage websites (not web plans), but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/listSitesAssignedToHostName/read\",\n \"Microsoft.Web/register/action\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-05-12T23:10:23.6193952Z\",\n \"updatedOn\": \"2024-08-05T15:09:29.7130534Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de139f84-1756-47ae-9be6-808fbbe84772\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:33:36.7445745Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.2005807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"090c5cfd-751d-490a-894a-3ce6f1109419\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:34:29.8656362Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.3721538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f526a384-b230-433a-b45c-95f59c4a2dec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read write or delete the attestation provider instance\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-19T00:24:09.3354177Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.7271218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and modify HDInsight cluster configurations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/*/read\",\n \"Microsoft.HDInsight/clusters/getGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/updateGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/configurations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-20T00:03:01.7110732Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.905218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61ed4efc-fab3-44fd-b111-e24485cc132a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [\n \"Microsoft.DocumentDB/databaseAccounts/copyJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/dataTransferJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/regenerateKey/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-26T17:01:17.0169383Z\",\n \"updatedOn\": \"2025-06-06T07:02:41.174245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/230815da-be43-4aae-9cb4-875f7bd000aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"230815da-be43-4aae-9cb4-875f7bd000aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete, and re-onboard Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T21:39:32.3132923Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.2548257Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48b40c6e-82e0-4eb3-90d5-19e40f49b624\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48b40c6e-82e0-4eb3-90d5-19e40f49b624\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard new Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T22:36:28.1873756Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.4308999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/consumergroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:25:21.1056666Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.3225169Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a638d3c7-ab3a-418d-83e6-5f17a39d4fde\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:26:12.4673714Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.4925583Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2b629674-e913-4c01-ae53-ef4638d8f975\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for receive access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:01.6343849Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.6629685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:46.7046934Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.8479199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure File Share over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:19:31.8620471Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.3642909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aba4ae5f-2193-4029-9191-0cb91df5e314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aba4ae5f-2193-4029-9191-0cb91df5e314\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:54:35.483431Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.5443323Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Private DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage private DNS zone resources, but not the virtual networks they are linked to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/privateDnsZones/*\",\n \"Microsoft.Network/privateDnsOperationResults/*\",\n \"Microsoft.Network/privateDnsOperationStatuses/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-10T19:31:15.5645518Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.7342851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b12aa53e-6015-4669-85d0-8515ebb3ae7f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key which can be used to sign SAS tokens\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-23T00:51:16.3376761Z\",\n \"updatedOn\": \"2021-11-11T20:14:05.4321714Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db58b8e5-c6ad-4a2a-8342-4190687cbf4a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db58b8e5-c6ad-4a2a-8342-4190687cbf4a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to use the applications in an application group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DesktopVirtualization/applicationGroups/useApplications/action\",\n \"Microsoft.DesktopVirtualization/appAttachPackages/useApplications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T00:29:03.8727621Z\",\n \"updatedOn\": \"2023-06-15T23:55:51.3849931Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Elevated Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T01:35:36.9935457Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.1571744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7264617-510b-434b-a828-9731dc254ea7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7264617-510b-434b-a828-9731dc254ea7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage blueprint definitions, but not assign them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprints/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:55:16.9683949Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.5171828Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41077137-e803-4205-871c-5a86e6a753b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41077137-e803-4205-871c-5a86e6a753b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can assign existing published blueprints, but cannot create new blueprints. NOTE: this only works if the assignment is done with a user-assigned managed identity.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprintAssignments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:56:48.7897875Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.6971401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/437d2ced-4a38-4302-8479-ed2bcb43d090\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"437d2ced-4a38-4302-8479-ed2bcb43d090\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:39:03.8725173Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ab8e14d6-4a74-4a29-9ba8-549422addade\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ab8e14d6-4a74-4a29-9ba8-549422addade\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Responder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:54:07.6467264Z\",\n \"updatedOn\": \"2024-04-03T15:49:45.0145489Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e150937-b8fe-4cfb-8069-0eaf05ecd056\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e150937-b8fe-4cfb-8069-0eaf05ecd056\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/templateSpecs/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:58:50.1132117Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d289c81-5878-46d4-8554-54e1e3d8b5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d289c81-5878-46d4-8554-54e1e3d8b5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Insights Data Writer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to resource policies and write access to resource component policy events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyassignments/read\",\n \"Microsoft.Authorization/policydefinitions/read\",\n \"Microsoft.Authorization/policyexemptions/read\",\n \"Microsoft.Authorization/policysetdefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.PolicyInsights/checkDataPolicyCompliance/action\",\n \"Microsoft.PolicyInsights/policyEvents/logDataEvents/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-19T19:35:20.9504127Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.4235132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66bb4e9e-b016-4a94-8249-4c0511c2be84\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66bb4e9e-b016-4a94-8249-4c0511c2be84\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR AccessKey Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read SignalR Service Access Keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*/read\",\n \"Microsoft.SignalRService/SignalR/listkeys/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:33:19.6236874Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.613486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04165923-9d83-45d5-8227-78b77b0a687e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04165923-9d83-45d5-8227-78b77b0a687e\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR/Web PubSub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete SignalR service resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:58:09.0009662Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.7884765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/write\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/delete\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.HybridCompute/machines/addExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:15:07.137287Z\",\n \"updatedOn\": \"2025-04-24T23:16:22.0803758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Services Registration assignment Delete Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedServices/registrationAssignments/read\",\n \"Microsoft.ManagedServices/registrationAssignments/delete\",\n \"Microsoft.ManagedServices/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T22:33:33.1183469Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.23364Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91c1777a-f3dc-4fae-b103-61d183457e46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91c1777a-f3dc-4fae-b103-61d183457e46\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\",\n \"Microsoft.AppConfiguration/configurationStores/*/write\",\n \"Microsoft.AppConfiguration/configurationStores/*/delete\",\n \"Microsoft.AppConfiguration/configurationStores/*/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/useSasAuth/action\"\n ]\n }\n ],\n \"createdOn\": \"2019-10-25T18:41:40.1185063Z\",\n \"updatedOn\": \"2024-10-25T19:38:13.5062377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-25T18:45:33.7975332Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.5885341Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"516239f1-63e1-4d78-a4de-a74fb236a071\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Cluster - Azure Arc Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role definition to authorize any user/service to create connectedClusters resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-11-18T17:00:02.2087147Z\",\n \"updatedOn\": \"2024-10-31T01:30:51.0732973Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34e09817-6cbe-4d01-b1a2-e0eac5743d41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34e09817-6cbe-4d01-b1a2-e0eac5743d41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-13T00:08:08.6679591Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.6454147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a22b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a22b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you read and test a KB only.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:26:12.3329439Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.8254033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"466ccd10-b268-4a11-b098-b4849f024126\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you create, edit, import and export a KB. You cannot publish or delete a KB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:27:30.6434556Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.9961559Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4cc2bf9-21be-47a1-bdf1-5c5804381025\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experimentadmin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-18T22:46:33.1116612Z\",\n \"updatedOn\": \"2021-11-11T20:14:15.1811577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a33b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a33b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:15:31.3450348Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.7621737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3df8b902-2a6f-47c7-8cc5-360e9b272a7e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3df8b902-2a6f-47c7-8cc5-360e9b272a7e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Client\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:32:52.7069824Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.9421512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d39065c4-c120-43c9-ab0a-63eed9795f0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d39065c4-c120-43c9-ab0a-63eed9795f0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating managed application resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/*\",\n \"Microsoft.Solutions/register/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-08T03:39:11.8933879Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.1271536Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/641177b8-a67a-45b9-a033-47bc880bb21e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"641177b8-a67a-45b9-a033-47bc880bb21e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Assessment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you push assessments to Security Center\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-13T08:23:47.7656161Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.3021974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/612c2aa1-cb24-443b-ac28-3ab7272de6f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"612c2aa1-cb24-443b-ac28-3ab7272de6f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tag Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage tags on entities, without providing access to the entities themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/tags/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-18T23:19:19.2977644Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.0172041Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a9ae827-6dc8-4573-8ac7-8239d42aa03f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows developers to create and update workflows, integration accounts and API connections in integration service environments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/read\",\n \"Microsoft.Logic/integrationServiceEnvironments/*/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:09:00.5627875Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.1871986Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage integration service environments, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:10:44.4008319Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.3622058Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a41e2c5b-bd99-4a07-88f4-9bf657a760b8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerService/locations/*\",\n \"Microsoft.ContainerService/managedClusters/*\",\n \"Microsoft.ContainerService/managedclustersnapshots/*\",\n \"Microsoft.ContainerService/snapshots/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/deploymentSafeguards/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-27T19:27:15.073997Z\",\n \"updatedOn\": \"2025-07-22T15:11:45.9409312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only role for Digital Twins data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/read\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/read\",\n \"Microsoft.DigitalTwins/eventroutes/read\",\n \"Microsoft.DigitalTwins/jobs/import/read\",\n \"Microsoft.DigitalTwins/jobs/imports/read\",\n \"Microsoft.DigitalTwins/jobs/deletions/read\",\n \"Microsoft.DigitalTwins/models/read\",\n \"Microsoft.DigitalTwins/query/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:48:14.7057381Z\",\n \"updatedOn\": \"2024-01-10T19:29:11.1291888Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d57506d4-4c8d-48b1-8587-93c323f6a5a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d57506d4-4c8d-48b1-8587-93c323f6a5a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access role for Digital Twins data-plane\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/*\",\n \"Microsoft.DigitalTwins/digitaltwins/commands/*\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/*\",\n \"Microsoft.DigitalTwins/eventroutes/*\",\n \"Microsoft.DigitalTwins/jobs/*\",\n \"Microsoft.DigitalTwins/models/*\",\n \"Microsoft.DigitalTwins/query/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:49:33.782193Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcd981a7-7f74-457b-83e1-cceb9e632ffe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hierarchy Settings Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to edit and delete Hierarchy Settings\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/settings/write\",\n \"Microsoft.Management/managementGroups/settings/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-13T23:55:11.0212387Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.0882347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/350f8d15-c687-4448-8ae1-157740a3936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"350f8d15-c687-4448-8ae1-157740a3936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal full access to FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/*\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-03-17T18:35:04.4949547Z\",\n \"updatedOn\": \"2023-08-18T22:59:42.5066274Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a1fc7df-4bf1-4951-a576-89034ee01acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and export FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:45:01.9764073Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.7992557Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3db33094-8700-4567-8da5-1501d4e7e843\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:49:04.8353499Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.9692275Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c8d0bbc-75d3-4935-991f-5f3c56d81508\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and write FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:55:35.2413335Z\",\n \"updatedOn\": \"2023-07-25T15:17:34.7618105Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f88fce4-5892-4214-ae73-ba5294559913\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-25T18:05:14.8375678Z\",\n \"updatedOn\": \"2021-11-11T20:14:24.504239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for Azure Object Understanding.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-04-22T19:15:09.0697923Z\",\n \"updatedOn\": \"2021-11-11T20:14:26.8743132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dd61c23-6743-42fe-a388-d8bdd41cb745\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dd61c23-6743-42fe-a388-d8bdd41cb745\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read, write, and delete access to map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\",\n \"Microsoft.Maps/accounts/*/write\",\n \"Microsoft.Maps/accounts/*/delete\",\n \"Microsoft.Maps/accounts/*/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-07T20:55:05.064541Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.3092598Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the ability to view, create, edit, or delete projects.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-08T23:47:07.0779345Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.8342655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Publish, unpublish or export models. Deployment can view the project but can’t update.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/classify/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/detect/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:31:05.952862Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.0142669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c4089e1-6d96-4d2f-b296-c1bc7137275f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can’t update anything other than training images and tags.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:33:20.8278896Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.1892871Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88424f51-ebe7-446f-bc41-7fa16989e96c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only actions in the project. Readers can’t create or update the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:34:18.5328818Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.3642707Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"93586559-c37d-4a6b-ba08-b9f0940c2d73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Trainer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can’t create or delete the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:35:13.8147804Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.5442713Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. Cannot manage key vault resources or manage role assignments. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:46.2349235Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.2542755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00482a5a-887f-4fb3-b363-3b7fe8e74483\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00482a5a-887f-4fb3-b363-3b7fe8e74483\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform cryptographic operations using keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/update/action\",\n \"Microsoft.KeyVault/vaults/keys/backup/action\",\n \"Microsoft.KeyVault/vaults/keys/encrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/decrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\",\n \"Microsoft.KeyVault/vaults/keys/sign/action\",\n \"Microsoft.KeyVault/vaults/keys/verify/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0699268Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.6042921Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12338af0-0e69-4776-bea7-57ae8d297424\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12338af0-0e69-4776-bea7-57ae8d297424\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the secrets of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.1449242Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.779347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b86a8fe4-44ce-4948-aee5-eccb2c155cd7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b86a8fe4-44ce-4948-aee5-eccb2c155cd7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read secret contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2049241Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.9542829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4633458b-17de-408a-b874-0445c86b69e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4633458b-17de-408a-b874-0445c86b69e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificates Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the certificates of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificatecas/*\",\n \"Microsoft.KeyVault/vaults/certificates/*\",\n \"Microsoft.KeyVault/vaults/certificatecontacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2499247Z\",\n \"updatedOn\": \"2023-06-09T18:51:51.8587772Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4417e6f-fecd-4de8-b567-7b0420556985\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4417e6f-fecd-4de8-b567-7b0420556985\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of key vaults and its certificates, keys, and secrets. Cannot read sensitive values such as secret contents or key material. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2949294Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.3043292Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21090545-7ca7-4776-b22c-e363652d74d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21090545-7ca7-4776-b22c-e363652d74d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Encryption User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-20T20:55:19.239847Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.8443056Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e147488a-f6f5-4113-8e2d-b22465e65bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e147488a-f6f5-4113-8e2d-b22465e65bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources in cluster/namespace, except secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/read\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/read\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/read\",\n \"Microsoft.Kubernetes/connectedClusters/pods/read\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/read\",\n \"Microsoft.Kubernetes/connectedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:51:12.8801199Z\",\n \"updatedOn\": \"2021-11-11T20:14:33.8193353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63f0a09d-1495-4db4-a681-037d84835eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63f0a09d-1495-4db4-a681-037d84835eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:53:50.6749823Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.0043462Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b999177-9696-4545-85c7-50de3797e5a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b999177-9696-4545-85c7-50de3797e5a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:55:30.9910462Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.1743694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8393591c-06b9-48a2-a542-1bd6b377f6a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8393591c-06b9-48a2-a542-1bd6b377f6a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:57:06.0391177Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.3593384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dffb1e0c-446f-4dde-a09f-99eb5cc68b96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dffb1e0c-446f-4dde-a09f-99eb5cc68b96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:47:24.4071415Z\",\n \"updatedOn\": \"2022-10-13T01:31:35.5535817Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.ContainerService/managedClusters/resourcequotas/write\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/delete\",\n \"Microsoft.ContainerService/managedClusters/namespaces/write\",\n \"Microsoft.ContainerService/managedClusters/namespaces/delete\"\n ]\n }\n ],\n \"createdOn\": \"2020-07-02T17:50:30.4020311Z\",\n \"updatedOn\": \"2023-05-09T19:55:25.9025082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3498e952-d568-435e-9b2c-8d77e338d7f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3498e952-d568-435e-9b2c-8d77e338d7f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/read\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/read\",\n \"Microsoft.ContainerService/managedClusters/configmaps/read\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/endpoints/read\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/managedClusters/pods/read\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/read\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/read\",\n \"Microsoft.ContainerService/managedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:53:05.5728294Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.286456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f6c6a51-bcf8-42ba-9220-52d62157d7db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f6c6a51-bcf8-42ba-9220-52d62157d7db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/*\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/*\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/read\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/write\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/delete\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/*\",\n \"Microsoft.ContainerService/managedClusters/configmaps/*\",\n \"Microsoft.ContainerService/managedClusters/endpoints/*\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/managedClusters/pods/*\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/*\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/secrets/*\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/*\",\n \"Microsoft.ContainerService/managedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:54:51.9644983Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.2854555Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Services Hub Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.ServicesHub/connectors/write\",\n \"Microsoft.ServicesHub/connectors/read\",\n \"Microsoft.ServicesHub/connectors/delete\",\n \"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action\",\n \"Microsoft.ServicesHub/supportOfferingEntitlement/read\",\n \"Microsoft.ServicesHub/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-20T17:57:22.0644902Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.5544021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"82200a5b-e217-47a5-b665-6d8765ee745b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object understanding account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-23T19:16:31.9929119Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.9070085Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18777c0-1514-4662-8490-608db7d334b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18777c0-1514-4662-8490-608db7d334b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/clientToken/action\",\n \"Microsoft.SignalRService/SignalR/hub/*\",\n \"Microsoft.SignalRService/SignalR/group/*\",\n \"Microsoft.SignalRService/SignalR/clientConnection/*\",\n \"Microsoft.SignalRService/SignalR/user/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T09:35:32.2764751Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd53cd77-2268-407a-8f46-7e7863d0f521\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd53cd77-2268-407a-8f46-7e7863d0f521\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage data packages of a collaborative.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/locations/dataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/receivedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/rejectDataPackage/action\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/sharedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/dataModels/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/auditLogs/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-14T11:58:31.8973556Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.2428145Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/daa9e50b-21df-454c-94a6-a8050adab352\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"daa9e50b-21df-454c-94a6-a8050adab352\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management and content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:40:19.237361Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.7922672Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management and content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:56:22.352051Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.9672678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/02ca0879-e8e4-47a5-a61e-5c618b76e64a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"02ca0879-e8e4-47a5-a61e-5c618b76e64a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:58:18.42555Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.1433368Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0378884a-3af5-44ab-8323-f5b22f9f3c98\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0378884a-3af5-44ab-8323-f5b22f9f3c98\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:02:43.3299181Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.6754856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the system level configuration.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-10T07:46:47.5804491Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.6930781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cb43c632-a144-4ec5-977c-e80c4affc34a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-10T07:47:59.6195639Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.8780761Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b20f47b-3825-43cb-8114-4bd2201156a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and list Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:31:38.027274Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:48:26.6032931Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5dffeca3-4936-4216-b2bc-10343a5abb25\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/list/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/search/action\",\n \"Microsoft.AgFoodPlatform/*/download/action\",\n \"Microsoft.AgFoodPlatform/*/overlap/action\",\n \"Microsoft.AgFoodPlatform/*/checkConsent/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:08.913882Z\",\n \"updatedOn\": \"2022-12-13T16:08:52.9655626Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/write\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/farmers/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.7239169Z\",\n \"updatedOn\": \"2023-12-01T07:52:03.4961232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8508508a-4469-4e45-963b-2518ee0bb728\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides admin access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.8039209Z\",\n \"updatedOn\": \"2021-11-11T20:14:45.3613128Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f8da80de-1ff9-4747-ad80-a19b7f6079e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed HSM contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage managed HSM pools, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/managedHSMs/*\",\n \"Microsoft.KeyVault/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/purge/action\",\n \"Microsoft.KeyVault/locations/managedHsmOperationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-16T21:47:01.1291104Z\",\n \"updatedOn\": \"2022-03-08T00:35:44.4196909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18500a29-7fe2-46b2-a342-b16a415e101d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-01T08:55:21.3980274Z\",\n \"updatedOn\": \"2021-11-11T20:14:47.547135Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b555d9b-b4a7-4f43-b330-627f0e5be8f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b555d9b-b4a7-4f43-b330-627f0e5be8f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/group/read\",\n \"Microsoft.SignalRService/SignalR/clientConnection/read\",\n \"Microsoft.SignalRService/SignalR/user/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:19:05.6463616Z\",\n \"updatedOn\": \"2021-11-11T20:14:48.790297Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddde6b66-c0df-4114-a159-3618637b3035\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddde6b66-c0df-4114-a159-3618637b3035\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:20:32.150141Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e4f1700-ea5a-4f59-8f37-079cfe29dce3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e4f1700-ea5a-4f59-8f37-079cfe29dce3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reservation Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase reservations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Compute/register/action\",\n \"Microsoft.Consumption/register/action\",\n \"Microsoft.Consumption/reservationRecommendationDetails/read\",\n \"Microsoft.Consumption/reservationRecommendations/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SQL/register/action\",\n \"Microsoft.Support/supporttickets/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-23T20:22:48.9217751Z\",\n \"updatedOn\": \"2022-04-14T02:20:54.5414624Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7b75c60-3036-4b75-91c3-6b41c27c1689\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7b75c60-3036-4b75-91c3-6b41c27c1689\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Metrics Writer (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you write metrics to AzureML workspace\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/metrics/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-27T16:55:19.566495Z\",\n \"updatedOn\": \"2021-11-11T20:14:49.8655015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"635dd51f-9968-44d3-b7fb-6d9a6bd613ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform backup and restore operations using Azure Backup on the storage account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/operations/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/delete\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/write\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/restorePointMarkers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/restoreBlobRanges/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-02T23:32:50.4203469Z\",\n \"updatedOn\": \"2022-04-20T05:50:13.0184092Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Metric Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creation, writes and reads to the metric set via the metrics service APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-10T20:07:53.7535885Z\",\n \"updatedOn\": \"2021-11-11T20:14:50.9524177Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6188b7c9-7d01-4f99-a59f-c88b630326c0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6188b7c9-7d01-4f99-a59f-c88b630326c0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Curator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\",\n \"Microsoft.ProjectBabylon/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:31:33.7988825Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.4929515Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9ef4ef9c-a049-46b0-82ab-dd8ac094c889\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9ef4ef9c-a049-46b0-82ab-dd8ac094c889\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:33:13.5342351Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.6729667Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d896ba-346d-4f50-bc1d-7d1c84130446\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d896ba-346d-4f50-bc1d-7d1c84130446\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Source Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/scan/read\",\n \"Microsoft.ProjectBabylon/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:34:01.8401954Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.8529643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05b7651b-dc44-475e-b74d-df3db49fae0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05b7651b-dc44-475e-b74d-df3db49fae0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-03T23:26:00.2784962Z\",\n \"updatedOn\": \"2021-11-11T20:14:52.9432015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca6382a4-1721-4bcf-a114-ff0c70227b6b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca6382a4-1721-4bcf-a114-ff0c70227b6b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:36:19.0140629Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.0407838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49a72310-ab8d-41df-bbb0-79b649203868\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49a72310-ab8d-41df-bbb0-79b649203868\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:37:16.2910337Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.2107872Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/082f0a83-3be5-4ba1-904c-961cca79b387\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"082f0a83-3be5-4ba1-904c-961cca79b387\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/*\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:38:29.6089216Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.3907854Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21efdde3-836f-432b-bf3d-3e8e734d4b2b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21efdde3-836f-432b-bf3d-3e8e734d4b2b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User Session Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization User Session.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:16.9100273Z\",\n \"updatedOn\": \"2024-10-31T14:20:50.9460757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Session Host Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization Session Host.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:53.2569741Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.7508042Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ad6aaab-ead9-4eaa-8ac5-da422f562408\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ad6aaab-ead9-4eaa-8ac5-da422f562408\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:33.1430834Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.9257967Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ceadfde2-b300-400a-ab7b-6143895aa822\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ceadfde2-b300-400a-ab7b-6143895aa822\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:57.2976187Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.1057701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e307426c-f9b6-4e81-87de-d99efb3c32bc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e307426c-f9b6-4e81-87de-d99efb3c32bc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:18.0287398Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.2858006Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:38.6205531Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.4677136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86240b0e-9422-4c43-887b-b61143f32ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86240b0e-9422-4c43-887b-b61143f32ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:58.1892707Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.6577168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T07:39:03.8394514Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.0178737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk restore.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:31.8481619Z\",\n \"updatedOn\": \"2025-08-21T09:27:36.8531131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b50d9833-a0cb-478e-945f-707fcc997c13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b50d9833-a0cb-478e-945f-707fcc997c13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to manage disk snapshots.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:51.4471411Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.9158814Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7efff54f-a5b4-42b5-a1c5-5411624893ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7efff54f-a5b4-42b5-a1c5-5411624893ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Kubernetes connected cluster role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Kubernetes connected cluster role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.Kubernetes/connectedClusters/write\",\n \"Microsoft.Kubernetes/connectedClusters/delete\",\n \"Microsoft.Kubernetes/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-07T23:57:10.9923232Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.2039838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5548b2cf-c94c-4228-90ba-30851930a12f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5548b2cf-c94c-4228-90ba-30851930a12f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submission Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create and manage submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/adminview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/analystview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/publicview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T09:35:36.5739297Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.3939604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a37b566d-3efa-4beb-a2f2-698963fa42ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a37b566d-3efa-4beb-a2f2-698963fa42ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/platforms/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/write\",\n \"Microsoft.SecurityDetonation/chambers/platforms/delete\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/write\",\n \"Microsoft.SecurityDetonation/chambers/workflows/delete\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/write\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/delete\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/cancel/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T11:43:14.0858184Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.5639749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/352470b3-6a9c-4686-b503-35deb827e500\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"352470b3-6a9c-4686-b503-35deb827e500\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Runtime Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage resources created by AICS at runtime\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/derivedModels/*\",\n \"Microsoft.IndustryDataLifecycle/pipelineSets/*\",\n \"Microsoft.IndustryDataLifecycle/modelMappings/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-19T10:00:27.3464971Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.7442136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a6f0e70-c033-4fb1-828c-08514e5f4102\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a6f0e70-c033-4fb1-828c-08514e5f4102\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosRestoreOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform restore action for Cosmos DB database account with continuous backup mode\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/restore/action\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/*/read\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-21T19:51:35.3884884Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.4892686Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5432c526-bc82-444a-b7ba-57c5b0b5b34f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5432c526-bc82-444a-b7ba-57c5b0b5b34f\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Converter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to convert data from legacy format to FHIR\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-22T19:39:01.1601069Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.8605937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1705bd2-3a8f-45a5-8683-466fcfd5cc24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create quota requests, get quota request status, and create support tickets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/read\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/write\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimitsRequests/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Quota/usages/read\",\n \"Microsoft.Quota/quotas/read\",\n \"Microsoft.Quota/quotas/write\",\n \"Microsoft.Quota/quotaRequests/read\",\n \"Microsoft.Quota/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-03T00:06:35.8404575Z\",\n \"updatedOn\": \"2022-12-07T21:46:59.0116853Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e5f05e5-9ab9-446b-b98d-1e2157c94125\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e5f05e5-9ab9-446b-b98d-1e2157c94125\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-08T18:46:18.8999557Z\",\n \"updatedOn\": \"2021-11-11T20:15:01.6867802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e241071-0855-49ea-94dc-649edcd759de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to query submission info and files from Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-01T14:06:46.2814905Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.327409Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28241645-39f8-410b-ad48-87863e2951d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28241645-39f8-410b-ad48-87863e2951d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:20:47.0279813Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.5006082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a167cdf-cb95-4554-9203-2347fe489bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a167cdf-cb95-4554-9203-2347fe489bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:42:02.0014737Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.6855873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\"\n },\n {\n \"properties\": {\n \"roleName\": \"WorkloadBuilder Migration Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"WorkloadBuilder Migration Agent Role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WorkloadBuilder/migrationAgents/Read\",\n \"Microsoft.WorkloadBuilder/migrationAgents/Write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-11T17:07:20.0828003Z\",\n \"updatedOn\": \"2021-11-11T20:15:04.2456706Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d17ce0a2-0697-43bc-aac5-9113337ab61c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d17ce0a2-0697-43bc-aac5-9113337ab61c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-25T11:12:12.678601Z\",\n \"updatedOn\": \"2021-11-11T20:15:05.3368606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5537268-8956-4941-a8f0-646150406f0c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5537268-8956-4941-a8f0-646150406f0c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:49.7826633Z\",\n \"updatedOn\": \"2024-04-12T06:28:35.0285254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e75ca1e-0464-4b4d-8b93-68208a576181\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Recognizer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/detect/action\",\n \"Microsoft.CognitiveServices/accounts/Face/verify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/identify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/group/action\",\n \"Microsoft.CognitiveServices/accounts/Face/findsimilars/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/read\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-31T01:51:41.3557295Z\",\n \"updatedOn\": \"2023-11-10T00:42:33.8288289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9894cab4-e18a-44aa-828b-cb588cd6f2d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Query Tester\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform query testing without creating a stream analytics job first\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/locations/TestQuery/action\",\n \"Microsoft.StreamAnalytics/locations/OperationResults/read\",\n \"Microsoft.StreamAnalytics/locations/SampleInput/action\",\n \"Microsoft.StreamAnalytics/locations/CompileQuery/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T17:33:24.572787Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.0481551Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\"\n },\n {\n \"properties\": {\n \"roleName\": \"AnyBuild Builder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AnyBuild/clusters/build/write\",\n \"Microsoft.AnyBuild/clusters/build/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T22:07:00.4963853Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.4254134Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2138dac-4907-4679-a376-736901ed8ad8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2138dac-4907-4679-a376-736901ed8ad8\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to IoT Hub data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*/read\",\n \"Microsoft.Devices/IotHubs/fileUpload/notifications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T18:03:29.8843192Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.6054154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b447c946-2db7-41ec-983d-d8bf3b1c77e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b447c946-2db7-41ec-983d-d8bf3b1c77e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Twin Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to all IoT Hub device and module twins.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/twins/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:10.1136903Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.7855063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494bdba2-168f-4f31-a0a1-191d2f7c028c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494bdba2-168f-4f31-a0a1-191d2f7c028c\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub device registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/devices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:47.5532704Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.9804295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ea46cd5-c1b2-4a8e-910b-273211f9ce47\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ea46cd5-c1b2-4a8e-910b-273211f9ce47\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:37:16.9927761Z\",\n \"updatedOn\": \"2021-11-11T20:15:09.1754206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fc6c259-987e-4a07-842e-c321cc9d413f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fc6c259-987e-4a07-842e-c321cc9d413f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Test Base Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let you view and download packages and test results.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getVideoDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/getDownloadUrl/action\",\n \"Microsoft.TestBase/*/read\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/write\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-05-11T23:41:33.1038367Z\",\n \"updatedOn\": \"2021-11-11T20:15:10.8004347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/15e0f5a1-3450-4248-8e25-e2afe88a9e85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"15e0f5a1-3450-4248-8e25-e2afe88a9e85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T20:26:13.4850461Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.3604371Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1407120a-92aa-4202-b7e9-c0e197c71c8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T22:15:16.5388472Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.5504385Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ebe5a00-799e-43f5-93ac-243d3dce84a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:40:54.9150717Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.1005298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76199698-9eea-4c19-bc75-cec21354c6b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76199698-9eea-4c19-bc75-cec21354c6b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:51:59.820761Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.2854966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and search DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:58:30.1630494Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.0154948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:59:30.8659515Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.1904985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58a3b984-7adf-4c20-983a-32417c86fbc8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58a3b984-7adf-4c20-983a-32417c86fbc8\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-02T21:55:40.4847495Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6111233Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a91429-5739-47e2-a06b-3470a27159e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Pool Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-08T17:26:05.1079972Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.9154612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60fc6e62-5479-42d4-8bf4-67625fcc2840\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60fc6e62-5479-42d4-8bf4-67625fcc2840\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Data Scientist\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-14T21:51:06.0361218Z\",\n \"updatedOn\": \"2023-05-30T15:09:08.4457249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6c7c914-8db3-469d-8ca1-694a8f32e121\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage server-wide settings and manage access to resources such as organizations, users, and licenses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-15T21:32:35.380234Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/22926164-76b3-42b3-bc55-97df8dab3e41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"22926164-76b3-42b3-bc55-97df8dab3e41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected SQL Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/sqlServerInstances/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-19T23:52:15.8885739Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.1754742Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8113dce-c529-4d33-91fa-e9b972617508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8113dce-c529-4d33-91fa-e9b972617508\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:37:20.7558643Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.5454755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26baccc8-eea7-41f1-98f4-1762cc7f685d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:44:26.3023126Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.7154782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2787bf04-f1f5-4bfe-8383-c8a24483ee38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Listener\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listen access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/listen/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T18:38:03.1437496Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.9005232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26e0b698-aa6d-4085-9386-aadae190014d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View dashboards, playlists, and query data sources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:36:18.7737511Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60921a7e-fef1-4a43-9b16-a26c52ad4769\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60921a7e-fef1-4a43-9b16-a26c52ad4769\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, edit, delete, or view dashboards; create, edit, or delete folders; and edit or view playlists.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:37:32.5299593Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a79a5197-3a5c-4973-a920-486035ffd60f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a79a5197-3a5c-4973-a920-486035ffd60f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage azure automation resources and other resources using azure automation.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automation/automationAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/ActionGroups/*\",\n \"Microsoft.Insights/ActivityLogAlerts/*\",\n \"Microsoft.Insights/MetricAlerts/*\",\n \"Microsoft.Insights/ScheduledQueryRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T10:18:19.1054699Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.7304954Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f353d9bd-d4a6-484e-a77a-8050b599b867\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f353d9bd-d4a6-484e-a77a-8050b599b867\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Extension Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:47:50.6828896Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.9155393Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85cb6faf-e071-4c9b-8136-154b5a04f717\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85cb6faf-e071-4c9b-8136-154b5a04f717\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to Device Provisioning Service data-plane properties.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:53:12.1374732Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.0905503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/10745317-c249-44a1-a5ce-3a4353c0bbd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"10745317-c249-44a1-a5ce-3a4353c0bbd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Device Provisioning Service data-plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:54:03.2783227Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.2605302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce44e4-17b7-4bd1-a6d1-04996ec95633\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce44e4-17b7-4bd1-a6d1-04996ec95633\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Certificate Profile Signer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Sign files with a certificate profile. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/certificateProfiles/Sign/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-16T23:17:53.0002693Z\",\n \"updatedOn\": \"2024-04-05T05:34:02.8330268Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2837e146-70d7-4cfd-ad55-7efa6464f958\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2837e146-70d7-4cfd-ad55-7efa6464f958\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:40:17.9785063Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.9655101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cff1b556-2399-4e7e-856d-a8f754be7b65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cff1b556-2399-4e7e-856d-a8f754be7b65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\",\n \"Microsoft.AppPlatform/Spring/eurekaService/write\",\n \"Microsoft.AppPlatform/Spring/eurekaService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:42:38.9153779Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.1405497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5880b48-c26d-48be-b172-7927bfa1c8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5880b48-c26d-48be-b172-7927bfa1c8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-26T01:50:51.5123701Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.3155517Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d04c6db6-4947-4782-9e91-30a88feb7be7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d04c6db6-4947-4782-9e91-30a88feb7be7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\",\n \"Microsoft.AppPlatform/Spring/configService/write\",\n \"Microsoft.AppPlatform/Spring/configService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-06T02:30:47.861158Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.0405208Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure VM Managed identities restore Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-13T05:27:59.2180214Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.5805266Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6ae96244-5829-4925-a7d3-5975537d91dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6ae96244-5829-4925-a7d3-5975537d91dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Search and Render Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/render/read\",\n \"Microsoft.Maps/accounts/services/search/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:17:50.5178931Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.045541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6be48352-4f82-47c9-ad5e-0acacefdb005\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6be48352-4f82-47c9-ad5e-0acacefdb005\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access all Azure Maps resource management.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maps/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:19:13.1357904Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.2455414Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dba33070-676a-4fb0-87fa-064dc56ff7fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dba33070-676a-4fb0-87fa-064dc56ff7fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/*\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachineinstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:19:53.0087024Z\",\n \"updatedOn\": \"2023-08-31T13:23:35.2639121Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b748a06d-6150-4f8a-aaa9-ce3940cd96cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b748a06d-6150-4f8a-aaa9-ce3940cd96cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/join/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/Read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/clone/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/Read\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/Read\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/Read\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/allocateSpace/action\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:20:46.5105444Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Administrator role \",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all connected VMwarevSphere actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T17:12:42.6172725Z\",\n \"updatedOn\": \"2024-05-21T15:16:30.6838061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddc140ed-e463-4246-9145-7c664192013f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddc140ed-e463-4246-9145-7c664192013f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, Write, Deploy and Delete functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:28:02.96118Z\",\n \"updatedOn\": \"2021-11-11T20:15:25.4884913Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f72c8140-2111-481c-87ff-72b910f6e3f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/*/read\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action\",\n \"Microsoft.CognitiveServices/accounts/Language/generate/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:14.7643336Z\",\n \"updatedOn\": \"2023-02-28T16:09:04.1394585Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7628b7b8-a8b2-4cdc-b46f-e9b35248918e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, and Write functions under Language Portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:39.5761019Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2904465Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, Write, Deploy and Delete functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:07.6173528Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2749033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f07febfe-79bc-46b1-8b37-790e26e6e498\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under LUIS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*/read\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:31.2704834Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.2134821Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e81cdc-4e98-4e29-a639-e7d10c5a6226\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, and Write functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/delete\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:31:12.1580052Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.3934523Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6322a993-d5c9-4bed-b113-e49bbea25b27\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PlayFab/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T23:26:57.2248605Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.5784834Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9a19cc5-31f4-447c-901f-56c0bb18fcaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9a19cc5-31f4-447c-901f-56c0bb18fcaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, update, delete and execute load tests. View and list load test resources but can not make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/*\",\n \"Microsoft.LoadTestService/testProfiles/*\",\n \"Microsoft.LoadTestService/testProfileRuns/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:11:21.0936461Z\",\n \"updatedOn\": \"2025-09-29T15:12:02.8710803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749a398d-560b-491b-bb21-08924219302e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749a398d-560b-491b-bb21-08924219302e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute all operations on load test resources and load tests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:12:24.5500195Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45bb0b16-2f0c-4e78-afaa-a07599b003f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45bb0b16-2f0c-4e78-afaa-a07599b003f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contributor access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PlayFab/*/read\",\n \"Microsoft.PlayFab/*/write\",\n \"Microsoft.PlayFab/*/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T00:55:37.3326276Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.0547167Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c8b84dc-067c-4039-9615-fa1a4b77c726\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c8b84dc-067c-4039-9615-fa1a4b77c726\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View and list all load tests and load test resources but can not make any changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/readTest/action\",\n \"Microsoft.LoadTestService/testProfiles/read\",\n \"Microsoft.LoadTestService/testProfileRuns/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T06:14:08.3903105Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3ae3fb29-0000-4ccd-bf80-542e7b26e081\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3ae3fb29-0000-4ccd-bf80-542e7b26e081\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Immersive Reader User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create Immersive Reader sessions and call APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T19:52:14.4487503Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.4146975Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b2de6794-95db-4659-8781-7e080d3f2b9d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:51:03.3308981Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.7792013Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f69b8690-cc87-41d6-b77a-a4bc3c0a966f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f69b8690-cc87-41d6-b77a-a4bc3c0a966f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services reader role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:55:30.4208618Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.9592032Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Assistant\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab assistant role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:10.4295443Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.144253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce40b423-cede-4313-a93f-9b28290b72e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce40b423-cede-4313-a93f-9b28290b72e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab operator role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:41.9942935Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.3242664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a36e6959-b6be-4b12-8e9f-ef4b474d304d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a36e6959-b6be-4b12-8e9f-ef4b474d304d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/write\",\n \"Microsoft.LabServices/labs/delete\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/syncGroup/action\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:57:05.9018065Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.4992096Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5daaa2af-1fe8-407c-9122-bba179798270\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5daaa2af-1fe8-407c-9122-bba179798270\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/policyAssignments/*\",\n \"Microsoft.Authorization/policyDefinitions/*\",\n \"Microsoft.Authorization/policyExemptions/*\",\n \"Microsoft.Authorization/policySetDefinitions/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.IoTSecurity/*\",\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:51:23.0917487Z\",\n \"updatedOn\": \"2023-06-27T15:20:21.4401023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb1c8493-542b-48eb-b624-b4c8fea62acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:10:11.833518Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12cf5a90-567b-43ae-8102-96cf46c7d9b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12cf5a90-567b-43ae-8102-96cf46c7d9b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:11:12.6235436Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR App Server\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets your app server access SignalR Service with AAD auth options.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/accessKey/action\",\n \"Microsoft.SignalRService/SignalR/serverConnection/write\",\n \"Microsoft.SignalRService/SignalR/clientConnection/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T06:54:40.1201435Z\",\n \"updatedOn\": \"2021-11-16T05:19:04.8579948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/420fcaa2-552c-430f-98ca-3264be4806c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"420fcaa2-552c-430f-98ca-3264be4806c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a regular user.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.HybridCompute/machines/login/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:55:50.6185845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb879df8-f326-4884-b1cf-06f3ad86be52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb879df8-f326-4884-b1cf-06f3ad86be52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.Compute/virtualMachines/loginAsAdmin/action\",\n \"Microsoft.HybridCompute/machines/login/action\",\n \"Microsoft.HybridCompute/machines/loginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:56:53.8134295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c0163c0-47e6-4577-8991-ea5c82e286e4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c0163c0-47e6-4577-8991-ea5c82e286e4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete and re-onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/*\",\n \"Microsoft.HybridCompute/machines/runCommands/*\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/settings/*\",\n \"Microsoft.HybridCompute/gateways/*\",\n \"Microsoft.HybridCompute/privateLinkScopes/*\",\n \"Microsoft.HybridCompute/licenses/*\",\n \"Microsoft.HybridCompute/locations/*\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:24:59.1474607Z\",\n \"updatedOn\": \"2025-01-31T22:43:26.2952467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd570a14-e51a-42ad-bac8-bafd67325302\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd570a14-e51a-42ad-bac8-bafd67325302\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backup services, except removal of backup, vault creation and giving access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/accessToken/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/write\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/write\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupTriggerValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationsStatuses/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupAadProperties/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrossRegionRestore/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:21:11.894764Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2914246Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00c29273-979b-4161-815c-10b084fb9324\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00c29273-979b-4161-815c-10b084fb9324\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can save shared workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/workbooks/write\",\n \"Microsoft.Insights/workbooks/delete\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/workbooks/revisions/read\",\n \"Microsoft.Insights/workbooktemplates/write\",\n \"Microsoft.Insights/workbooktemplates/delete\",\n \"Microsoft.Insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:59:42.4820277Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8ddcd69-c73f-4f9f-9844-4100522f16ad\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8ddcd69-c73f-4f9f-9844-4100522f16ad\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.insights/workbooks/read\",\n \"microsoft.insights/workbooks/revisions/read\",\n \"microsoft.insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:56:17.680814Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b279062a-9be3-42a0-92ae-8b3cf002ec4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b279062a-9be3-42a0-92ae-8b3cf002ec4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data and update monitoring settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.Monitor/settings/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:21:08.4345976Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749f88d5-cbae-40b8-bcfc-e573ddc772fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Metrics Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables publishing metrics against Azure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Insights/Metrics/Write\",\n \"Microsoft.Insights/Telemetry/Write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-14T00:36:16.5610279Z\",\n \"updatedOn\": \"2022-01-04T00:38:04.0289073Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3913510d-42f4-4e42-8a64-420c390055eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3913510d-42f4-4e42-8a64-420c390055eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 1 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\",\n \"Microsoft.Purview/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:37:15.0123345Z\",\n \"updatedOn\": \"2022-01-04T00:43:15.6924286Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a3c2885-9b38-4fd2-9d99-91af537c1347\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a3c2885-9b38-4fd2-9d99-91af537c1347\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 2 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/scan/read\",\n \"Microsoft.Purview/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:40:05.0975648Z\",\n \"updatedOn\": \"2022-01-04T00:47:22.9678219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/200bba9e-f0c8-430f-892b-6f0794863803\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"200bba9e-f0c8-430f-892b-6f0794863803\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 3 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:39:22.234474Z\",\n \"updatedOn\": \"2022-01-04T00:48:08.2844802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff100721-1b9d-43d8-af52-42b69c1272db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff100721-1b9d-43d8-af52-42b69c1272db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to upload and manage new Autonomous Development Platform measurements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/read\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/dataStreams/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurementCollections/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/changeState/action\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/changeState/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-12-15T11:30:01.7459379Z\",\n \"updatedOn\": \"2022-09-15T17:13:47.5365709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8b15564-4fa6-4a59-ab12-03e1d9594795\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8b15564-4fa6-4a59-ab12-03e1d9594795\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:13:59.9702378Z\",\n \"updatedOn\": \"2022-01-04T13:20:26.2040404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/27f8b550-c507-4db9-86f2-f4b8e816d59d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"27f8b550-c507-4db9-86f2-f4b8e816d59d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:11:31.9843256Z\",\n \"updatedOn\": \"2022-01-04T13:21:04.3207709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d63b75f7-47ea-4f27-92ac-e0d173aaf093\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d63b75f7-47ea-4f27-92ac-e0d173aaf093\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the keys of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/*\",\n \"Microsoft.KeyVault/vaults/keyrotationpolicies/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0099249Z\",\n \"updatedOn\": \"2022-01-06T23:21:17.9760884Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/14b46e9e-c2b7-41b4-b07b-48a6ebf60603\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"14b46e9e-c2b7-41b4-b07b-48a6ebf60603\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:01:34.705363Z\",\n \"updatedOn\": \"2022-01-13T01:35:51.6463216Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49e2f5d2-7741-4835-8efa-19e1fe35e47f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49e2f5d2-7741-4835-8efa-19e1fe35e47f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:59:52.1001666Z\",\n \"updatedOn\": \"2022-01-13T01:59:19.4616366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e4237640-0e3d-4a46-8fda-70bc94856432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e4237640-0e3d-4a46-8fda-70bc94856432\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Write\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.KubernetesConfiguration/extensions/Write\",\n \"Microsoft.KubernetesConfiguration/extensions/Read\",\n \"Microsoft.KubernetesConfiguration/extensions/Delete\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Write\",\n \"Microsoft.ExtendedLocation/customLocations/Delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ResourceConnector/appliances/Read\",\n \"Microsoft.ResourceConnector/appliances/Write\",\n \"Microsoft.ResourceConnector/appliances/Delete\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.BackupSolutions/vmwareapplications/write\",\n \"Microsoft.BackupSolutions/vmwareapplications/delete\",\n \"Microsoft.BackupSolutions/vmwareapplications/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T22:18:08.4480747Z\",\n \"updatedOn\": \"2023-08-18T17:54:09.8815166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/67d33e57-3129-45e6-bb0b-7cc522f762fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"67d33e57-3129-45e6-bb0b-7cc522f762fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Automation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Logic/workflows/triggers/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Logic/workflows/runs/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/runs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-24T08:50:52.0382991Z\",\n \"updatedOn\": \"2022-01-26T09:25:00.4699337Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4c81013-99ee-4d62-a7ee-b3f1f648599a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4c81013-99ee-4d62-a7ee-b3f1f648599a\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*/read\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.097708Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"871e35f6-b5c1-49cc-a043-bde969a0f2cd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can’t create, delete or modify the data/test/model/endpoint for custom models.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read\"\n ]\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:27.4339032Z\",\n \"updatedOn\": \"2024-10-18T20:00:21.397467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2dc8367-1007-4938-bd23-fe263f013447\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows Admin Center Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let's you manage the OS of your resource via Windows Admin Center as an administrator.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/upgradeExtensions/action\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkWatchers/securityGroupView/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/listManagedProxyDetails/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/versions/read\",\n \"Microsoft.Compute/diskAccesses/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete\",\n \"Microsoft.AzureStackHCI/Operations/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Write\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HybridCompute/machines/WACLoginAsAdmin/action\",\n \"Microsoft.Compute/virtualMachines/WACloginAsAdmin/action\",\n \"Microsoft.AzureStackHCI/Clusters/WACloginAsAdmin/Action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/WACloginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-12T00:51:19.5581155Z\",\n \"updatedOn\": \"2024-01-24T16:28:56.8362682Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a6333a3e-0164-44c3-b281-7a577aff287f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a6333a3e-0164-44c3-b281-7a577aff287f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Policy Add-on Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy the Azure Policy add-on on Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/proximityPlacementGroups/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-07T20:51:48.5662807Z\",\n \"updatedOn\": \"2022-03-15T23:34:13.5188193Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ed5180-3e48-46fd-8541-4ea054d57064\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ed5180-3e48-46fd-8541-4ea054d57064\"\n },\n {\n \"properties\": {\n \"roleName\": \"Guest Configuration Resource Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, write Guest Configuration Resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-13T21:31:41.9626667Z\",\n \"updatedOn\": \"2022-02-10T19:22:44.9057916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/088ab73d-1256-47ae-bea9-9de8e7131f31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"088ab73d-1256-47ae-bea9-9de8e7131f31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Insights/DiagnosticSettings/read\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/routes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:38:46.904317Z\",\n \"updatedOn\": \"2022-06-27T17:28:30.2892869Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/361898ef-9ed1-48c2-849c-a832951106bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"361898ef-9ed1-48c2-849c-a832951106bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/Read\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/register/action\",\n \"Microsoft.AAD/unregister/action\",\n \"Microsoft.AAD/domainServices/*\",\n \"Microsoft.Network/register/action\",\n \"Microsoft.Network/unregister/action\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/delete\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:40:22.3943189Z\",\n \"updatedOn\": \"2022-06-27T17:28:31.1017906Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eeaeda52-9324-47f6-8069-5d5bade478b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eeaeda52-9324-47f6-8069-5d5bade478b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Resolver Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS resolver resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsResolvers/read\",\n \"Microsoft.Network/dnsResolvers/write\",\n \"Microsoft.Network/dnsResolvers/delete\",\n \"Microsoft.Network/dnsResolvers/join/action\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/join/action\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/read\",\n \"Microsoft.Network/dnsForwardingRulesets/write\",\n \"Microsoft.Network/dnsForwardingRulesets/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/read\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/write\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/read\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/write\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/delete\",\n \"Microsoft.Network/locations/dnsResolverOperationResults/read\",\n \"Microsoft.Network/locations/dnsResolverOperationStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-16T23:25:04.4308795Z\",\n \"updatedOn\": \"2022-03-12T01:08:44.4650132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Enabled Kubernetes Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credentials action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredentials/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-28T17:37:00.7637445Z\",\n \"updatedOn\": \"2022-02-17T02:29:05.1000798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00493d72-78f6-4148-b6c5-d3ce8e4799dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00493d72-78f6-4148-b6c5-d3ce8e4799dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to upload data to empty managed disks, read, or export data of managed disks (not attached to running VMs) and snapshots using SAS URIs and Azure AD authentication.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/disks/download/action\",\n \"Microsoft.Compute/disks/upload/action\",\n \"Microsoft.Compute/snapshots/download/action\",\n \"Microsoft.Compute/snapshots/upload/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"updatedOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/959f8984-c045-4866-89c7-12bf9737be2e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"959f8984-c045-4866-89c7-12bf9737be2e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Sensor Partner Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to manage sensor related entities in AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete\"\n ]\n }\n ],\n \"createdOn\": \"2022-03-09T09:03:53.490279Z\",\n \"updatedOn\": \"2022-10-27T07:34:00.932807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b77f0a0-0d89-41cc-acd1-579c22c17a67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Sharing Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role allows user to share gallery to another subscription/tenant or share it to the public.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-10T04:36:08.9040323Z\",\n \"updatedOn\": \"2022-03-26T00:40:55.2620635Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ef6a3be-d0ac-425d-8c01-acb62866290b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ef6a3be-d0ac-425d-8c01-acb62866290b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Patching Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/maintenanceConfigurations/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/delete\",\n \"Microsoft.Maintenance/configurationAssignments/read\",\n \"Microsoft.Maintenance/configurationAssignments/write\",\n \"Microsoft.Maintenance/configurationAssignments/delete\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/applyUpdates/read\",\n \"Microsoft.Maintenance/updates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-21T14:34:05.5308153Z\",\n \"updatedOn\": \"2025-02-27T13:35:19.3626961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd08ab90-6b14-449c-ad9a-8f8e549482c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd08ab90-6b14-449c-ad9a-8f8e549482c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Dev Box User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create and manage dev boxes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T22:42:03.2894277Z\",\n \"updatedOn\": \"2023-10-18T19:06:15.1790546Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45d50f46-0b78-4001-a660-4198cbe8cd05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45d50f46-0b78-4001-a660-4198cbe8cd05\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Project Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage project resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/write\",\n \"Microsoft.DevCenter/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/adminStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminAlign/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminAction/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T23:57:37.3708041Z\",\n \"updatedOn\": \"2025-07-23T23:00:43.7994094Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/331c37c6-af14-46d9-b9f4-e1909e1b95a0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"331c37c6-af14-46d9-b9f4-e1909e1b95a0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Local User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a local user configured on the arc server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-07T04:12:11.0327385Z\",\n \"updatedOn\": \"2022-04-16T23:03:02.5542069Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/602da2ba-a5c2-41da-b01d-5360126ab525\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"602da2ba-a5c2-41da-b01d-5360126ab525\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/virtualmachines/*\",\n \"microsoft.scvmm/virtualMachineInstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.9085842Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e582369a-e17b-42a5-b10c-874c387c530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e582369a-e17b-42a5-b10c-874c387c530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Administrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ScVmm/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a92dfd61-77f9-4aec-a531-19858b406c87\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a92dfd61-77f9-4aec-a531-19858b406c87\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/vmmservers/Read\",\n \"microsoft.scvmm/vmmservers/Write\",\n \"microsoft.scvmm/vmmservers/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-05-19T07:39:31.0563245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"microsoft.scvmm/virtualnetworks/join/action\",\n \"microsoft.scvmm/virtualnetworks/Read\",\n \"microsoft.scvmm/virtualmachinetemplates/clone/action\",\n \"microsoft.scvmm/virtualmachinetemplates/Read\",\n \"microsoft.scvmm/clouds/deploy/action\",\n \"microsoft.scvmm/clouds/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0781e91-8102-4553-8951-97c6d4243cda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0781e91-8102-4553-8951-97c6d4243cda\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Pool Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/delete\",\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.HDInsight/clusterPools/write\",\n \"Microsoft.HDInsight/clusterpools/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterpools/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/upgradehistories/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:43.7126562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7656b436-37d4-490a-a4ab-d39f838f0042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7656b436-37d4-490a-a4ab-d39f838f0042\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/clusters/delete\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/rollback/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd036e6b-1266-47a0-b0bb-a05d04831731\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd036e6b-1266-47a0-b0bb-a05d04831731\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and import FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-19T12:03:07.1913541Z\",\n \"updatedOn\": \"2022-04-21T13:19:49.7566662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4465e953-8ced-4406-a58e-0f6e3f3b530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to read cluster configurations, resize clusters and run jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.Hdinsight/clusterpools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\",\n \"Microsoft.Insights/diagnosticSettings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-26T14:14:33.8566334Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcf28286-af25-4c81-bb6f-351fcab5dbe9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcf28286-af25-4c81-bb6f-351fcab5dbe9\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Developer Portal Content Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can customize the developer portal, edit its content, and publish it.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/portalRevisions/read\",\n \"Microsoft.ApiManagement/service/portalRevisions/write\",\n \"Microsoft.ApiManagement/service/contentTypes/read\",\n \"Microsoft.ApiManagement/service/contentTypes/delete\",\n \"Microsoft.ApiManagement/service/contentTypes/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/read\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-06T21:46:28.7501982Z\",\n \"updatedOn\": \"2022-05-11T01:48:03.0899467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c031e6a8-4391-4de0-8d69-4706a7ed3729\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c031e6a8-4391-4de0-8d69-4706a7ed3729\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role that provides access to disk snapshot for security analysis.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/instanceView/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/instanceView/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-15T19:19:38.5462809Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7808068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to all resources under Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-26T12:41:01.1833837Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80dcbedb-47ef-405d-95bd-188a1b4ac406\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80dcbedb-47ef-405d-95bd-188a1b4ac406\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for control path read access to Azure Elastic SAN\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-01T07:05:04.5639037Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af6a70f8-3c9f-4105-acf1-d719e9fca4ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af6a70f8-3c9f-4105-acf1-d719e9fca4ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read\",\n \"Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/availabilitySets/vmSizes/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.Compute/locations/usages/read\",\n \"Microsoft.Compute/locations/vmSizes/read\",\n \"Microsoft.Compute/operations/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/runCommand/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/write\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read\",\n \"Microsoft.KeyVault/vaults/deploy/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.2575005Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5340758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a959dbd1-f747-45e3-8ba6-dd80f235f97c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Off Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureStackHCI/operations/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/restart/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/stop/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/eventtypes/values/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-08-15T18:24:59.2883823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40c5ff49-9181-41f8-ae61-143b0e78555e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40c5ff49-9181-41f8-ae61-143b0e78555e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-02-12T16:11:25.5904731Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/489581de-a3bd-480d-9518-53dea7416b33\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"489581de-a3bd-480d-9518-53dea7416b33\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Group Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to a volume group in Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8281131-f312-4f34-8d98-ae12be9f0d23\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8281131-f312-4f34-8d98-ae12be9f0d23\"\n },\n {\n \"properties\": {\n \"roleName\": \"Access Review Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Management/getEntities/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76cc9ee4-d5d3-4a45-a930-26add3d73475\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76cc9ee4-d5d3-4a45-a930-26add3d73475\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Identity Verifier\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage identity or business verification requests. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/IdentityVerification/Read\",\n \"Microsoft.CodeSigning/IdentityVerification/Write\",\n \"Microsoft.CodeSigning/IdentityVerification/Delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-29T07:36:35.8877235Z\",\n \"updatedOn\": \"2024-10-24T14:08:43.6479343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4339b7cf-9826-4e41-b4ed-c7f4505dac08\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4339b7cf-9826-4e41-b4ed-c7f4505dac08\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Restricted Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to view and search through all video's insights and transcription in the Video Indexer portal. No access to model customization, embedding of widget, downloading videos, or sharing the account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/*/read\",\n \"Microsoft.VideoIndexer/accounts/*/action\"\n ],\n \"notActions\": [\n \"Microsoft.VideoIndexer/*/write\",\n \"Microsoft.VideoIndexer/*/delete\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"updatedOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2c4a527-7dc0-4ee3-897b-403ade70fafb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2c4a527-7dc0-4ee3-897b-403ade70fafb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access the data in an Azure Monitor Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Monitor/accounts/data/metrics/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T15:27:32.9926129Z\",\n \"updatedOn\": \"2022-10-07T20:52:48.6545841Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b0d8363b-8ddd-447d-831f-62ca05bff136\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b0d8363b-8ddd-447d-831f-62ca05bff136\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7837694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5af6afb3-c06c-4fa4-8848-71a8aee05683\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5af6afb3-c06c-4fa4-8848-71a8aee05683\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/apps/deployments/*\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/*\",\n \"Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/*\",\n \"Microsoft.ContainerService/fleets/batch/jobs/*\",\n \"Microsoft.ContainerService/fleets/configmaps/*\",\n \"Microsoft.ContainerService/fleets/endpoints/*\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/*\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/*\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/*\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/*\",\n \"Microsoft.ContainerService/fleets/services/*\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/*\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434fb43a-c01c-447e-9f67-c3ad923cfaba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434fb43a-c01c-447e-9f67-c3ad923cfaba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63bb64ad-9799-4770-b5c3-24ed299a07bf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63bb64ad-9799-4770-b5c3-24ed299a07bf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-23T18:34:36.152431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/30b27cfc-9c84-438e-b0ce-70e35255df80\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"30b27cfc-9c84-438e-b0ce-70e35255df80\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ab4d3d-a1bf-4477-8ad9-8359bc988f69\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ab4d3d-a1bf-4477-8ad9-8359bc988f69\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to read namespace resources and retrieve kubeconfig for the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/listUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"updatedOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba79058c-0414-4a34-9e42-c3399d80cd5a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba79058c-0414-4a34-9e42-c3399d80cd5a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Labeling - Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can label data in Labeling.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/experiments/runs/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/summary/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-02T20:34:03.6536098Z\",\n \"updatedOn\": \"2022-09-08T21:01:04.9492408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6decf44-fd0a-444c-a844-d653c394e7ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6decf44-fd0a-444c-a844-d653c394e7ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Role Based Access Control Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T00:28:32.1779656Z\",\n \"updatedOn\": \"2023-11-08T20:50:17.2103449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f58310d9-a9f6-439a-9e8d-f62e7b41a168\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f58310d9-a9f6-439a-9e8d-f62e7b41a168\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Template Spec operations at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c9b6475-caf0-4164-b5a1-2142a7116f4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c9b6475-caf0-4164-b5a1-2142a7116f4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Template Specs at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/392ae280-861d-42bd-9ea5-08ee6d83b80e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"392ae280-861d-42bd-9ea5-08ee6d83b80e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Playbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Playbook Operator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Logic/workflows/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-20T17:17:53.1732035Z\",\n \"updatedOn\": \"2022-12-07T18:28:46.3977543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/51d6186e-6489-4900-b93f-92e23144cca5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"51d6186e-6489-4900-b93f-92e23144cca5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/userRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/userOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-21T23:02:10.9267534Z\",\n \"updatedOn\": \"2023-11-11T02:44:04.8360299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e40d4e-8d2e-438d-97e1-9528336e149c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e40d4e-8d2e-438d-97e1-9528336e149c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Connect Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Connect Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"updatedOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80558df3-64f9-4c0f-b32d-e5094b036b0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80558df3-64f9-4c0f-b32d-e5094b036b0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Remote Debugging Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Remote Debugging Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"updatedOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a99b0159-1064-4c22-a57b-c9b3caa1c054\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a99b0159-1064-4c22-a57b-c9b3caa1c054\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Registry User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/registries/assets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1823dd4f-9b8c-4ab6-ab4e-7397a3684615\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Compute Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/computes/*\",\n \"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/write\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/virtualNetworks/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/join/action\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aabbc5dd-1af0-458b-a942-81af88f9c138\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aabbc5dd-1af0-458b-a942-81af88f9c138\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/Operations/read\",\n \"Microsoft.Workloads/Locations/OperationStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2024-01-12T10:58:11.4343824Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05352d14-a920-4328-a0de-4cbe7430e26b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05352d14-a920-4328-a0de-4cbe7430e26b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read and write access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/write\",\n \"Microsoft.Workloads/sapVirtualInstances/*/delete\",\n \"Microsoft.Workloads/Locations/*/action\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/start/action\",\n \"Microsoft.Workloads/sapVirtualInstances/*/stop/action\",\n \"Microsoft.Workloads/connectors/*/read\",\n \"Microsoft.Workloads/connectors/*/write\",\n \"Microsoft.Workloads/connectors/*/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/*/generateKeyPair/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-04T17:14:14.5212968Z\",\n \"updatedOn\": \"2023-06-21T15:30:31.2294248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"AppGw for Containers Configuration Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access and configuration updates to Application Gateway for Containers resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/delete\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-06T03:15:51.8980834Z\",\n \"updatedOn\": \"2024-10-29T15:24:36.1024666Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbc52c3f-28ad-4303-a892-8a056630b8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbc52c3f-28ad-4303-a892-8a056630b8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR SMART User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user to access FHIR Service according to SMART on FHIR specification\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T17:20:25.4418773Z\",\n \"updatedOn\": \"2022-12-07T20:30:43.3899302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ba50f17-9666-485c-a643-ff00808643f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ba50f17-9666-485c-a643-ff00808643f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access including the ability to fine-tune, deploy and generate text\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/read\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/write\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/delete\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/read\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/write\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/delete\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2023-08-25T21:51:58.6134163Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a001fd3d-188f-4b5d-821b-7da978bf7442\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Ability to view files, models, deployments. Readers can't make any changes They can inference and create images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*/read\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/delete\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/assistants/*\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/responses/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read\"\n ]\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2025-04-28T15:13:50.0338628Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact Reporter role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact write access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*\",\n \"Microsoft.Impact/ImpactCategories/read\",\n \"Microsoft.Impact/TopologyImpacts/*\",\n \"Microsoft.Impact/getUploadToken/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:34:10.0140145Z\",\n \"updatedOn\": \"2025-09-26T15:39:14.9829777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Impact Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to reported impacts and impact categories\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/read\",\n \"Microsoft.Impact/ImpactCategories/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:49:23.8706555Z\",\n \"updatedOn\": \"2022-11-14T16:02:29.4536312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Monitoring User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster monitoring user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-02-06T16:01:22.3399796Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1afdec4b-e479-420e-99e7-f82237c7c5e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1afdec4b-e479-420e-99e7-f82237c7c5e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"ContainerApp Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all containerapp resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-01-02T16:08:35.1119461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EdgeMarketplace/locations/operationStatuses/read\",\n \"Microsoft.EdgeMarketPlace/offers/getAccessToken/action\",\n \"Microsoft.EdgeMarketPlace/offers/generateAccessToken/action\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Attestation/attestationProviders/write\",\n \"Microsoft.Attestation/attestationProviders/read\",\n \"Microsoft.Attestation/attestationProviders/delete\",\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-15T16:12:10.4398106Z\",\n \"updatedOn\": \"2024-08-26T15:01:40.009798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5819b54-e033-4d82-ac66-4fec3cbf3f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5819b54-e033-4d82-ac66-4fec3cbf3f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlDb Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlDb migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/write\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/write\",\n \"Microsoft.Sql/servers/databases/delete\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-12-07T23:03:17.2201214Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6344876Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/189207d4-bb67-4208-a635-b06afe8b2c57\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"189207d4-bb67-4208-a635-b06afe8b2c57\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services GDU Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to GDU Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.7508137Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c4bc862a-3b64-4a35-a021-a380c159b042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c4bc862a-3b64-4a35-a021-a380c159b042\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Imagery Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.2220222Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef29765d-0d37-4119-a4f8-f9f9902c9588\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef29765d-0d37-4119-a4f8-f9f9902c9588\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Service role for management\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions that the user assigned managed identity must have to enable registration for the existing systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0105a6b0-4bb9-43d2-982a-12806f9faddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0105a6b0-4bb9-43d2-982a-12806f9faddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Management role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions which allow users to register existing systems, view and manage systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d949e1d-41e2-46e3-8920-c6e4f31a8310\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d949e1d-41e2-46e3-8920-c6e4f31a8310\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes API Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Security/pricings/securityoperators/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T13:11:09.1105477Z\",\n \"updatedOn\": \"2025-09-12T08:03:06.9409916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a2ae44-610b-4500-93be-660a0c5f5ca6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a2ae44-610b-4500-93be-660a0c5f5ca6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Usage Billing Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Usage Billing shared BuiltIn role to be used for all Customer Account Authentication\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.UsageBilling/accounts/inputs/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T20:45:56.3071212Z\",\n \"updatedOn\": \"2023-01-26T19:26:37.6422441Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Registry secure supply chain operator service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\",\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-19T15:58:15.6513344Z\",\n \"updatedOn\": \"2024-06-12T15:19:54.7471937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96062cf7-95ca-4f89-9b9d-2a2aa47356af\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlMI Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlMI migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/write\",\n \"Microsoft.Sql/managedInstances/databases/read\",\n \"Microsoft.Sql/managedInstances/databases/write\",\n \"Microsoft.Sql/managedInstances/databases/delete\",\n \"Microsoft.Sql/managedInstances/metrics/read\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.2824316Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3295951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d335eef-eee1-47fe-a9e0-53214eba8872\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d335eef-eee1-47fe-a9e0-53214eba8872\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services CWUM Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to CWUM Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3570667Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9b99099-ead7-47db-8fcf-072597a61dfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9b99099-ead7-47db-8fcf-072597a61dfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlVM Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlVM migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3580681Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6444899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae8036db-e102-405b-a1b9-bae082ea436d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae8036db-e102-405b-a1b9-bae082ea436d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Cdn/profiles/customdomains/write\",\n \"Microsoft.Cdn/profiles/customdomains/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.0560669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab34830-df19-4f8c-b84e-aa85b8afa6e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7541192Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0db238c4-885e-4c4f-a933-aa2cef684fca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Cdn/profiles/secrets/write\",\n \"Microsoft.Cdn/profiles/secrets/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f2eb865-5811-4578-b90a-6fc6fa0df8e5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door domains, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7551197Z\",\n \"updatedOn\": \"2023-12-07T09:22:52.9393362Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f99d363-226e-4dca-9920-b807cf8e1a5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/register/action\",\n \"Microsoft.AzureStackHCI/Unregister/Action\",\n \"Microsoft.AzureStackHCI/clusters/*\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action\",\n \"Microsoft.HybridCompute/register/action\",\n \"Microsoft.GuestConfiguration/register/action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.AzureStackHCI/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068}))\"\n }\n ],\n \"createdOn\": \"2023-02-03T05:08:48.3968454Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bda0d508-adf1-4af0-9c28-88919fc3ae06\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bda0d508-adf1-4af0-9c28-88919fc3ae06\"\n },\n {\n \"properties\": {\n \"roleName\": \"MySQL Backup And Export Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage backup and export resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforMySQL/flexibleServers/validateBackup/action\",\n \"Microsoft.DBforMySQL/flexibleServers/backupAndExport/action\",\n \"Microsoft.DBforMySQL/locations/operationResults/read\",\n \"Microsoft.DBforMySQL/locations/azureAsyncOperation/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T06:09:26.5657063Z\",\n \"updatedOn\": \"2023-05-12T10:55:29.6654289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18ad5f3-1baf-4119-b49b-d944edb1f9d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18ad5f3-1baf-4119-b49b-d944edb1f9d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalNGFirewallAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to create, modify, describe, or delete NGFirewalls.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/firewalls/*\",\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/globalRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/networkVirtualAppliances/read\",\n \"Microsoft.Network/networkVirtualAppliances/write\",\n \"Microsoft.Network/networkVirtualAppliances/delete\",\n \"Microsoft.Network/virtualHubs/read\",\n \"Microsoft.Network/virtualWans/read\",\n \"Microsoft.Network/virtualWans/virtualHubs/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4098652Z\",\n \"updatedOn\": \"2023-03-13T15:13:22.9170402Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalRulestacksAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create, modify, describe, or delete Rulestacks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4108678Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3315958Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfc3b73d-c6ff-45eb-9a5f-40298295bf20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfc3b73d-c6ff-45eb-9a5f-40298295bf20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Extension for SQL Server Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to enable deployment of Azure Extension for SQL Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.HybridCompute/machines/extensions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-09T19:23:30.8734404Z\",\n \"updatedOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7392c568-9289-4bde-aaaa-b7131215889d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7392c568-9289-4bde-aaaa-b7131215889d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Read and Batch Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can be used to assign read and batch actions on Azure Maps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/*/read\",\n \"Microsoft.Maps/accounts/services/batch/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"updatedOn\": \"2023-05-16T15:12:18.5723729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6470a16-71bd-43ab-86b3-6f3a73f4e787\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6470a16-71bd-43ab-86b3-6f3a73f4e787\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/users/read\",\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/groups/read\",\n \"Microsoft.ApiManagement/service/groups/users/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/apis/*\",\n \"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*\",\n \"Microsoft.ApiManagement/service/workspaces/policies/*\",\n \"Microsoft.ApiManagement/service/workspaces/schemas/*\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/policyFragments/*\",\n \"Microsoft.ApiManagement/service/workspaces/namedValues/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/backends/*\",\n \"Microsoft.ApiManagement/service/workspaces/certificates/*\",\n \"Microsoft.ApiManagement/service/workspaces/diagnostics/*\",\n \"Microsoft.ApiManagement/service/workspaces/loggers/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56328988-075d-4c6a-8766-d93edd6725b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/subscriptions/*\",\n \"Microsoft.ApiManagement/service/workspaces/groups/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/notifications/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c2c328-d004-4c5e-938c-35c6f5679a1f\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9565a273-41b9-4368-97d2-aeb0c976a9b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:33:57.1067324Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8eda974-7b85-4f76-af95-65846b26df6d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8eda974-7b85-4f76-af95-65846b26df6d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:49:03.5905581Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69566ab7-960f-475b-8e7c-b3118f30c6bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to read virtual networks and join the designated virtual networks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7eabc9a4-85f7-4f71-b8ab-75daaccc1033\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7eabc9a4-85f7-4f71-b8ab-75daaccc1033\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows365SubscriptionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d55a8f6-4133-418d-8051-facdb1735758\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d55a8f6-4133-418d-8051-facdb1735758\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network Interface Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action\",\n \"Microsoft.Network/networkInterfaces/effectiveRouteTable/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1f135831-5bbe-4924-9016-264044c00788\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1f135831-5bbe-4924-9016-264044c00788\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1250456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppComplianceAutomation/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/fileservices/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.PolicyInsights/policyStates/queryResults/action\",\n \"Microsoft.PolicyInsights/policyStates/triggerEvaluation/action\",\n \"Microsoft.Resources/resources/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/tags/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Security/automations/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Security/automations/delete\",\n \"Microsoft.Security/automations/write\",\n \"Microsoft.Security/register/action\",\n \"Microsoft.Security/unregister/action\",\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1240456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f37683f-2463-46b6-9ce7-9b788b988ba2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f37683f-2463-46b6-9ce7-9b788b988ba2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-01T15:11:52.6370946Z\",\n \"updatedOn\": \"2023-05-05T22:39:42.6328063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9dfcab-4b77-4632-a6df-94bd07820648\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9dfcab-4b77-4632-a6df-94bd07820648\"\n },\n {\n \"properties\": {\n \"roleName\": \"SaaS Hub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"SaaS Hub contributor can manage SaaS Hub resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-02T15:22:12.2506952Z\",\n \"updatedOn\": \"2023-05-11T22:10:29.48093Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeployments/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.1951056Z\",\n \"updatedOn\": \"2023-05-11T22:10:28.3488114Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read and download Azure Sphere resources and upload images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.AzureSphere/catalogs/images/write\",\n \"Microsoft.AzureSphere/catalogs/uploadImage/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.8007514Z\",\n \"updatedOn\": \"2024-01-26T23:01:00.4162781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d994134-994b-4a59-9974-f479f0b227fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d994134-994b-4a59-9974-f479f0b227fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Machine Learning Workspace Connection Secrets Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can list workspace connection secrets\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/secrets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2023-10-13T16:37:23.7956902Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea01e6af-a1c1-4350-9563-ad00f8c72ec5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea01e6af-a1c1-4350-9563-ad00f8c72ec5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Procurement Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the procurement of products and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\",\n \"Microsoft.SaaSHub/register/action\",\n \"Microsoft.SaaS/resources/read\",\n \"Microsoft.SaaS/resources/write\",\n \"Microsoft.SaaS/resources/delete\",\n \"Microsoft.SaaS/register/action\",\n \"Microsoft.ProfessionalService/resources/read\",\n \"Microsoft.ProfessionalService/resources/write\",\n \"Microsoft.ProfessionalService/resources/delete\",\n \"Microsoft.ProfessionalService/register/action\",\n \"Microsoft.BillingBenefits/register/action\",\n \"Microsoft.BillingBenefits/maccs/read\",\n \"Microsoft.BillingBenefits/maccs/write\",\n \"Microsoft.BillingBenefits/maccs/delete\",\n \"Microsoft.BillingBenefits/maccs/cancel/action\",\n \"Microsoft.BillingBenefits/maccs/chargeShortfall/action\",\n \"Microsoft.BillingBenefits/maccs/contributors/read\",\n \"Microsoft.BillingBenefits/credits/read\",\n \"Microsoft.BillingBenefits/credits/write\",\n \"Microsoft.BillingBenefits/credits/cancel/action\",\n \"Microsoft.BillingBenefits/credits/sources/read\",\n \"Microsoft.BillingBenefits/credits/sources/write\",\n \"Microsoft.BillingBenefits/credits/sources/delete\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/read\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/write\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/delete\",\n \"Microsoft.EnterpriseSupport/register/action\",\n \"Microsoft.SoftwarePlan/register/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/read\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/write\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/delete\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/cancel/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/listKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2025-06-17T15:17:30.9745788Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be1a1ac2-09d3-4261-9e57-a73a6e227f53\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be1a1ac2-09d3-4261-9e57-a73a6e227f53\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Contributor (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/*\",\n \"Microsoft.CognitiveSearch/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:21.2869168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Reader (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/read\",\n \"Microsoft.CognitiveSearch/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:20.8732351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79b01272-bf9f-4f4c-9517-5506269cf524\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79b01272-bf9f-4f4c-9517-5506269cf524\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/communities/delete\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/communityEndpoints/delete\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/communities/transitHubs/delete\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-25T20:51:16.2041501Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e28a61e-8040-49db-b175-bb5b88af6239\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e28a61e-8040-49db-b175-bb5b88af6239\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrative user that can upload/view firmwares & configure firmware workspaces\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-12T15:03:22.1277659Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4423915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9c1607d1-791d-4c68-885d-c7b7aaff7c8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9c1607d1-791d-4c68-885d-c7b7aaff7c8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Data Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure Key Vault by adding or removing role assignments for the Key Vault Administrator, Key Vault Certificates Officer, Key Vault Crypto Officer, Key Vault Crypto Service Encryption User, Key Vault Crypto User, Key Vault Reader, Key Vault Secrets Officer, or Key Vault Secrets User roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/vaults/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6}))\"\n }\n ],\n \"createdOn\": \"2023-06-20T22:26:01.661921Z\",\n \"updatedOn\": \"2023-12-07T01:33:05.5970688Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b54135c-b56d-4d72-a534-26097cfdc8d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b54135c-b56d-4d72-a534-26097cfdc8d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and update index tags. This role is used by the data scanner of Defender for Storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-21T15:30:31.2244258Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Diagnostics Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to execute diagnostics provided by Compute Diagnostic Service for Compute Resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/virtualmachinescalesets/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-03T15:01:36.9754614Z\",\n \"updatedOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df2711a6-406d-41cf-b366-b0250bff9ad1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df2711a6-406d-41cf-b366-b0250bff9ad1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Network Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to create Private Endpoints on SAN resources, and to read SAN resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/write\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/delete\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-11T15:16:02.2537915Z\",\n \"updatedOn\": \"2023-07-24T15:07:43.2245803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa6cecf6-5db3-4c43-8470-c540bcb4eafa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa6cecf6-5db3-4c43-8470-c540bcb4eafa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Usages Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Minimal permission to view Cognitive Services usages.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/locations/usages/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"updatedOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bba48692-92b0-4667-a9ad-c31c7b334ac2\"\n },\n {\n \"properties\": {\n \"roleName\": \"PostgreSQL Flexible Server Long Term Retention Backup Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role to allow backup vault to access PostgreSQL Flexible Server Resource APIs for Long Term Retention Backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrBackupOperations/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrPreBackup/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/startLtrBackup/action\",\n \"Microsoft.DBforPostgreSQL/locations/azureAsyncOperation/read\",\n \"Microsoft.DBforPostgreSQL/locations/operationResults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-19T15:33:56.5176195Z\",\n \"updatedOn\": \"2023-08-02T22:48:06.4502162Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c088a766-074b-43ba-90d4-1fb21feae531\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c088a766-074b-43ba-90d4-1fb21feae531\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Parameter Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal access to $status and $reindex to update search parameters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/searchparameter/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"updatedOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a02f7c31-354d-4106-865a-deedf37fa038\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a02f7c31-354d-4106-865a-deedf37fa038\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Data Access Administrator (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Virtual Machines by adding or removing role assignments for the Virtual Machine Administrator Login and Virtual Machine User Login roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52}))\"\n }\n ],\n \"createdOn\": \"2023-08-07T15:25:15.1179899Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Developer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/sites/config/list/Action\",\n \"microsoft.web/sites/config/Write\",\n \"microsoft.web/sites/config/web/appsettings/delete\",\n \"microsoft.web/sites/config/web/appsettings/write\",\n \"microsoft.web/sites/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"microsoft.web/sites/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/publish/Action\",\n \"microsoft.web/sites/slots/config/appsettings/write\",\n \"Microsoft.Web/sites/slots/config/list/Action\",\n \"microsoft.web/sites/slots/config/web/appsettings/delete\",\n \"microsoft.web/sites/slots/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/slots/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/slots/publish/Action\",\n \"microsoft.web/sites/workflows/*\",\n \"microsoft.web/sites/workflowsconfiguration/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:10.0284774Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"523776ba-4eb2-4600-a3c8-f2dc93da4bdb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.2307952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad710c24-b039-4e85-a019-deb4a06e8570\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Operator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/sites/applySlotConfig/Action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"Microsoft.Web/sites/restart/Action\",\n \"Microsoft.Web/sites/slots/restart/Action\",\n \"Microsoft.Web/sites/slots/slotsswap/Action\",\n \"Microsoft.Web/sites/slots/start/Action\",\n \"Microsoft.Web/sites/slots/stop/Action\",\n \"Microsoft.Web/sites/slotsdiffs/Action\",\n \"Microsoft.Web/sites/slotsswap/Action\",\n \"Microsoft.Web/sites/start/Action\",\n \"Microsoft.Web/sites/stop/Action\",\n \"Microsoft.Web/sites/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.616246Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.0327572Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b70c96e9-66fe-4c09-b6e7-c98e69c98555\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:52.9359215Z\",\n \"updatedOn\": \"2024-04-03T21:08:11.472321Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4accf36b-2c05-432f-91c8-5c532dff4c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"IPAM Pool User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read IPAM Pools and child resources. Create and remove associations. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkManagers/ipamPools/*/read\",\n \"Microsoft.Network/networkManagers/ipamPools/*/action\",\n \"Microsoft.Network/networkManagers/ipamPools/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"updatedOn\": \"2024-10-14T15:14:50.4699933Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\"\n },\n {\n \"properties\": {\n \"roleName\": \"SpatialMapsAccounts Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage data in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/spatialMapsAccounts/read\",\n \"Microsoft.MixedReality/spatialMapsAccounts/delete\",\n \"Microsoft.MixedReality/spatialMapsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-24T22:24:26.823752Z\",\n \"updatedOn\": \"2023-08-24T22:24:26.823752Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Notifications System Topics Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create system topics and event subscriptions on all system topics exposed currently and in the future by Azure Resource Notifications\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToImpactReportingResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToAksResources/action\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/systemTopics/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-31T17:58:41.4180876Z\",\n \"updatedOn\": \"2025-10-01T20:11:41.338522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b962ed2-6d56-471c-bd5f-3477d83a7ba4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b962ed2-6d56-471c-bd5f-3477d83a7ba4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for Importing Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preRestore/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/90e8b822-3e73-47b5-868a-787dc80c008f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"90e8b822-3e73-47b5-868a-787dc80c008f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Snapshot Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating and exporting Snapshot of Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preBackup/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c4770c0-34f7-4110-a1ea-a5855cc7a939\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c4770c0-34f7-4110-a1ea-a5855cc7a939\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-14T21:20:02.9426432Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49435da6-99fe-48a5-a235-fc668b9dc04a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49435da6-99fe-48a5-a235-fc668b9dc04a\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you subscribe messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/subscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b0f2fd7-60b4-4eca-896f-4435034f8bf5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b0f2fd7-60b4-4eca-896f-4435034f8bf5\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you publish messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/publish/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a12b0b94-b317-4dcd-84a8-502ce99884c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a12b0b94-b317-4dcd-84a8-502ce99884c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Boundary Tenant Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows tenant level administration for data boundaries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/dataBoundaries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"updatedOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1a38570-4b05-4d70-b8e4-1100bcf76d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1a38570-4b05-4d70-b8e4-1100bcf76d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Realtime Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute requests against DeID realtime endpoint. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Realtime/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"updatedOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\"\n ]\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b73a14ee-91f5-41b7-bd81-920e12466be9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b73a14ee-91f5-41b7-bd81-920e12466be9\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a90fa6b-6997-4a07-8a95-30633a7c97b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a90fa6b-6997-4a07-8a95-30633a7c97b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Carbon Optimization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Carbon Optimization data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Carbon/carbonEmissionReports/action\",\n \"Microsoft.Carbon/carbonEmissionReports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-29T19:24:38.5828579Z\",\n \"updatedOn\": \"2025-02-17T16:06:32.7430565Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa0d39e6-28e5-40cf-8521-1eb320653a4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa0d39e6-28e5-40cf-8521-1eb320653a4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Owner allowing to review and modify Landing Zone Configurations as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/*\",\n \"Microsoft.Sovereign/landingZoneRegistrations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"updatedOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/38863829-c2a4-4f8d-b1d2-2e325973ebc7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"38863829-c2a4-4f8d-b1d2-2e325973ebc7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Reader allowing to review Landing Zone Configurations and corresponding Registrations without the ability to modify. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/read\",\n \"Microsoft.Sovereign/landingZoneRegistrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"updatedOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8fe6e843-6d9e-417b-9073-106b048f50bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8fe6e843-6d9e-417b-9073-106b048f50bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Device Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Management Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/Clusters/*\",\n \"Microsoft.AzureStackHCI/EdgeDevices/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*/read\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-10T15:19:13.4820522Z\",\n \"updatedOn\": \"2025-02-11T16:14:17.6124295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"865ae368-6a45-4bd1-8fbf-0d5151f56fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Customer Lockbox Approver for Subscription\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve Microsoft support requests to access specific resources contained within a subscription, or the subscription itself, when Customer Lockbox for Microsoft Azure is enabled on the tenant where the subscription resides.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.CustomerLockbox/requests/UpdateApproval/action\",\n \"Microsoft.CustomerLockbox/requests/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/eventtypes/values/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-12T18:01:15.239432Z\",\n \"updatedOn\": \"2024-08-08T19:08:54.2825991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dae6930-7baf-46f5-909e-0383bc931c46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dae6930-7baf-46f5-909e-0383bc931c46\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Bridge Deployment Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Resource Bridge Deployment Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-16T15:13:24.2748766Z\",\n \"updatedOn\": \"2024-02-26T16:08:40.5270416Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b1f81f9-4196-4058-8aae-762e593270df\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b1f81f9-4196-4058-8aae-762e593270df\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view VMs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/Read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/Read\",\n \"Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/Read\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-19T22:56:37.6955839Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b3fe76c-f777-4d24-a2d7-b027b0f7b273\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b3fe76c-f777-4d24-a2d7-b027b0f7b273\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure AI resource besides managing the resource itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\",\n \"Microsoft.MachineLearningServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/reasonings/read\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/results/images/read\"\n ],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/ContentSafety/*\",\n \"Microsoft.CognitiveServices/accounts/MaaS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:06:45.817201Z\",\n \"updatedOn\": \"2025-04-17T17:55:39.8922431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"64702f94-c441-49e6-a78b-ef80e0188fee\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to perform all VM actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/*\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/*\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/*\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/*\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/join/action\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/join/action\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/deploy/action\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:51:51.8242229Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/874d1c73-6003-4e60-a13a-cb31ea190a85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"874d1c73-6003-4e60-a13a-cb31ea190a85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"updatedOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb960402-bf75-4cc3-8d68-35b34f960f72\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb960402-bf75-4cc3-8d68-35b34f960f72\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send and receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\",\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d8c3fe3-8864-474b-8749-01e3783e8157\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d8c3fe3-8864-474b-8749-01e3783e8157\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and triage recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageRecommendations/approve/action\",\n \"Microsoft.Advisor/triageRecommendations/reject/action\",\n \"Microsoft.Advisor/triageRecommendations/reset/action\",\n \"Microsoft.Advisor/triageResources/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:31.5895356Z\",\n \"updatedOn\": \"2025-04-02T19:27:15.4734544Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8aac15f0-d885-4138-8afa-bfb5872f7d13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8aac15f0-d885-4138-8afa-bfb5872f7d13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageResources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:32.6518882Z\",\n \"updatedOn\": \"2025-04-02T19:42:31.0079991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c64499e0-74c3-47ad-921c-13865957895c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c64499e0-74c3-47ad-921c-13865957895c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Inference Deployment Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions required to create a resource deployment within a resource group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/AutoscaleSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T18:08:40.1583451Z\",\n \"updatedOn\": \"2024-03-15T17:43:35.7204254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3afb7f49-54cb-416e-8c09-6dc049efa503\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connected Cluster Managed Identity CheckAccess Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built-in role that allows a Connected Cluster managed identity to call the checkAccess API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T19:09:07.911497Z\",\n \"updatedOn\": \"2023-11-07T16:18:43.5381941Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/65a14201-8f6c-4c28-bec4-12619c5a9aaa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"65a14201-8f6c-4c28-bec4-12619c5a9aaa\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Dataset Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dataset APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"updatedOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d4b70f-0fb9-4f72-b267-b87b2f990aec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d4b70f-0fb9-4f72-b267-b87b2f990aec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender for Storage's malware scanning and sensitive data discovery features on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/defenderforstoragesettings/read\",\n \"Microsoft.Security/defenderforstoragesettings/write\",\n \"Microsoft.Security/advancedThreatProtectionSettings/read\",\n \"Microsoft.Security/advancedThreatProtectionSettings/write\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7}))\"\n }\n ],\n \"createdOn\": \"2023-11-10T10:31:03.38275Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f641de8-0b88-4198-bdef-bd8b45ceba96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f641de8-0b88-4198-bdef-bd8b45ceba96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view AFD standard and premium profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/Usages/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/Usages/action\",\n \"Microsoft.Cdn/profiles/origingroups/Usages/action\",\n \"Microsoft.Cdn/profiles/rulesets/Usages/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-15T16:30:04.3609762Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"662802e2-50f6-46b0-aed2-e834bacc6d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-28T16:02:03.528699Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86fede04-b259-4277-8c3e-e26b9865abd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86fede04-b259-4277-8c3e-e26b9865abd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc3f91a1-40bf-4439-8c46-45edbd83563a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc3f91a1-40bf-4439-8c46-45edbd83563a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5092dac-c796-4349-8681-1a322a31c3f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5092dac-c796-4349-8681-1a322a31c3f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e7037d40-443a-4434-a3fb-8cd202011e1d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e7037d40-443a-4434-a3fb-8cd202011e1d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/enclaveConnections/delete\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/delete\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-05T16:13:20.7602458Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-07T23:59:26.5917667Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19feefae-eacc-4106-81fd-ac34c0671f14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19feefae-eacc-4106-81fd-ac34c0671f14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-08T19:37:02.3189417Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3911351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Encryption Scope Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of Encryption Scopes on a Storage Account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/encryptionScopes/read\",\n \"Microsoft.Storage/storageAccounts/encryptionScopes/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-01-10T18:58:49.3538976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a316ed6d-1efe-48ac-ac08-f7995a9c26fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a316ed6d-1efe-48ac-ac08-f7995a9c26fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Key Vault Writer Service Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/vaults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/setSecret/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-08-14T19:11:47.7610812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44f0a1a8-6fea-4b35-980a-8ff50c487c97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44f0a1a8-6fea-4b35-980a-8ff50c487c97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Release User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/release/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"updatedOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08bbd89e-9f13-488c-ac41-acfcb10c90ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08bbd89e-9f13-488c-ac41-acfcb10c90ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Runtime Storage Class Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Kubernetes Runtime storage classes in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/storageClasses/read\",\n \"Microsoft.KubernetesRuntime/storageClasses/write\",\n \"Microsoft.KubernetesRuntime/storageClasses/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-15T06:02:00.5747685Z\",\n \"updatedOn\": \"2024-08-19T15:08:52.7461468Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0cd9749a-3aaf-4ae5-8803-bd217705bf3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0cd9749a-3aaf-4ae5-8803-bd217705bf3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"updatedOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/609c0c20-e0a0-4a71-b99f-e7e755ac493d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"609c0c20-e0a0-4a71-b99f-e7e755ac493d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificate User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificates/read\",\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\",\n \"Microsoft.KeyVault/vaults/keys/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"updatedOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Managed Components Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for all managed components in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/managedComponents/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/52fd16bd-6ed5-46af-9c40-29cbd7952a29\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"52fd16bd-6ed5-46af-9c40-29cbd7952a29\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6593e776-2a30-40f9-8a32-4fe28b77655d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6593e776-2a30-40f9-8a32-4fe28b77655d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Gateway Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Gateway in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/gateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"updatedOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge On-Site Deployment Engineer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an on-site person to assist in the provisioning of an edge device\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/orderItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T11:05:20.8919638Z\",\n \"updatedOn\": \"2024-08-30T13:53:39.2810677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/207bcc4b-86a6-4487-9141-d6c1f4c238aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"207bcc4b-86a6-4487-9141-d6c1f4c238aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane read operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.ApiCenter/services/workspaces/search/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T20:37:59.9775707Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7244dfb-f447-457d-b2ba-3999044d1706\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact-insight reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact-insight read access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"updatedOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfb2f09d-25f8-4558-8986-497084006d7a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfb2f09d-25f8-4558-8986-497084006d7a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud permissions to provision the Kubernetes defender security agent\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-29T16:00:38.0450387Z\",\n \"updatedOn\": \"2024-04-08T15:07:46.3009159Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cloud Controller Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and update the cloud controller manager deployed on top of OpenShift.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/privatelinkservices/write\",\n \"Microsoft.Network/privatelinkservices/read\",\n \"Microsoft.Network/privatelinkservices/delete\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.7996135Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.5578538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1f96423-95ce-4224-ab27-4e3dc72facd4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1f96423-95ce-4224-ab27-4e3dc72facd4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Disk Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Disks. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-03-28T17:59:48.0577945Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b7237c5-45e1-49d6-bc18-a1f62f400748\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b7237c5-45e1-49d6-bc18-a1f62f400748\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Network Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install and upgrade the networking components on an OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Compute/virtualMachines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be7a6435-15ae-4171-8f30-4a343eff9e8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be7a6435-15ae-4171-8f30-4a343eff9e8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Image Registry Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Resources/tags/write\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift File Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Files. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/privateDnsOperationStatuses/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateEndpoints/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0d7aedc0-15fd-4a67-a412-efad370c947e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0d7aedc0-15fd-4a67-a412-efad370c947e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Service Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Maintain machine health, network configuration, monitoring, and other features that are specific to an OpenShift cluster's continued functionality as a managed service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-06-03T15:14:11.4486606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4436bae4-7702-4c84-919b-c4069ff25ee2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4436bae4-7702-4c84-919b-c4069ff25ee2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Machine API Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage the lifecycle of specific-purpose custom resource definitions (CRD), controllers, and Azure RBAC objects that extend the Kubernetes API to declares the desired state of machines in a cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/capacityReservationGroups/deploy/action\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action\",\n \"Microsoft.Network/applicationSecurityGroups/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNATRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-03-20T13:43:14.3948725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0358943c-7e01-48ba-8889-02cc51d78637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0358943c-7e01-48ba-8889-02cc51d78637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cluster Ingress Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and configure the OpenShift router.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsZones/A/delete\",\n \"Microsoft.Network/dnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/A/delete\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-02-14T18:54:20.1640655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0336e1d3-7a87-462b-b6db-342b63f7802c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0336e1d3-7a87-462b-b6db-342b63f7802c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources and RBAC configuration, includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n }\n ],\n \"createdOn\": \"2024-02-01T23:40:30.7387663Z\",\n \"updatedOn\": \"2024-03-12T15:09:00.907512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a382001-fe36-41ff-bba4-8bf06bd54da9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a382001-fe36-41ff-bba4-8bf06bd54da9\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/WRITE\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/*/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/*/WRITE\",\n \"Microsoft.Quota/GROUPQUOTAS/*/DELETE\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:36.8464681Z\",\n \"updatedOn\": \"2025-02-04T16:18:52.2174712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e2217c0e-04bb-4724-9580-91cf9871bc01\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e2217c0e-04bb-4724-9580-91cf9871bc01\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/subscriptions/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"updatedOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0f495dc-44ef-4140-aeb0-b89110e6a7c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0f495dc-44ef-4140-aeb0-b89110e6a7c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Smart Boundary Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Smart Boundary Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-16T08:39:51.0915233Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.223022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/539283cd-c185-4a9a-9503-d35217a1db7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"539283cd-c185-4a9a-9503-d35217a1db7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender CSPM's sensitive data discovery feature on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n }\n ],\n \"createdOn\": \"2024-02-23T11:40:48.9476806Z\",\n \"updatedOn\": \"2025-09-24T15:22:44.3542995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8480c0f0-4509-4229-9339-7c10018cb8c4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8480c0f0-4509-4229-9339-7c10018cb8c4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Recommendations Contributor (Assessments and Reviews)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View assessment recommendations, accepted review recommendations, and manage the recommendations lifecycle (mark recommendations as completed, postponed or dismissed, in progress, or not started).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Advisor/recommendations/write\",\n \"Microsoft.Advisor/recommendations/available/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-26T16:08:40.5151834Z\",\n \"updatedOn\": \"2024-03-13T23:14:21.178011Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b534d80-e337-47c4-864f-140f5c7f593d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b534d80-e337-47c4-864f-140f5c7f593d\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage GeoCatalogs, but does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9c97b9c-105d-4bb5-a2a7-7d15666c2484\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9c97b9c-105d-4bb5-a2a7-7d15666c2484\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View GeoCatalogs, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7b8f583-43d0-40ae-b147-6b46f53661c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7b8f583-43d0-40ae-b147-6b46f53661c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7661499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af854a69-80ce-4ff7-8447-f1118a2e0ca8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/RestoreBuiltinTemplate/Read\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/Read\",\n \"Microsoft.HealthBot/healthBots/Localization/Read\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/Read\",\n \"Microsoft.HealthBot/healthBots/DataConnections/Read\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/Read\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*/Read\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/Read\",\n \"Microsoft.HealthBot/healthBots/Resources/Files/Read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7381488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway Dataplane User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8503139Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c20923c5-b089-47a5-bf67-fd89569c4ad9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c20923c5-b089-47a5-bf67-fd89569c4ad9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\",\n \"Microsoft.HealthBot/healthBots/Admin/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8513161Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7431492Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1082fec-a70f-419f-9230-885d2550fb38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Network Connection Approver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve private endpoint connections to Azure AI common dependency resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/privateEndpointConnections/read\",\n \"Microsoft.ApiManagement/service/privateEndpointConnections/write\",\n \"Microsoft.ApiManagement/service/privateLinkResources/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/privateLinkResources/read\",\n \"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Cache/redisEnterprise/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write\",\n \"Microsoft.Cache/redisEnterprise/privateLinkResources/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action\",\n \"Microsoft.CognitiveServices/accounts/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write\",\n \"Microsoft.CognitiveServices/accounts/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforMySQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write\",\n \"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read\",\n \"Microsoft.DocumentDB/databaseAccounts/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/write\",\n \"Microsoft.KeyVault/vaults/privateLinkResources/read\",\n \"Microsoft.KeyVault/vaults/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/registries/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/write\",\n \"Microsoft.Storage/storageAccounts/privateLinkResources/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnections/read\",\n \"Microsoft.Sql/servers/privateEndpointConnections/write\",\n \"Microsoft.Sql/servers/privateLinkResources/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/write\",\n \"Microsoft.EventHub/namespaces/privateLinkResources/read\",\n \"Microsoft.EventHub/namespaces/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/write\",\n \"Microsoft.Search/searchServices/sharedPrivateLinkResources/read\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/write\",\n \"Microsoft.Insights/privatelinkscopes/privateLinkResources/read\",\n \"Microsoft.Insights/privatelinkscopes/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/write\",\n \"Microsoft.Network/privateLinkServices/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/write\",\n \"Microsoft.Network/applicationGateways/privateLinkResources/read\",\n \"Microsoft.Network/applicationGateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-29T22:43:58.7323849Z\",\n \"updatedOn\": \"2025-01-29T21:07:16.6125101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b556d68e-0be0-4f35-a333-ad7ee1ce17ea\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role required by a Managed Identity for Azure Container Storage operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Resources/subscriptions/providers/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-06T18:09:47.8933525Z\",\n \"updatedOn\": \"2024-03-21T21:58:56.1897725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and manage its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.6502598Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95dd08a6-00bd-4661-84bf-f6726f83a4d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95dd08a6-00bd-4661-84bf-f6726f83a4d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and grants access to its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.882353Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95de85bd-744d-4664-9dde-11430bc34793\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95de85bd-744d-4664-9dde-11430bc34793\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Locations/operationStatuses/write\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.AzureStackHCI/clusters/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:44.8716461Z\",\n \"updatedOn\": \"2025-09-25T18:20:47.1023449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d3f1697-4507-4d08-bb4a-477695db5f82\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d3f1697-4507-4d08-bb4a-477695db5f82\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/233ca253-b031-42ff-9fba-87ef12d6b55f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"233ca253-b031-42ff-9fba-87ef12d6b55f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/action\",\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f54b6d04-23c6-443e-b462-9c16ab7b4a52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f54b6d04-23c6-443e-b462-9c16ab7b4a52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Can create/delete ResourceGuard \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.DataProtection/*/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/subscriptions/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Savings plan Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase savings plans\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.BillingBenefits/savingsPlanOrders/write\",\n \"Microsoft.BIllingBenefits/register/action\",\n \"Microsoft.Support/supporttickets/write\",\n \"Microsoft.Billing/billingProperty/read\",\n \"Microsoft.CostManagement/benefitRecommendations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"updatedOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read\",\n \"Microsoft.Network/expressRouteCrossConnections/*/read\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionManager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*\",\n \"Microsoft.Network/expressRouteCrossConnections/*\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [\n \"Microsoft.Network/expressRouteCrossConnections/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/399c3b2b-64c2-4ff1-af34-571db925b068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"399c3b2b-64c2-4ff1-af34-571db925b068\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/write\",\n \"Microsoft.Security/pricings/securityoperators/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-20T15:36:16.6580488Z\",\n \"updatedOn\": \"2024-12-05T16:14:33.0969374Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e93ba01-8f92-4c7a-b12a-801e3df23824\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e93ba01-8f92-4c7a-b12a-801e3df23824\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*\",\n \"Microsoft.ApiCenter/deletedServices/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1026818Z\",\n \"updatedOn\": \"2025-06-27T17:59:17.7305662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd24193f-ef65-44e5-8a7e-6fa6e03f7713\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cba8790-29c5-48e5-bab1-c7541b01cb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Compliance Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing API compliance in Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ede9aaa3-4627-494e-be13-4aa7c256148d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Historical Weather Data Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Historical Weather Data Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:24.6069385Z\",\n \"updatedOn\": \"2024-08-08T17:08:36.118249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b192c1-773c-4543-bfb0-6c59254b74a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b192c1-773c-4543-bfb0-6c59254b74a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database VmCluster Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all VmCluster resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudExadataInfrastructures/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4654513Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9ce8739-6fa2-4123-a0a2-0ef41a67806f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9ce8739-6fa2-4123-a0a2-0ef41a67806f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Reader Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/resourceAnchors/read\",\n \"Oracle.Database/networkAnchors/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2025-08-21T18:37:52.3681201Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d623d097-b882-4e1e-a26f-ac60e31065a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d623d097-b882-4e1e-a26f-ac60e31065a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Owner Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-04T21:25:06.0488389Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4562aac9-b209-4bd7-a144-6d7f3bb516f4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4562aac9-b209-4bd7-a144-6d7f3bb516f4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle Subscriptions Manager Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle Subscriptions resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/write\",\n \"Oracle.Database/oracleSubscriptions/*/delete\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-05T15:59:48.0147406Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4caf51ec-f9f5-413f-8a94-b9f5fddba66b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4caf51ec-f9f5-413f-8a94-b9f5fddba66b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exadata Infrastructure Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Exadata Infrastructure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:26.7449799Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4cfdd23b-aece-4fd1-b614-ad3a06c53453\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4cfdd23b-aece-4fd1-b614-ad3a06c53453\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Catalog Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Catalog resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f27b7598-bc64-41f7-8a44-855ff16326c2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f27b7598-bc64-41f7-8a44-855ff16326c2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Config File Pattern Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read content of config file pattern for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.869223Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.869223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25211fc6-dc78-40b6-b205-e4ac934fd9fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25211fc6-dc78-40b6-b205-e4ac934fd9fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Hybrid Database Administrator - Read Only Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read only access to Azure hybrid database services resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/*/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/getTelemetry/action\",\n \"Microsoft.AzureArcData/sqlServerInstances/availabilityGroups/getDetailView/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"updatedOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d9c6a55-fc0e-4e21-ae6f-f7b095497342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d9c6a55-fc0e-4e21-ae6f-f7b095497342\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Business Applications Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List and update actions on a business applications system. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-04T08:02:29.5240808Z\",\n \"updatedOn\": \"2024-06-05T15:32:09.463486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure ContainerApps Session Executor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and execute sessions in a sessionPool\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/sessions/generatesessions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/interpreters/execute/action\",\n \"Microsoft.App/sessionPools/interpreters/read\",\n \"Microsoft.App/sessionPools/executions/*\",\n \"Microsoft.App/sessionPools/files/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-05T18:15:51.9984875Z\",\n \"updatedOn\": \"2024-11-01T09:37:25.3241262Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Edge Winfields federated subscription read access role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Edge Winfields role for read access on federated subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-11T23:06:49.0273732Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3701285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83ee7727-862c-4213-8ed8-2ce6c5d69a40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83ee7727-862c-4213-8ed8-2ce6c5d69a40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Federated Credential\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, update and delete federated credentials on user assigned managed identities in order to build a trust relationship between the managed identity, OpenID Connect (OIDC), and the service account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-12T00:30:33.7626424Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4504757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef318e2a-8334-4a05-9e4a-295a196c6a6e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef318e2a-8334-4a05-9e4a-295a196c6a6e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Crop Id Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Crop Id Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-19T09:07:57.429491Z\",\n \"updatedOn\": \"2024-05-15T15:18:59.4401968Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39138f76-04e6-41f0-ba6b-c411b59081a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39138f76-04e6-41f0-ba6b-c411b59081a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Events Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to scheduled event actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/scheduledevents/acknowledge/action\",\n \"Microsoft.Compute/VirtualMachines/read\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/AvailabilitySets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-23T15:07:32.157769Z\",\n \"updatedOn\": \"2024-05-03T21:25:12.6392452Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b67fe603-310e-4889-b9ee-8257d09d353d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b67fe603-310e-4889-b9ee-8257d09d353d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Recommendations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to call Compute Recommendations APIs provided by Compute Diagnostic Resource Provider service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/locations/placementScores/generate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-30T15:20:17.6310289Z\",\n \"updatedOn\": \"2024-07-02T15:07:54.755272Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e82342c9-ac7f-422b-af64-e426d2e12b2d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e82342c9-ac7f-422b-af64-e426d2e12b2d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Execution Instance List Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List instances for job executions in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91422e52-bb88-4415-bb4a-90f5b71f6dcb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91422e52-bb88-4415-bb4a-90f5b71f6dcb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for jobs in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/jobs/read\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/logstream/action\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b459aa1d-e3c8-436f-ae21-c0531140f43e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b459aa1d-e3c8-436f-ae21-c0531140f43e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T17:46:29.728767Z\",\n \"updatedOn\": \"2024-05-10T17:46:29.728767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05fdd44c-adc6-4aff-981c-61041f0c929a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05fdd44c-adc6-4aff-981c-61041f0c929a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-write access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"updatedOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a5eb8433-97a5-4a06-80b2-a877e1622c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a5eb8433-97a5-4a06-80b2-a877e1622c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/write\",\n \"Microsoft.Resources/deploymentStacks/read\",\n \"Microsoft.Resources/deploymentStacks/validate/action\",\n \"Microsoft.Resources/deploymentStacks/exportTemplate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2025-06-05T00:56:22.3468702Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf7f8882-3383-422a-806a-6526c631a88a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf7f8882-3383-422a-806a-6526c631a88a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, including those with deny assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adb29209-aa1d-457b-a786-c913953d2891\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adb29209-aa1d-457b-a786-c913953d2891\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Config Server Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Config Server in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configServers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"updatedOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/74252426-c508-480e-9345-4607bbebead4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"74252426-c508-480e-9345-4607bbebead4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Catalog Lister\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listing all repositories in an Azure Container Registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:09.4683575Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5848534Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2efddaa5-3f1f-4df3-97df-af3f13818f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2efddaa5-3f1f-4df3-97df-af3f13818f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.586855Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a1e307c-b015-4ebd-883e-5b7698a07328\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a1e307c-b015-4ebd-883e-5b7698a07328\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5818531Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b93aa761-3e63-49ed-ac28-beffa264f7ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b93aa761-3e63-49ed-ac28-beffa264f7ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DeID data. This role is in preview and subject to change\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"updatedOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78e4b983-1a0b-472e-8b7d-8d770f7c5890\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78e4b983-1a0b-472e-8b7d-8d770f7c5890\"\n },\n {\n \"properties\": {\n \"roleName\": \"Locks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Locks Operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"updatedOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28bf596f-4eb7-45ce-b5bc-6cf482fec137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28bf596f-4eb7-45ce-b5bc-6cf482fec137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Standby Container Group Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage standby container group pool resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/revisions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StandbyPool/Locations/OperationStatuses/read\",\n \"Microsoft.StandbyPool/Operations/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/delete\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/runtimeViews/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"updatedOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39fcb0de-8844-4706-b050-c28ddbe3ff83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39fcb0de-8844-4706-b050-c28ddbe3ff83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Artifacts Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for publishing gallery artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/*\",\n \"Microsoft.Compute/locations/capsOperations/read\",\n \"Microsoft.Compute/locations/communityGalleries/*\",\n \"Microsoft.Compute/locations/sharedGalleries/*\",\n \"Microsoft.Compute/images/*\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"updatedOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Viewer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant access to view all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T07:46:35.012434Z\",\n \"updatedOn\": \"2024-06-28T08:35:31.7949436Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5826735-177b-4a0d-a9a3-d0e4b4bda107\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5826735-177b-4a0d-a9a3-d0e4b4bda107\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant full access to manage all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T08:01:39.0551096Z\",\n \"updatedOn\": \"2024-06-28T08:35:33.2869473Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ccf8795-8983-4912-8036-1c45212c95e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ccf8795-8983-4912-8036-1c45212c95e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a3ab03bc-5350-42ff-b0d5-00207672db55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a3ab03bc-5350-42ff-b0d5-00207672db55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Connected InfraVMs\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role of Arc Integration for Azure Stack HCI Infrastructure Virtual Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:27.6822616Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3691302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c99c945f-8bd1-4fb1-a903-01460aae6068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c99c945f-8bd1-4fb1-a903-01460aae6068\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Delete resources during VM Restore. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/locations/diskOperations/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/checkNameAvailability/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"updatedOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce8971-25e3-42e3-ba33-6055438e3080\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce8971-25e3-42e3-ba33-6055438e3080\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight clusters, configuration, extensions, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXECUTESCRIPTACTIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/GETGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/LISTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATEENDPOINTCONNECTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATELINKRESOURCES/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESOLVEPRIVATELINKSERVICEID/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESTARTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/AUTOSCALE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/RESIZE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/PROMOTE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/UPDATEGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AVAILABLECLUSTERVERSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/BILLINGSPECS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CAPABILITIES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CHECKNAMEAVAILABILITY/ACTION\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/USAGES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/VALIDATECREATEREQUEST/ACTION\",\n \"MICROSOFT.HDINSIGHT/OPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/REGISTER/ACTION\",\n \"MICROSOFT.HDINSIGHT/RESOURCETYPES/READ\",\n \"MICROSOFT.HDINSIGHT/UNREGISTER/ACTION\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"updatedOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0847e196-2fd2-4c2f-a48c-fca6fd030f44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0847e196-2fd2-4c2f-a48c-fca6fd030f44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Compute Contributor Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Manage and configure Azure Operator Nexus infrastructure resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/classicAdministrators/operationstatuses/read\",\n \"Microsoft.Authorization/classicAdministrators/read\",\n \"Microsoft.Authorization/denyAssignments/read\",\n \"Microsoft.Authorization/diagnosticSettings/read\",\n \"Microsoft.Authorization/diagnosticSettingsCategories/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/operations/read\",\n \"Microsoft.Authorization/permissions/read\",\n \"Microsoft.Authorization/policyAssignments/read\",\n \"Microsoft.Authorization/policyAssignments/privateLinkAssociations/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read\",\n \"Microsoft.Authorization/policyDefinitions/read\",\n \"Microsoft.Authorization/policyExemptions/read\",\n \"Microsoft.Authorization/policySetDefinitions/read\",\n \"Microsoft.Authorization/providerOperations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleInstances/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleRequests/read\",\n \"Microsoft.Authorization/roleAssignmentSchedules/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleInstances/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleRequests/read\",\n \"Microsoft.Authorization/roleEligibilitySchedules/read\",\n \"Microsoft.Authorization/roleManagementPolicies/read\",\n \"Microsoft.Authorization/roleManagementPolicyAssignments/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.Insights/alertRules/activated/action\",\n \"Microsoft.Insights/alertRules/delete\",\n \"Microsoft.Insights/alertRules/incidents/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/alertRules/resolved/action\",\n \"Microsoft.Insights/alertRules/throttled/action\",\n \"Microsoft.Insights/alertRules/write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.ManagedNetworkFabric/networkFabricControllers/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkFabrics/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkRacks/join/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/cordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/delete\",\n \"Microsoft.NetworkCloud/bareMetalMachines/powerOff/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/read\",\n \"Microsoft.NetworkCloud/bareMetalMachines/reimage/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/replace/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/restart/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runDataExtracts/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runReadCommands/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/start/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/uncordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/write\",\n \"Microsoft.NetworkCloud/clusterManagers/delete\",\n \"Microsoft.NetworkCloud/clusterManagers/read\",\n \"Microsoft.NetworkCloud/clusterManagers/write\",\n \"Microsoft.NetworkCloud/clusters/bareMetalMachineKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/bmcKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/continueUpdateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/delete\",\n \"Microsoft.NetworkCloud/clusters/deploy/action\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/delete\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/read\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/write\",\n \"Microsoft.NetworkCloud/clusters/read\",\n \"Microsoft.NetworkCloud/clusters/scanRuntime/action\",\n \"Microsoft.NetworkCloud/clusters/updateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/write\",\n \"Microsoft.NetworkCloud/locations/operationStatuses/read\",\n \"Microsoft.NetworkCloud/operations/read\",\n \"Microsoft.NetworkCloud/rackSkus/read\",\n \"Microsoft.NetworkCloud/racks/delete\",\n \"Microsoft.NetworkCloud/racks/join/action\",\n \"Microsoft.NetworkCloud/racks/read\",\n \"Microsoft.NetworkCloud/racks/write\",\n \"Microsoft.NetworkCloud/register/action\",\n \"Microsoft.NetworkCloud/registeredSubscriptions/read\",\n \"Microsoft.NetworkCloud/storageAppliances/read\",\n \"Microsoft.NetworkCloud/unregister/action\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"updatedOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4aa368ec-fba9-4e93-81ed-396b3d461cc5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4aa368ec-fba9-4e93-81ed-396b3d461cc5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Instances Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to container groups provided by Azure Container Instances\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerInstance/containerGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"updatedOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d977122-f97e-4b4d-a52f-6b43003ddb4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d977122-f97e-4b4d-a52f-6b43003ddb4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read connectors and their associated resources, such as impacts and insights.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Insights/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"updatedOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cdbb904-5ff3-429d-8169-7d7818b91bd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cdbb904-5ff3-429d-8169-7d7818b91bd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Transparency Logs Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Transparency Log resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/transparencyLogs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"updatedOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Limited Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View home page.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41e04612-9dac-4699-a02b-c82ff2cc3fb5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41e04612-9dac-4699-a02b-c82ff2cc3fb5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Encryption Set Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/diskEncryptionSets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"updatedOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/136d308c-0937-4a49-9bd7-edfb42adbffc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"136d308c-0937-4a49-9bd7-edfb42adbffc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Field Imagery Solution Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Field Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-01T08:16:34.164867Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1af232de-e806-426f-8ca1-c36142449755\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1af232de-e806-426f-8ca1-c36142449755\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge Hardware Center Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an edge order administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-06T15:15:42.539443Z\",\n \"updatedOn\": \"2024-08-06T15:15:42.539443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9295f069-25d0-4f44-bb6a-3da70d11aa00\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9295f069-25d0-4f44-bb6a-3da70d11aa00\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-In Role that has all control plane permissions to work with Azure AI and its dependencies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.ContainerRegistry/registries/*\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.MachineLearningServices/workspaces/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Search/searchServices/write\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Search/searchServices/delete\",\n \"Microsoft.Search/searchServices/indexes/*\",\n \"Microsoft.Search/searchServices/listAdminKeys/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/*\",\n \"Microsoft.DataFactory/factories/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-07T23:50:52.3424998Z\",\n \"updatedOn\": \"2025-04-15T15:19:36.7198543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b78c5d69-af96-48a3-bf8d-a8b4d589de94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b78c5d69-af96-48a3-bf8d-a8b4d589de94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Image Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for reading gallery images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-09T07:40:21.6696134Z\",\n \"updatedOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cf7c76d2-98a3-4358-a134-615aa78bf44d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cf7c76d2-98a3-4358-a134-615aa78bf44d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, logstream and exec into Container Apps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/containerApps/logstream/action\",\n \"Microsoft.App/containerApps/exec/action\",\n \"Microsoft.App/containerApps/debug/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-11-13T16:12:37.8788949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f3bd1b5c-91fa-40e7-afe7-0c11d331232c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f3bd1b5c-91fa-40e7-afe7-0c11d331232c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/*/write\",\n \"Microsoft.App/managedEnvironments/*/delete\",\n \"Microsoft.App/managedEnvironments/*/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/57cc5028-e6a7-4284-868d-0611c5923f8d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"57cc5028-e6a7-4284-868d-0611c5923f8d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/write\",\n \"Microsoft.App/containerApps/*/delete\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.437978Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.437978Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/358470bc-b998-42bd-ab17-a7e34c199c0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"358470bc-b998-42bd-ab17-a7e34c199c0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps managedenvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b32c00b-7eff-4c22-93e6-93d11d72d2d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b32c00b-7eff-4c22-93e6-93d11d72d2d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/managedenvironments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/edd66693-d32a-450b-997d-0158c03976b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"edd66693-d32a-450b-997d-0158c03976b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps sessionpools.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af61e8fc-2633-4b95-bed3-421ad6826515\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af61e8fc-2633-4b95-bed3-421ad6826515\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps jobs, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.App/jobs/write\",\n \"Microsoft.App/jobs/delete\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps SessionPools, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/*/write\",\n \"Microsoft.App/sessionPools/*/delete\",\n \"Microsoft.App/sessionPools/*/action\",\n \"microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7669afb-68b2-44b4-9c5f-6d2a47fddda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7669afb-68b2-44b4-9c5f-6d2a47fddda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Durable Task role for all data access operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"updatedOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ad04412-c4d5-4796-b79c-f76d14c8d402\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ad04412-c4d5-4796-b79c-f76d14c8d402\"\n },\n {\n \"properties\": {\n \"roleName\": \"KubernetesRuntime Load Balancer Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete load balancers in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/loadBalancers/read\",\n \"Microsoft.KubernetesRuntime/loadBalancers/write\",\n \"Microsoft.KubernetesRuntime/loadBalancers/delete\",\n \"Microsoft.KubernetesRuntime/bgpPeers/read\",\n \"Microsoft.KubernetesRuntime/bgpPeers/write\",\n \"Microsoft.KubernetesRuntime/bgpPeers/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesRuntime/locations/operationStatuses/write\",\n \"Microsoft.KubernetesRuntime/services/write\",\n \"Microsoft.KubernetesRuntime/services/delete\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/write\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-26T15:01:39.6821551Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a5682fc-4f12-4b25-927e-e8cfed0c539e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a5682fc-4f12-4b25-927e-e8cfed0c539e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS Orchestrator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource group because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to create the supporting resources in the resource group of the private clouds attached virtual network and bind them to the attached virtual network. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/operationStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Network/virtualHubs/delete\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/networkIntentPolicies/read\",\n \"Microsoft.Network/networkIntentPolicies/delete\",\n \"Microsoft.Network/networkIntentPolicies/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualHubs/write\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/read\",\n \"Microsoft.Network/virtualHubs/bgpConnections/write\",\n \"Microsoft.Network/virtualHubs/bgpConnections/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{d715fb95a0f04f1c8be65ad2d2767f67, 4d97b98b1d4f4787a291c67834d212e7, 49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"updatedOn\": \"2025-02-13T20:38:23.7051408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Connector Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Service Connector.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceLinker/linkers/read\",\n \"Microsoft.ServiceLinker/linkers/delete\",\n \"Microsoft.ServiceLinker/linkers/write\",\n \"Microsoft.ServiceLinker/linkers/listConfigurations/action\",\n \"Microsoft.ServiceLinker/linkers/validateLinker/action\",\n \"Microsoft.ServiceLinker/dryruns/delete\",\n \"Microsoft.ServiceLinker/dryruns/write\",\n \"Microsoft.ServiceLinker/linkers/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/delete\",\n \"Microsoft.ServiceLinker/locations/connectors/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/validate/action\",\n \"Microsoft.ServiceLinker/locations/connectors/write\",\n \"Microsoft.ServiceLinker/locations/dryruns/delete\",\n \"Microsoft.ServiceLinker/locations/dryruns/write\",\n \"Microsoft.ServiceLinker/locations/operationStatuses/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-28T15:23:35.037597Z\",\n \"updatedOn\": \"2025-05-16T03:07:33.2225582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7003cd-07a9-490c-bfa5-23e40314f8d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7003cd-07a9-490c-bfa5-23e40314f8d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Approver Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all resources in Azure Virtual Enclaves and Approve approval requests within the Enclave\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/enclaveConnections/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/communities/communityEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/approvals/initiatorCallback/action\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T15:25:33.0231286Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.356225Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2142ea27-02ad-4094-bfea-2dbac6d24934\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2142ea27-02ad-4094-bfea-2dbac6d24934\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Update Agent\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide full access to all Azure Device Update agent operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"updatedOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a740172-0fc2-4039-972c-b31864cd47d6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a740172-0fc2-4039-972c-b31864cd47d6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Purge Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows permanent deletion of soft-deleted vaults.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/locations/operationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"updatedOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a68e7c17-0ab2-4c09-9a58-125dae29748c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a68e7c17-0ab2-4c09-9a58-125dae29748c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to perform all Face APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"updatedOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, start, and stop Container Apps jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/jobs/logstream/action\",\n \"Microsoft.App/jobs/exec/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"updatedOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) This role allows full access to Azure Operator Nexus Network Cloud resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NetworkCloud/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\"\n },\n {\n \"properties\": {\n \"roleName\": \"CloudTest Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on CloudTest Accounts, CloudTest Pools, 1ES Hosted Pools and 1ES Images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CloudTest/*/read\",\n \"Microsoft.CloudTest/hostedpools/write\",\n \"Microsoft.CloudTest/hostedpools/delete\",\n \"Microsoft.CloudTest/images/write\",\n \"Microsoft.CloudTest/images/delete\",\n \"Microsoft.CloudTest/images/cancel/action\",\n \"Microsoft.CloudTest/images/refresh/action\",\n \"Microsoft.CloudTest/pools/write\",\n \"Microsoft.CloudTest/pools/delete\",\n \"Microsoft.CloudTest/accounts/write\",\n \"Microsoft.CloudTest/accounts/delete\",\n \"Microsoft.CloudTest/pools/leases/action\",\n \"Microsoft.CloudTest/pools/leases/complete/action\",\n \"Microsoft.CloudTest/pools/leases/extend/action\",\n \"Microsoft.CloudTest/hostedpools/leases/action\",\n \"Microsoft.CloudTest/hostedpools/leases/complete/action\",\n \"Microsoft.CloudTest/hostedpools/leases/extend/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2025-08-14T01:17:34.3715766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e9d0bd4-5aab-4f91-92df-9def33fe287c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e9d0bd4-5aab-4f91-92df-9def33fe287c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Automanage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Automanage Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automanage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d6517c1-e434-405c-9f3f-e0ae65085d76\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d6517c1-e434-405c-9f3f-e0ae65085d76\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Bot Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"To perform actions on the bots by copilot studio platform and extensibility team\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.BotService/listAuthServiceProviders/action\",\n \"Microsoft.BotService/listauthserviceproviders/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/read\",\n \"Microsoft.BotService/botServices/write\",\n \"Microsoft.BotService/botServices/delete\",\n \"Microsoft.BotService/botServices/channels/write\",\n \"Microsoft.BotService/botServices/channels/read\",\n \"Microsoft.BotService/botServices/channels/listchannelwithkeys/action\",\n \"Microsoft.BotService/botServices/channels/delete\",\n \"Microsoft.BotService/botServices/channels/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/connections/read\",\n \"Microsoft.BotService/botServices/connections/write\",\n \"Microsoft.BotService/botServices/connections/delete\",\n \"Microsoft.BotService/botServices/connections/listwithsecrets/write\",\n \"Microsoft.BotService/botServices/connections/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/createemailsigninurl/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.BotService/botServices/joinPerimeter/action\",\n \"Microsoft.BotService/botServices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/checknameavailability/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/hostsettings/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/delete\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/delete\",\n \"Microsoft.BotService/listqnamakerendpointkeys/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterConfigurations/reconcile/action\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/delete\",\n \"Microsoft.BotService/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.BotService/botServices/channels/regeneratekeys/action\",\n \"Microsoft.BotService/botServices/Connections/listWithSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-12T05:29:14.6965924Z\",\n \"updatedOn\": \"2025-01-30T16:45:30.6156198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/175b81b9-6e0d-490a-85e4-0d422273c10c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"175b81b9-6e0d-490a-85e4-0d422273c10c\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for all management operations, except purge, for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fe86443c-f201-4fc4-9d2a-ac61149fbda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fe86443c-f201-4fc4-9d2a-ac61149fbda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Managed Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy and manage your Service Fabric Managed Cluster resources. Includes managed clusters, node types, application types, application type versions, applications, and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/managedclusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-17T15:06:28.2939568Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83f80186-3729-438c-ad2d-39e94d718838\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83f80186-3729-438c-ad2d-39e94d718838\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Data Importer and Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to import images into a registry through the registry import operation. Provides the ability to list repositories, view images and tags, get manifests, and pull images. Does not provide permissions for importing images through configuring registry transfer pipelines such as import and export pipelines. Does not provide permissions for importing through configuring Artifact Cache or Sync rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/importImage/action\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-19T02:48:17.8131685Z\",\n \"updatedOn\": \"2025-04-25T08:31:50.8322354Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/577a9874-89fd-4f24-9dbd-b5034d0ad23a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"577a9874-89fd-4f24-9dbd-b5034d0ad23a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Service Orchestration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants the required permissions to Azure Batch Resource Provider to manage compute and other backing resources in the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/read\",\n \"Microsoft.AzureFleet/fleets/write\",\n \"Microsoft.AzureFleet/fleets/read\",\n \"Microsoft.AzureFleet/fleets/delete\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/approveRollingUpgrade/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/deallocate/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete/action\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimage/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimageall/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/restart/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/start/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/extensions/read\",\n \"microsoft.Compute/virtualMachineScaleSets/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualmachines/restart/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Network/networkWatchers/read\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T04:53:47.7198421Z\",\n \"updatedOn\": \"2025-02-12T16:18:23.8859317Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a35466a1-cfd6-450a-b35e-683fcdf30363\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a35466a1-cfd6-450a-b35e-683fcdf30363\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft PowerBI Tenant Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of tenant operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerBI/tenants/workspaces/read\",\n \"Microsoft.PowerBI/tenants/workspaces/delete\",\n \"Microsoft.PowerBI/tenants/read\",\n \"Microsoft.PowerBI/tenants/delete\",\n \"Microsoft.PowerBI/tenants/write\",\n \"Microsoft.PowerBI/tenants/workspaces/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"updatedOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8c87871d-6201-42da-abb1-1c0c985ff71c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8c87871d-6201-42da-abb1-1c0c985ff71c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage your Service Fabric Cluster resources. Includes clusters, application types, application type versions, applications, and services. You will need additional permissions to deploy and manage the cluster's underlying resources such as virtual machine scale sets, storage accounts, networks, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/clusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-01T15:07:22.3648709Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6efc156-f0da-4e90-a50a-8c000140b017\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6efc156-f0da-4e90-a50a-8c000140b017\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6e0c8711-85a0-4490-8365-8ec13c4560b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6e0c8711-85a0-4490-8365-8ec13c4560b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/streamingjobs/Read\",\n \"Microsoft.StreamAnalytics/streamingjobs/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/Read\",\n \"Microsoft.StreamAnalytics/clusters/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/ListStreamingJobs/action\",\n \"Microsoft.StreamAnalytics/locations/*/Read\",\n \"Microsoft.StreamAnalytics/operations/Read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dfc38e8-6ce7-447f-807c-029c65262c5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dfc38e8-6ce7-447f-807c-029c65262c5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Worker\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by worker applications to interact with the Durable Task service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/execute/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-04T12:40:48.3980573Z\",\n \"updatedOn\": \"2025-07-10T20:34:53.5413918Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80d0d6b0-f522-40a4-8886-a5a11720c375\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80d0d6b0-f522-40a4-8886-a5a11720c375\"\n },\n {\n \"properties\": {\n \"roleName\": \"Portal Dashboard Writer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can write an Azure Portal Dashboard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Portal/dashboards/read\",\n \"Microsoft.Portal/dashboards/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-08T15:25:11.3964685Z\",\n \"updatedOn\": \"2025-07-23T23:16:02.9942117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78eacb5e-e318-4560-85a9-e6a724ca60c9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78eacb5e-e318-4560-85a9-e6a724ca60c9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Owner allowing to review and modify Landing Zone Account, Landing Zone Configurations, as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Reader allowing to read Landing Zone Account, Landing Zone Configurations and Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2718b1f7-eb07-424e-8868-0137541392a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2718b1f7-eb07-424e-8868-0137541392a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Windows365.CloudPcDelegatedMsis Writer User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role to perform Write operations on CloudPcDelegatedMsis resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Windows365/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": \"dipakmahajan\",\n \"updatedBy\": \"dipakmahajan\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21bffb94-04c0-4ed0-b676-68bb926e832b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21bffb94-04c0-4ed0-b676-68bb926e832b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Job Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit and manage jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/batchAccounts/applications/read\",\n \"Microsoft.Batch/batchAccounts/applications/versions/read\",\n \"Microsoft.Batch/batchAccounts/pools/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48e5e92e-a480-4e71-aa9c-2778f4c13781\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48e5e92e-a480-4e71-aa9c-2778f4c13781\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources including pools and jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2025-08-07T11:36:35.1603929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11076f67-66f6-4be0-8f6b-f0609fd05cc9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11076f67-66f6-4be0-8f6b-f0609fd05cc9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Batch resources, including Batch accounts, pools and jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2025-08-07T12:06:49.3936883Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29fe4964-1e60-436b-bd3a-77fd4c178b3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29fe4964-1e60-436b-bd3a-77fd4c178b3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to manage Batch pools and jobs but not to modify accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/batchAccounts/read\",\n \"Microsoft.Batch/batchAccounts/applications/*\",\n \"Microsoft.Batch/batchAccounts/certificates/*\",\n \"Microsoft.Batch/batchAccounts/certificateOperationResults/*\",\n \"Microsoft.Batch/batchAccounts/pools/*\",\n \"Microsoft.Batch/batchAccounts/poolOperationResults/*\",\n \"Microsoft.Batch/locations/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aaa78f1-f7de-44ca-8722-c64a23943cae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aaa78f1-f7de-44ca-8722-c64a23943cae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and files. This role is used by the data scanner of Dfender CSPM.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-11-06T16:01:17.0833766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Managed Grafana Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure Managed Grafana resources, without providing access to the workspaces themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/grafana/write\",\n \"Microsoft.Dashboard/grafana/delete\",\n \"Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/action\",\n \"Microsoft.Dashboard/locations/operationStatuses/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/delete\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/write\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/write\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T19:05:56.9094034Z\",\n \"updatedOn\": \"2025-05-16T00:34:45.2747678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows to call data plane APIs, but not any control plane APIs for Microsoft Cognitive Services. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"updatedOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19c28022-e58e-450d-a464-0b2a53034789\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19c28022-e58e-450d-a464-0b2a53034789\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to Container Apps ConnectedEnvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-18T03:26:58.612812Z\",\n \"updatedOn\": \"2024-10-18T03:26:58.612812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd80684d-2f5f-4130-892a-0955546282de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd80684d-2f5f-4130-892a-0955546282de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/nodes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"updatedOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Experiment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, run, and see details for experiments, onboard targets, and manage capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2875737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7c2e40b7-25eb-482a-82cb-78ba06cb46d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7c2e40b7-25eb-482a-82cb-78ba06cb46d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view targets, capabilities, experiments, and experiment details.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:35.5075532Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29e2da8a-229c-4157-8ae8-cc72fc506b74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29e2da8a-229c-4157-8ae8-cc72fc506b74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can run and see details for experiments but cannot create experiments or manage targets and capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:07.6428446Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2476916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a40e87e-6645-48e0-b27a-0b115d849a20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a40e87e-6645-48e0-b27a-0b115d849a20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Connectors Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Connectors resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff478a4e-8633-416e-91bc-ec33ce7c9516\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff478a4e-8633-416e-91bc-ec33ce7c9516\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ConnectedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/connectedEnvironments/*\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/*/write\",\n \"Microsoft.App/connectedEnvironments/*/delete\",\n \"Microsoft.App/connectedEnvironments/*/action\",\n \"Microsoft.App/connectedEnvironments/daprComponents/listSecrets/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f4fe6fc-f04f-4d97-8528-8bc18c848dca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f4fe6fc-f04f-4d97-8528-8bc18c848dca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Contributor and Data Access Configuration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to create, list, and update container registries and registry configuration properties. Provides permissions to configure data access such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/write\",\n \"Microsoft.ContainerRegistry/registries/delete\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/regenerateCredential/action\",\n \"Microsoft.ContainerRegistry/registries/generateCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/write\",\n \"Microsoft.ContainerRegistry/registries/replications/delete\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/delete\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/write\",\n \"Microsoft.ContainerRegistry/registries/tokens/delete\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/write\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/delete\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/write\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/delete\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/deactivate/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/write\",\n \"Microsoft.ContainerRegistry/registries/webhooks/delete\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/ping/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.ContainerRegistry/locations/operationResults/read\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/privateEndpoints/privateLinkServiceProxies/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"updatedOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bc748fc-213d-45c1-8d91-9da5725539b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bc748fc-213d-45c1-8d91-9da5725539b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Health Safeguards Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in all available Health Safeguards\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalAnchoring/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalCodesValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalConflictDetection/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalEvidenceVerification/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalProvenance/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalSemanticValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/DetectHallucinationsAndOmissions/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/HealthAdaptedFiltering/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-25T13:47:32.4836018Z\",\n \"updatedOn\": \"2024-12-09T16:09:07.9062467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/566f0da3-e2a5-4393-9089-763f8bab8fb6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"566f0da3-e2a5-4393-9089-763f8bab8fb6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Configuration Reader and Data Access Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to list container registries and registry configuration properties. Provides permissions to list data access configuration such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"updatedOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69b07be0-09bf-439a-b9a6-e73de851bd59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69b07be0-09bf-439a-b9a6-e73de851bd59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Transfer Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to transfer, import, and export artifacts through configuring registry transfer pipelines that involve intermediary storage accounts and key vaults. Does not provide permissions to push or pull images. Does not provide permissions to create, manage, or list storage accounts or key vaults. Does not provide permissions to perform role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/exportPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/read\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/write\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"updatedOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization App Attach Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to manage app attach resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/write\",\n \"Microsoft.DesktopVirtualization/appattachpackages/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"updatedOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/97dfb3ce-e936-462c-9425-9cdb67e66d45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"97dfb3ce-e936-462c-9425-9cdb67e66d45\"\n },\n {\n \"properties\": {\n \"roleName\": \"HybridCompute Machine ListAccessDetails Action In-Built Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"In-Built Role definition that grants permissions to execute the listAccessDetails action on HybridCompute Machines\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/listAccessDetails/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-08T16:19:16.7242676Z\",\n \"updatedOn\": \"2025-03-12T16:00:45.5699939Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9701b4d-e6e7-4657-91cd-360a0881d224\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9701b4d-e6e7-4657-91cd-360a0881d224\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage App Service Environments but not the App Service Plans or Websites that it hosts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Web/hostingEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"updatedOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Subscription Level Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud subscription level permissions needed to activate Containers plan\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-14T10:01:45.877748Z\",\n \"updatedOn\": \"2024-12-12T11:16:08.7763533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ada52afe-776a-4b4d-a8f2-55670d3d8178\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ada52afe-776a-4b4d-a8f2-55670d3d8178\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quantum Workspace Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Quantum/Workspaces/read\",\n \"Microsoft.Quantum/locations/offerings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Quantum/Workspaces/jobs/read\",\n \"Microsoft.Quantum/Workspaces/jobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"updatedOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1410b24-3e69-4857-8f86-4d0a2e603250\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1410b24-3e69-4857-8f86-4d0a2e603250\"\n },\n {\n \"properties\": {\n \"roleName\": \"Communication and Email Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete Communications and Email Service resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Communication/CheckNameAvailability/action\",\n \"Microsoft.Communication/Locations/OperationStatuses/read\",\n \"Microsoft.Communication/Locations/OperationStatuses/write\",\n \"Microsoft.Communication/Operations/read\",\n \"Microsoft.Communication/CommunicationServices/read\",\n \"Microsoft.Communication/CommunicationServices/write\",\n \"Microsoft.Communication/CommunicationServices/delete\",\n \"Microsoft.Communication/CommunicationServices/ListKeys/action\",\n \"Microsoft.Communication/CommunicationServices/RegenerateKey/action\",\n \"Microsoft.Communication/CommunicationServices/LinkNotificationHub/action\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/read\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/write\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/delete\",\n \"Microsoft.Communication/EmailServices/read\",\n \"Microsoft.Communication/EmailServices/write\",\n \"Microsoft.Communication/EmailServices/delete\",\n \"Microsoft.Communication/EmailServices/Domains/read\",\n \"Microsoft.Communication/EmailServices/Domains/write\",\n \"Microsoft.Communication/EmailServices/Domains/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/read\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/write\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/delete\",\n \"Microsoft.Communication/EmailServices/Domains/InitiateVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/CancelVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"updatedOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/09976791-48a7-449e-bb21-39d1a415f350\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"09976791-48a7-449e-bb21-39d1a415f350\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Autonomous Database Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Autonomous Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/autonomousDatabases/*/read\",\n \"Oracle.Database/autonomousDatabases/*/write\",\n \"Oracle.Database/autonomousDatabases/*/delete\",\n \"Oracle.Database/autonomousDatabases/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-03T16:00:22.0003479Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59c05558-2358-462d-ba19-afbd7118936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59c05558-2358-462d-ba19-afbd7118936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Safety Evaluator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can perform all actions under workspace evaluations and simulations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/evaluations/*\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"updatedOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11102f94-c441-49e6-a78b-ef80e0188abc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11102f94-c441-49e6-a78b-ef80e0188abc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Tasks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to configure, read, list, trigger, or cancel Container Registry Tasks, Task Runs, Task Logs, Quick Runs, Quick Builds, and Task Agent Pools. Permissions granted for Tasks management can be used for full registry data plane permissions including reading/writing/deleting container images in registries. Permissions granted for Tasks management can also be used to run customer authored build directives and run scripts to build software artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/agentpools/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/write\",\n \"Microsoft.ContainerRegistry/registries/agentpools/delete\",\n \"Microsoft.ContainerRegistry/registries/agentpools/listQueueStatus/action\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationResults/status/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/write\",\n \"Microsoft.ContainerRegistry/registries/tasks/delete\",\n \"Microsoft.ContainerRegistry/registries/tasks/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/scheduleRun/action\",\n \"Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/read\",\n \"Microsoft.ContainerRegistry/registries/runs/write\",\n \"Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/cancel/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/read\",\n \"Microsoft.ContainerRegistry/registries/taskruns/write\",\n \"Microsoft.ContainerRegistry/registries/taskruns/delete\",\n \"Microsoft.ContainerRegistry/registries/taskruns/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/operationStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"updatedOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb382eab-e894-4461-af04-94435c366c3f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb382eab-e894-4461-af04-94435c366c3f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Backup Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permissions to backup identity to manage RPC snapshots\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/restorePointCollections/read\",\n \"Microsoft.Compute/restorePointCollections/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T12:02:58.1197573Z\",\n \"updatedOn\": \"2025-03-17T15:14:48.6639401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/afc680e2-a938-412d-b213-9a49efa7fb83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"afc680e2-a938-412d-b213-9a49efa7fb83\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS on Fleet VIS Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to inject address prefix changes of the private clouds attached virtual network to SDN and support peering sync feature. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.BareMetal/peeringSettings/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Authorization/roleAssignments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2025-01-13T16:06:06.5931961Z\",\n \"updatedOn\": \"2025-06-11T06:31:53.4195138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49fc33c1-886f-4b21-a00e-1d9993234734\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49fc33c1-886f-4b21-a00e-1d9993234734\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Management Copilot User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables users access to Edge Management Copilot.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeManagement/locations/chat/action\",\n \"Microsoft.EdgeManagement/troubleshoot/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T02:53:10.7767692Z\",\n \"updatedOn\": \"2025-09-01T15:03:56.0546394Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53e48117-a530-4075-bcbe-d91913e3bdb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53e48117-a530-4075-bcbe-d91913e3bdb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all Durable Task Scheduler data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/read\",\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T21:39:28.7653514Z\",\n \"updatedOn\": \"2025-07-10T20:34:54.3629229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Edge Machine Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Edge Machine Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"updatedOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a6f9009-515c-4455-b170-143e4c9ce229\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a6f9009-515c-4455-b170-143e4c9ce229\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\",\n \"Microsoft.OnlineExperimentation/workspaces/write\",\n \"Microsoft.OnlineExperimentation/workspaces/delete\",\n \"Microsoft.OnlineExperimentation/workspaces/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.7573167Z\",\n \"updatedOn\": \"2025-02-14T17:38:48.3796504Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53747cdd-e97c-477a-948c-b587d0e514b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53747cdd-e97c-477a-948c-b587d0e514b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"updatedOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1363e94d-546f-4fe9-8434-b0eefb292d59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1363e94d-546f-4fe9-8434-b0eefb292d59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Target Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard targets and manage capabilities but cannot create, run, or see details for experiments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"updatedOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59a618e3-3c9a-406e-9f03-1a20dd1c55f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59a618e3-3c9a-406e-9f03-1a20dd1c55f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Auto Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Auto Actions resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/OperationStatuses/write\",\n \"Microsoft.ComputeSchedule/autoActions/write\",\n \"Microsoft.ComputeSchedule/autoActions/delete\",\n \"Microsoft.ComputeSchedule/autoActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/disable/action\",\n \"Microsoft.ComputeSchedule/autoActions/enable/action\",\n \"Microsoft.ComputeSchedule/autoActions/listResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/listResources/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"updatedOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d01690-9418-4783-8ca2-9f0f1791783d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d01690-9418-4783-8ca2-9f0f1791783d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Onboarding Discovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write or delete the discovery and it's child resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DeviceOnboarding/discoveryServices/*\",\n \"Microsoft.DeviceOnboarding/locations/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"updatedOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a227fb39-f479-404b-96fd-0176f5d88ab4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a227fb39-f479-404b-96fd-0176f5d88ab4\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:00:59.904969Z\",\n \"updatedOn\": \"2025-02-24T16:00:59.904969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31ef6312-5b0c-4ce9-8c5d-587a91344fe7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31ef6312-5b0c-4ce9-8c5d-587a91344fe7\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\",\n \"Microsoft.Compute/sshpublickeys/write\",\n \"Microsoft.Compute/sshpublickeys/delete\",\n \"Microsoft.Compute/sshpublickeys/generatekeypair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"updatedOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Agent Pool Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for agentpool related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/write\",\n \"Microsoft.ContainerService/managedClusters/agentPools/delete\",\n \"Microsoft.ContainerService/managedClusters/agentPools/upgradeNodeImageVersion/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/abort/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"updatedOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b7f3653-4324-473a-9165-bc55e4d04ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b7f3653-4324-473a-9165-bc55e4d04ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Serverless Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Serverless resources and thier connections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.web/sites/publish/action\",\n \"microsoft.web/sites/slots/publish/action\",\n \"microsoft.web/sites/config/list/action\",\n \"microsoft.web/sites/slots/config/list/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T09:38:08.4219917Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ac31b4-936a-4046-a6d2-ba6f8a757bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ac31b4-936a-4046-a6d2-ba6f8a757bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dedicated Host Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for DedicatedHosts Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/hostGroups/read\",\n \"Microsoft.Compute/hostGroups/write\",\n \"Microsoft.Compute/hostGroups/delete\",\n \"Microsoft.Compute/hostGroups/hosts/read\",\n \"Microsoft.Compute/hostGroups/hosts/write\",\n \"Microsoft.Compute/hostGroups/hosts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Fleet Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Compute Fleet resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureFleet/fleets/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2bed379c-9fba-455b-99e4-6b911073bcf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2bed379c-9fba-455b-99e4-6b911073bcf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Credential Access Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane get credentials operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/getCredentials/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"updatedOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1df7cd83-1d3f-41df-95b0-53b30d963369\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1df7cd83-1d3f-41df-95b0-53b30d963369\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Federated Identity Credential Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity Federated Identity Credentials(FIC)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"updatedOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e559ce2-48d7-4b27-9128-fa1b247f1308\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e559ce2-48d7-4b27-9128-fa1b247f1308\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides full access to manage all Azure File Sync (Storage Sync Service) resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/register/action\",\n \"Microsoft.StorageSync/unregister/action\",\n \"Microsoft.StorageSync/locations/*\",\n \"Microsoft.StorageSync/deployments/preflight/action\",\n \"Microsoft.StorageSync/storageSyncServices/*\",\n \"Microsoft.StorageSync/operations/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:11:32.1254077Z\",\n \"updatedOn\": \"2025-05-21T16:06:38.6938985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92b92042-07d9-4307-87f7-36a593fc5850\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to Azure File Sync service (Storage Sync Service).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:26:47.840119Z\",\n \"updatedOn\": \"2025-03-27T21:26:47.840119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/754c1a27-40dc-4708-8ad4-2bffdeee09e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"754c1a27-40dc-4708-8ad4-2bffdeee09e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Cluster API Provider\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions to allow cluster API to manage nodes, networks and disks for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-28T17:59:48.0497955Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5098891Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88366f10-ed47-4cc0-9fab-c8a06148393e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88366f10-ed47-4cc0-9fab-c8a06148393e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions for all management operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"updatedOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c7a01fe-5518-4a42-93c2-658e45441691\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c7a01fe-5518-4a42-93c2-658e45441691\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale Storage Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale Storage Vaults\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exascaleDbStorageVaults/write\",\n \"Oracle.Database/exascaleDbStorageVaults/delete\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3733644Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2643111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a00ed373-f085-4b75-a950-53eacdc52ac0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a00ed373-f085-4b75-a950-53eacdc52ac0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"updatedOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58b80de8-4b34-424c-9e47-23faf0f7cfe2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58b80de8-4b34-424c-9e47-23faf0f7cfe2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Flux Configurations Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Flux Configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/write\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/delete\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"updatedOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61eb6405-5f4a-440b-ad03-fe06c5c85e44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61eb6405-5f4a-440b-ad03-fe06c5c85e44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Issue Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all issues data and update issues settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AlertsManagement/Issues/*\",\n \"microsoft.monitor/accounts/issues/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:12.3898424Z\",\n \"updatedOn\": \"2025-08-08T06:45:21.8923687Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d7ecc5c-f27b-43cf-883f-46409d445502\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d7ecc5c-f27b-43cf-883f-46409d445502\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Credential Sets in Container Registry. This role doesn't affect the needed permissions for storing content inside Azure Key Vault. This role also doesn't grant permissions to manage Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/write\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/delete\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f094fb07-0703-4400-ad6a-e16dd8000e14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f094fb07-0703-4400-ad6a-e16dd8000e14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale VmCluster Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale VmClusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/exadbVmClusters/*/write\",\n \"Oracle.Database/exadbVmClusters/*/delete\",\n \"Oracle.Database/exadbVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0869d06d-e3d1-4472-8764-1bb71b2bdaf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0869d06d-e3d1-4472-8764-1bb71b2bdaf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Credential Sets in Container Registry. This permission doesn't allow permission to see content inside Azure Key vault only the content inside Container Registry. This permission doesn't grant permission to read Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29093635-9924-4f2c-913b-650a12949526\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29093635-9924-4f2c-913b-650a12949526\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Cache Rules in Container Registry. This permission doesn't grant permission to read Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c357b964-0002-4b64-a50d-7a28f02edc52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c357b964-0002-4b64-a50d-7a28f02edc52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Cache Rules in Container Registry. This role doesn't grant permissions to manage Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/write\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/delete\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df87f177-bb12-4db1-9793-a413691eff94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df87f177-bb12-4db1-9793-a413691eff94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Account resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/accounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2593f4c7-8bf4-4fff-9804-2ee069b41902\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2593f4c7-8bf4-4fff-9804-2ee069b41902\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Enterprise Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Enterprise Policy resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/enterprisePolicies/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/babe7770-cdbc-4f46-9bd7-b90b34842946\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"babe7770-cdbc-4f46-9bd7-b90b34842946\"\n },\n {\n \"properties\": {\n \"roleName\": \"Usage Billing Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.UsageBilling/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/33cdeeac-0940-4f85-9317-7e2432c17289\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"33cdeeac-0940-4f85-9317-7e2432c17289\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Solution External Validator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to fetch targets, solution templates, solutions and update the external validation status\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/targets/read\",\n \"Microsoft.Edge/solutionTemplates/read\",\n \"Microsoft.Edge/solutionTemplates/versions/read\",\n \"Microsoft.Edge/targets/solutions/versions/read\",\n \"Microsoft.Edge/targets/updateExternalValidationStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db9875ba-bd2b-4e98-934d-0daa549a07f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db9875ba-bd2b-4e98-934d-0daa549a07f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Project Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/accounts/*/read\",\n \"Microsoft.CognitiveServices/accounts/projects/*\",\n \"Microsoft.CognitiveServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.5915009Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eadc314b-1a2d-4efa-be10-5d325db5065e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Dashboards with Grafana Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage dashboards with Grafana.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/dashboards/read\",\n \"Microsoft.Dashboard/dashboards/write\",\n \"Microsoft.Dashboard/dashboards/delete\",\n \"Microsoft.Dashboard/locations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"updatedOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0618ae3d-2930-4bb7-aa00-718db34ee9f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0618ae3d-2930-4bb7-aa00-718db34ee9f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage AI projects and accounts. Grants conditional assignment of the Azure AI User role to other user principles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-05-01T00:11:10.589501Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.589501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e47c6f54-e4a2-4754-9501-8e0985b135e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e47c6f54-e4a2-4754-9501-8e0985b135e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Secrets Store Extension Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, create and modify secretsync and secretproviderclass objects. Register and deregister the provider from the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecretSyncController/register/action\",\n \"Microsoft.SecretSyncController/unregister/action\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/read\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/write\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/delete\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/read\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/write\",\n \"Microsoft.SecretSyncController/operations/read\",\n \"Microsoft.SecretSyncController/secretSyncs/read\",\n \"Microsoft.SecretSyncController/secretSyncs/write\",\n \"Microsoft.SecretSyncController/secretSyncs/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"updatedOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c227a58-cff3-4b51-9fa3-51bdafb6ca55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c227a58-cff3-4b51-9fa3-51bdafb6ca55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants reader access to AI projects, reader access to AI accounts, and data actions for an AI project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"updatedOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53ca6127-db72-4b80-b1b0-d745d6d5456d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53ca6127-db72-4b80-b1b0-d745d6d5456d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Control Plane Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables the control plane operator to read resources necessary for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.113071Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.113071Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0ff367d-66d8-445e-917c-583feb0ef0d4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0ff367d-66d8-445e-917c-583feb0ef0d4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Azure resources needed by Azure Kubernetes Fleet Manager hub agents.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/trafficManagerProfiles/read\",\n \"Microsoft.Network/trafficManagerProfiles/write\",\n \"Microsoft.Network/trafficManagerProfiles/delete\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/read\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/write\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-05T15:00:30.7938727Z\",\n \"updatedOn\": \"2025-05-23T17:06:06.3537994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de2b316d-7a2c-4143-b4cd-c148f6a355a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de2b316d-7a2c-4143-b4cd-c148f6a355a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration IT Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to manage the IT Admin operations for Workload Orchestration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/eventGridFilters/delete\",\n \"Microsoft.Edge/contexts/eventGridFilters/read\",\n \"Microsoft.Edge/contexts/eventGridFilters/write\",\n \"Microsoft.Edge/contexts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"updatedOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63304235-eaf4-4c15-8e93-46c483611231\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63304235-eaf4-4c15-8e93-46c483611231\"\n },\n {\n \"properties\": {\n \"roleName\": \"Arc Gateway Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Arc Gateway Resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-08T18:19:27.614475Z\",\n \"updatedOn\": \"2025-05-08T18:19:27.614475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6e92014-8af2-414d-9948-9b1abf559285\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6e92014-8af2-414d-9948-9b1abf559285\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Machine Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for machine related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/deleteMachines/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"updatedOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e253927-1f29-4d89-baa2-c3a549eff423\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e253927-1f29-4d89-baa2-c3a549eff423\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/DevicePools/read\",\n \"Microsoft.AzureStackHCI/DevicePools/ClaimDevices/action\",\n \"Microsoft.AzureStackHCI/DevicePools/ReleaseDevices/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:48.828656Z\",\n \"updatedOn\": \"2025-05-15T08:48:48.828656Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adc3c795-c41e-4a89-a478-0b321783324c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adc3c795-c41e-4a89-a478-0b321783324c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/Read/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/Jobs/Read/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"updatedOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5f569efd-4da5-4123-99cd-d42fbb2a836e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5f569efd-4da5-4123-99cd-d42fbb2a836e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all monitoring data, update permissions for monitoring settings and permissions to deploy and remediate Azure Monitor alert policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PolicyInsights/remediations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"updatedOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47be4a87-7950-4631-9daf-b664a405f074\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47be4a87-7950-4631-9daf-b664a405f074\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for a file or Azure file share that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"updatedOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage table that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"updatedOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/965033a5-c8eb-4f35-b82f-fef460a3606d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"965033a5-c8eb-4f35-b82f-fef460a3606d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage queue that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"updatedOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ee386e9-84f0-448e-80a6-f185f6533131\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ee386e9-84f0-448e-80a6-f185f6533131\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteCreate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDelete/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-23T15:34:55.7571301Z\",\n \"updatedOn\": \"2025-06-06T16:43:20.1338695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6fbca9a8-3561-41fd-8b20-6576043c1076\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6fbca9a8-3561-41fd-8b20-6576043c1076\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Machine Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Machine Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/delete\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/delete\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\",\n \"Microsoft.HybridCompute/machines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-28T15:24:16.9803048Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.7881209Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"AI Model Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for AI access to AI services and resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/versions/read\",\n \"Microsoft.MachineLearningServices/workspaces/datastores/read\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/artifacts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-11T15:26:11.6009304Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9beb50-e28c-4879-8472-24c9d328085f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9beb50-e28c-4879-8472-24c9d328085f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to read Azure Kubernetes Service namespace resources. In-cluster namespace access further requires assignment of Azure Kubernetes Service RBAC roles to the namespace resource for an Entra ID enabled cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/listCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"updatedOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9f76ca8-b262-4b10-8ed2-09cf0948aa35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9f76ca8-b262-4b10-8ed2-09cf0948aa35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Azure Kubernetes Service namespace resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"updatedOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/289d8817-ee69-43f1-a0af-43a45505b488\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"289d8817-ee69-43f1-a0af-43a45505b488\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))\"\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4834641Z\",\n \"updatedOn\": \"2025-07-03T17:24:32.4630198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c6569b6-f23e-4295-9b90-bd4cc4ff3292\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevOps Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on Managed DevOps Pools\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevOpsInfrastructure/register/action\",\n \"Microsoft.DevOpsInfrastructure/unregister/action\",\n \"Microsoft.DevOpsInfrastructure/*/read\",\n \"Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write\",\n \"Microsoft.DevOpsInfrastructure/pools/write\",\n \"Microsoft.DevOpsInfrastructure/pools/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4784655Z\",\n \"updatedOn\": \"2025-07-17T00:34:35.8546315Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76153a9e-0edb-49bc-8e01-93c47e6b5180\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view billing information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"updatedOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/32c34659-0f83-4a4c-80f2-63a244f8ae0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"32c34659-0f83-4a4c-80f2-63a244f8ae0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view sensitive security information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"updatedOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Edge Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role for managing operations in azure stack edge\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/downloadUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/generateCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/getExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/installUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/listDCAccessCode/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/scanForUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/update/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/uploadCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"updatedOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12b8206a-0216-4469-908d-a3e2025fe085\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12b8206a-0216-4469-908d-a3e2025fe085\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grounding with Bing User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enable Approved Microsoft Applications to connect to Bing to retrieve and ground responses using real-time data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Bing/accounts/useGrounding/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T15:16:52.842097Z\",\n \"updatedOn\": \"2025-06-25T15:16:52.842097Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2016c9ed-c18d-4120-93d7-178e583efe92\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2016c9ed-c18d-4120-93d7-178e583efe92\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Advisor Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission to delete and write access for suppressions, configurations and assmessments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/suppressions/write\",\n \"Microsoft.Advisor/suppressions/delete\",\n \"Microsoft.Advisor/recommendations/suppressions/write\",\n \"Microsoft.Advisor/recommendations/suppressions/delete\",\n \"Microsoft.Advisor/assessments/write\",\n \"Microsoft.Advisor/configurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T19:21:21.1733164Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.2108089Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a41f41-6dce-4ea7-8a34-8e095ddba55c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a41f41-6dce-4ea7-8a34-8e095ddba55c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Resource Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Resource Admin\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"updatedOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/548d7e7c-65ee-412b-ae37-2dbb419d4207\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"548d7e7c-65ee-412b-ae37-2dbb419d4207\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Bulk Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to perform bulk operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/bulkOperator/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/bulkOperator/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"updatedOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Administrator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/checkNameAvailability/action\",\n \"Microsoft.Discovery/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830}))\"\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-23T16:53:36.843759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a2b6e6c-472e-4b39-8878-a26eb63d75c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a2b6e6c-472e-4b39-8878-a26eb63d75c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants readonly permissions to view Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bb7c424-af4e-436b-bfcc-8779c8934c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bb7c424-af4e-436b-bfcc-8779c8934c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view and operate on most Discovery platform resources, including workspaces, supercomputers, storages, agents, bookshelves, data containers, models, tools, workflows, and investigations, as well as perform data plane actions, but does not allow creating, updating, or deleting core resources such as workspaces, supercomputers, storages, bookshelves, node pools, or projects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Discovery/workspaces/read\",\n \"Microsoft.Discovery/supercomputers/read\",\n \"Microsoft.Discovery/storages/read\",\n \"Microsoft.Discovery/agents/*\",\n \"Microsoft.Discovery/bookshelves/read\",\n \"Microsoft.Discovery/dataContainers/*\",\n \"Microsoft.Discovery/dataContainers/dataAssets/*\",\n \"Microsoft.Discovery/models/*\",\n \"Microsoft.Discovery/supercomputers/nodePools/read\",\n \"Microsoft.Discovery/tools/*\",\n \"Microsoft.Discovery/workflows/*\",\n \"Microsoft.Discovery/workspaces/projects/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.Discovery/workspaces/write\",\n \"Microsoft.Discovery/workspaces/delete\",\n \"Microsoft.Discovery/supercomputers/write\",\n \"Microsoft.Discovery/supercomputers/delete\",\n \"Microsoft.Discovery/storages/write\",\n \"Microsoft.Discovery/storages/delete\",\n \"Microsoft.Discovery/bookshelves/write\",\n \"Microsoft.Discovery/bookshelves/delete\",\n \"Microsoft.Discovery/supercomputers/nodePools/write\",\n \"Microsoft.Discovery/supercomputers/nodePools/delete\",\n \"Microsoft.Discovery/workspaces/projects/write\",\n \"Microsoft.Discovery/workspaces/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2814036Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/01288891-85ee-45a7-b367-9db3b752fc65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"01288891-85ee-45a7-b367-9db3b752fc65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, edit and delete AIO resources. Manage all resources, including instance and its downstream resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DeviceRegistry/Assets/*\",\n \"Microsoft.DeviceRegistry/AssetEndpointProfiles/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Assets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Devices/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredAssets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredDevices/*\",\n \"Microsoft.DeviceRegistry/SchemaRegistries/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T19:55:14.5761643Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"User can Azure arc connect and deploy Azure IoT Operations securely.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.DeviceRegistry/register/action\",\n \"Microsoft.DeviceRegistry/schemaRegistries/read\",\n \"Microsoft.DeviceRegistry/schemaRegistries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/*/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T20:10:17.4373209Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write connectors and have basic customer permissions like reading authorizations, alert rules and resourceGroups\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"updatedOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c459b115-f629-486b-b359-35feb5568b83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c459b115-f629-486b-b359-35feb5568b83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Virtual Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"updatedOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1abf4029-2200-4343-800c-e4c4c01eddbd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1abf4029-2200-4343-800c-e4c4c01eddbd\"\n },\n {\n \"properties\": {\n \"roleName\": \"NginxPlus Contributor service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Nginx.NginxPlus Control Plane operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NGINX.NGINXPLUS/register/action\",\n \"NGINX.NGINXPLUS/unregister/action\",\n \"NGINX.NGINXPLUS/locations/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Delete\",\n \"NGINX.NGINXPLUS/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-11T15:44:56.6598995Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.5007488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61aed14c-6c9a-4ed5-aa44-49fc5e96a167\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61aed14c-6c9a-4ed5-aa44-49fc5e96a167\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure CosmosDB Fleets and related child resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/fleets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/35ffec73-9cb8-4593-8718-40d5bc4b7f6f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"35ffec73-9cb8-4593-8718-40d5bc4b7f6f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Apis contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows all actions on healthcareapis provider resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HealthcareApis/services/*\",\n \"Microsoft.HealthcareApis/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29f61507-bdfb-4987-b629-20033be2d6c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29f61507-bdfb-4987-b629-20033be2d6c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Datadog Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Datadog Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Datadog/register/action\",\n \"Microsoft.Datadog/unregister/action\",\n \"Microsoft.Datadog/agreements/read\",\n \"Microsoft.Datadog/agreements/write\",\n \"Microsoft.Datadog/locations/read\",\n \"Microsoft.Datadog/locations/operationStatuses/read\",\n \"Microsoft.Datadog/locations/operationStatuses/write\",\n \"Microsoft.Datadog/monitors/read\",\n \"Microsoft.Datadog/monitors/write\",\n \"Microsoft.Datadog/monitors/delete\",\n \"Microsoft.Datadog/monitors/listApiKeys/action\",\n \"Microsoft.Datadog/monitors/getDefaultKey/action\",\n \"Microsoft.Datadog/monitors/setDefaultKey/action\",\n \"Microsoft.Datadog/monitors/refreshSetPasswordLink/action\",\n \"Microsoft.Datadog/monitors/listLinkedResources/action\",\n \"Microsoft.Datadog/monitors/listHosts/read\",\n \"Microsoft.Datadog/monitors/listLinkedResources/read\",\n \"Microsoft.Datadog/monitors/listMonitoredResources/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/read\",\n \"Microsoft.Datadog/monitors/tagRules/read\",\n \"Microsoft.Datadog/monitors/tagRules/write\",\n \"Microsoft.Datadog/registeredSubscriptions/read\",\n \"Microsoft.Datadog/subscriptionStatuses/read\",\n \"Microsoft.Datadog/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3027767Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81b67e46-ef5b-4404-bddd-090985bb4a28\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81b67e46-ef5b-4404-bddd-090985bb4a28\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Elastic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Elastic/getOrganizationApiKey/action\",\n \"Microsoft.Elastic/checkNameAvailability/action\",\n \"Microsoft.Elastic/register/action\",\n \"Microsoft.Elastic/locations/read\",\n \"Microsoft.Elastic/locations/operationStatuses/read\",\n \"Microsoft.Elastic/locations/operationStatuses/write\",\n \"Microsoft.Elastic/monitors/read\",\n \"Microsoft.Elastic/monitors/write\",\n \"Microsoft.Elastic/monitors/delete\",\n \"Microsoft.Elastic/monitors/listMonitoredResources/action\",\n \"Microsoft.Elastic/monitors/listVMHost/action\",\n \"Microsoft.Elastic/monitors/createOrUpdateExternalUser/action\",\n \"Microsoft.Elastic/monitors/listAllTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/listAssociatedTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/createAndAssociateIPFilter/action\",\n \"Microsoft.Elastic/monitors/createAndAssociatePLFilter/action\",\n \"Microsoft.Elastic/monitors/associateTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachAndDeleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/deleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/listUpgradableVersions/action\",\n \"Microsoft.Elastic/monitors/getBillingInfo/action\",\n \"Microsoft.Elastic/monitors/listConnectedPartnerResources/action\",\n \"Microsoft.Elastic/monitors/upgrade/action\",\n \"Microsoft.Elastic/monitors/vmIngestionDetails/action\",\n \"Microsoft.Elastic/monitors/vmCollectionUpdate/action\",\n \"Microsoft.Elastic/monitors/listDeploymentInfo/action\",\n \"Microsoft.Elastic/monitors/resubscribe/action\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/read\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/getStatus/action\",\n \"Microsoft.Elastic/monitors/tagRules/read\",\n \"Microsoft.Elastic/monitors/tagRules/write\",\n \"Microsoft.Elastic/registeredSubscriptions/read\",\n \"Microsoft.Elastic/elasticVersions/read\",\n \"Microsoft.Elastic/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3017765Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.4997487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d68eeb8d-afae-4932-a331-203b7957e509\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d68eeb8d-afae-4932-a331-203b7957e509\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Elastic resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Elastic/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/225efd4d-4ca0-42a1-ae53-5f233ba23c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"225efd4d-4ca0-42a1-ae53-5f233ba23c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Newrelic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Newrelic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NewRelic.Observability/register/action\",\n \"NewRelic.Observability/unregister/action\",\n \"NewRelic.Observability/accounts/read\",\n \"NewRelic.Observability/plans/read\",\n \"NewRelic.Observability/organizations/read\",\n \"NewRelic.Observability/locations/read\",\n \"NewRelic.Observability/locations/operationStatuses/read\",\n \"NewRelic.Observability/locations/operationStatuses/write\",\n \"NewRelic.Observability/monitors/read\",\n \"NewRelic.Observability/monitors/write\",\n \"NewRelic.Observability/monitors/delete\",\n \"NewRelic.Observability/monitors/monitoredResources/action\",\n \"NewRelic.Observability/monitors/vmHostPayloads/action\",\n \"NewRelic.Observability/monitors/listAppServices/action\",\n \"NewRelic.Observability/monitors/listHosts/action\",\n \"NewRelic.Observability/monitors/refreshIngestionKey/action\",\n \"NewRelic.Observability/monitors/getMetricRules/action\",\n \"NewRelic.Observability/monitors/getMetricStatus/action\",\n \"NewRelic.Observability/monitors/switchBilling/action\",\n \"NewRelic.Observability/monitors/latestLinkedSaaS/action\",\n \"NewRelic.Observability/monitors/linkSaaS/action\",\n \"NewRelic.Observability/monitors/resubscribe/action\",\n \"NewRelic.Observability/monitors/getBillingInfo/action\",\n \"NewRelic.Observability/monitors/listConnectedPartnerResources/action\",\n \"NewRelic.Observability/monitors/listLinkedResources/action\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/read\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/write\",\n \"NewRelic.Observability/monitors/tagRules/read\",\n \"NewRelic.Observability/monitors/tagRules/write\",\n \"NewRelic.Observability/registeredSubscriptions/read\",\n \"NewRelic.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a60da355-bdec-443f-8d42-a03f0422f04d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a60da355-bdec-443f-8d42-a03f0422f04d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Enrollments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the creation and modification of policy enrollments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T16:55:07.415008Z\",\n \"updatedOn\": \"2025-07-16T16:55:07.415008Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/285ce6d6-fa11-43bd-94ef-42a9b3740bfd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"285ce6d6-fa11-43bd-94ef-42a9b3740bfd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dynatrace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dynatrace Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Dynatrace.Observability/checkNameAvailability/action\",\n \"Dynatrace.Observability/register/action\",\n \"Dynatrace.Observability/unregister/action\",\n \"Dynatrace.Observability/getMarketplaceSaaSResourceDetails/action\",\n \"Dynatrace.Observability/locations/read\",\n \"Dynatrace.Observability/locations/operationStatuses/read\",\n \"Dynatrace.Observability/locations/operationStatuses/write\",\n \"Dynatrace.Observability/monitors/read\",\n \"Dynatrace.Observability/monitors/write\",\n \"Dynatrace.Observability/monitors/delete\",\n \"Dynatrace.Observability/monitors/listMonitoredResources/action\",\n \"Dynatrace.Observability/monitors/getVMHostPayload/action\",\n \"Dynatrace.Observability/monitors/listHosts/action\",\n \"Dynatrace.Observability/monitors/listAppServices/action\",\n \"Dynatrace.Observability/monitors/getSSODetails/action\",\n \"Dynatrace.Observability/monitors/listLinkableEnvironments/action\",\n \"Dynatrace.Observability/monitors/getMetricStatus/action\",\n \"Dynatrace.Observability/monitors/manageAgentInstallation/action\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/read\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/read\",\n \"Dynatrace.Observability/monitors/tagRules/read\",\n \"Dynatrace.Observability/monitors/tagRules/write\",\n \"Dynatrace.Observability/registeredSubscriptions/read\",\n \"Dynatrace.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-17T04:54:12.9049103Z\",\n \"updatedOn\": \"2025-08-01T11:55:53.7346372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa96a588-3fac-4adb-bfb2-f8404ece07e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa96a588-3fac-4adb-bfb2-f8404ece07e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.OffAzureSpringBoot Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Microsoft.OffAzureSpringBoot Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OffAzureSpringBoot/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-18T10:13:03.6807059Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79732128-7761-4733-aebf-35590da9f29b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79732128-7761-4733-aebf-35590da9f29b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexus network fabric resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.ManagedNetworkFabric/*/action\",\n \"Microsoft.ManagedNetworkFabric/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/46c70067-0f50-457f-8137-2449c90de518\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"46c70067-0f50-457f-8137-2449c90de518\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Identity Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexusidentity resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NexusIdentity/*/read\",\n \"Microsoft.NexusIdentity/*/write\",\n \"Microsoft.NexusIdentity/*/action\",\n \"Microsoft.NexusIdentity/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/374a1cc6-96cb-4946-8d8b-a41054c8ae97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"374a1cc6-96cb-4946-8d8b-a41054c8ae97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Conversation Session User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows sending a message to the agent and receive a response, using the conversation session API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ConversationSession/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"updatedOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b3eb788f-5426-48bd-821d-561701ede368\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b3eb788f-5426-48bd-821d-561701ede368\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Analytics Storage Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write telemetry data from the Fleet Analytics Synapse workspace to customer-provided storage accounts or Fabric Lakehouses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T01:43:25.8457961Z\",\n \"updatedOn\": \"2025-08-28T01:46:02.2595107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf41e52e-617f-4981-8b7a-47431bd4e011\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf41e52e-617f-4981-8b7a-47431bd4e011\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Data Transfer Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete pipelines, connections, and flows in Azure Data Transfer. Also perform any appropriate control plane operations for managing Azure Data Transfer resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureDataTransfer/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"updatedOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eded264d-1796-4e25-8500-a78427f8a316\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eded264d-1796-4e25-8500-a78427f8a316\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Video Indexer Account resources and generate access tokens for data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/checknameavailability/action\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/read\",\n \"Microsoft.VideoIndexer/accounts/write\",\n \"Microsoft.VideoIndexer/accounts/delete\",\n \"Microsoft.VideoIndexer/accounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/read\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/write\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/delete\",\n \"Microsoft.VideoIndexer/accounts/privateLinkResources/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/write\",\n \"Microsoft.VideoIndexer/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-07-28T15:04:33.545254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f99eaab-6f59-4877-adf5-1cacd22e20b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f99eaab-6f59-4877-adf5-1cacd22e20b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity DUPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Deleted Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/deletedUnifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-08-21T13:32:13.8007194Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4eb044f-76b9-47af-92f9-1d95c4c14ab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4eb044f-76b9-47af-92f9-1d95c4c14ab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all Sites related resources but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurationReferences/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59f98be6-0817-488b-831e-36a353c8000b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59f98be6-0817-488b-831e-36a353c8000b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Edge Sites Owner role - Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/sites/write\",\n \"Microsoft.Edge/sites/delete\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/write\",\n \"Microsoft.Edge/configurations/delete\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/write\",\n \"Microsoft.Edge/configurations/networkConfigurations/delete\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/write\",\n \"Microsoft.Edge/configurations/securityConfigurations/delete\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/write\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/delete\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/write\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/delete\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/write\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/delete\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/write\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/delete\",\n \"Microsoft.Edge/configurationReferences/read\",\n \"Microsoft.Edge/configurationReferences/write\",\n \"Microsoft.Edge/configurationReferences/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1cd7e4da-2789-457f-adbe-3e9e84037a93\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1cd7e4da-2789-457f-adbe-3e9e84037a93\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr PureStorage Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all PureStorage related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"PureStorage.Block/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85546f1f-f28b-4cb3-b852-73e422a96897\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85546f1f-f28b-4cb3-b852-73e422a96897\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dell Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Dell related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Dell.Storage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d683b71b-2b91-4fc1-a43e-b53b3d85bed9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d683b71b-2b91-4fc1-a43e-b53b3d85bed9\"\n },\n {\n \"properties\": {\n \"roleName\": \"SupportPlan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor role for Enterprise Support Resource Provider\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EnterpriseSupport/services/delete\",\n \"Microsoft.EnterpriseSupport/services/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T21:45:45.323115Z\",\n \"updatedOn\": \"2025-07-30T21:45:45.323115Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d6f52ba-a7de-4c56-a58f-522154514fba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d6f52ba-a7de-4c56-a58f-522154514fba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Spring Apps Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-31T11:03:44.7831528Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4037dd68-1cc7-4a64-8765-3a79963a9940\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4037dd68-1cc7-4a64-8765-3a79963a9940\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Networking Outbound Rules Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-in role that can authorize users to access and update the managed network settings of a machine learning workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/delete\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/batchOutboundRules/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25cabde7-1a6c-4350-8877-cb6fe59f1399\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25cabde7-1a6c-4350-8877-cb6fe59f1399\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity UPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/unifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5108882Z\",\n \"updatedOn\": \"2025-08-21T13:32:14.8037229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"LambdaTest.HyperExecute Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all LambdaTest.HyperExecute related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"LambdaTest.HyperExecute/checkNameAvailability/action\",\n \"LambdaTest.HyperExecute/register/action\",\n \"LambdaTest.HyperExecute/unregister/action\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/read\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/write\",\n \"LambdaTest.HyperExecute/operations/read\",\n \"LambdaTest.HyperExecute/organizations/read\",\n \"LambdaTest.HyperExecute/organizations/write\",\n \"LambdaTest.HyperExecute/organizations/delete\",\n \"LambdaTest.HyperExecute/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44a00263-b2a0-45d5-a618-5d8d11709349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44a00263-b2a0-45d5-a618-5d8d11709349\"\n },\n {\n \"properties\": {\n \"roleName\": \"ArizeAi.ObservabilityEval Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all ArizeAi.ObservabilityEval related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"ArizeAi.ObservabilityEval/checkNameAvailability/action\",\n \"ArizeAi.ObservabilityEval/register/action\",\n \"ArizeAi.ObservabilityEval/unregister/action\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/read\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/write\",\n \"ArizeAi.ObservabilityEval/operations/read\",\n \"ArizeAi.ObservabilityEval/organizations/read\",\n \"ArizeAi.ObservabilityEval/organizations/write\",\n \"ArizeAi.ObservabilityEval/organizations/delete\",\n \"ArizeAi.ObservabilityEval/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dca88c6f-5090-44cd-a0ff-a88f337b12a5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dca88c6f-5090-44cd-a0ff-a88f337b12a5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Pinecone.VectorDb Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Pinecone.VectorDb related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Pinecone.VectorDb/checkNameAvailability/action\",\n \"Pinecone.VectorDb/register/action\",\n \"Pinecone.VectorDb/unregister/action\",\n \"Pinecone.VectorDb/locations/operationStatuses/read\",\n \"Pinecone.VectorDb/locations/operationStatuses/write\",\n \"Pinecone.VectorDb/operations/read\",\n \"Pinecone.VectorDb/organizations/read\",\n \"Pinecone.VectorDb/organizations/write\",\n \"Pinecone.VectorDb/organizations/delete\",\n \"Pinecone.VectorDb/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd799a69-ffc8-4aa8-9701-b51f686857d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd799a69-ffc8-4aa8-9701-b51f686857d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.WeightsAndBiases Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Microsoft.WeightsAndBiases related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WeightsAndBiases/checkNameAvailability/action\",\n \"Microsoft.WeightsAndBiases/register/action\",\n \"Microsoft.WeightsAndBiases/unregister/action\",\n \"Microsoft.WeightsAndBiases/instances/read\",\n \"Microsoft.WeightsAndBiases/instances/write\",\n \"Microsoft.WeightsAndBiases/instances/delete\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/read\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/write\",\n \"Microsoft.WeightsAndBiases/operations/read\",\n \"Microsoft.WeightsAndBiases/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:57.794372Z\",\n \"updatedOn\": \"2025-08-06T15:22:57.794372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/246fffca-69ee-4945-bbf1-2a867dce4fda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"246fffca-69ee-4945-bbf1-2a867dce4fda\"\n },\n {\n \"properties\": {\n \"roleName\": \"Recurring Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Recurring Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"updatedOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/376d0802-aca8-4c2d-83a5-c88630f396fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"376d0802-aca8-4c2d-83a5-c88630f396fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\",\n \"/providers/Microsoft.Management/serviceGroups\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-09-18T10:30:29.9987541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d2e8fe82-9212-490f-af3e-34bb52d87d3d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d2e8fe82-9212-490f-af3e-34bb52d87d3d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff09793b-be48-49f6-ad96-70d32039c0b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff09793b-be48-49f6-ad96-70d32039c0b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c914561b-1575-4601-af9c-a1356bf59818\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c914561b-1575-4601-af9c-a1356bf59818\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"updatedOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e131102b-11a5-4ff4-8508-ed922132b74c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e131102b-11a5-4ff4-8508-ed922132b74c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Order Partner Inventory Manager Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage inventory metadata and inventory links associated with Edge Order Partner scenarios. Enables configuration and control of inventory resources for tracking and fulfillment purposes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageLink/action\",\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageInventoryMetadata/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-12T15:18:36.5429246Z\",\n \"updatedOn\": \"2025-09-05T06:37:32.5466384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f24a559b-c2fc-4409-b96e-9af4b0c28ad6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f24a559b-c2fc-4409-b96e-9af4b0c28ad6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender For Container Registries Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registries\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T15:27:47.0452902Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5c82243-e78e-43f9-8428-793bba85b28e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5c82243-e78e-43f9-8428-793bba85b28e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Change Safety Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage all Microsoft.ChangeSafety resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ChangeSafety/changeStates/read\",\n \"Microsoft.ChangeSafety/changeStates/write\",\n \"Microsoft.ChangeSafety/changeStates/delete\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/read\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/write\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/delete\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/read\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/write\",\n \"Microsoft.ChangeSafety/safeRollouts/read\",\n \"Microsoft.ChangeSafety/safeRollouts/write\",\n \"Microsoft.ChangeSafety/safeRollouts/delete\",\n \"Microsoft.ChangeSafety/safeRollouts/steps/read\",\n \"Microsoft.ChangeSafety/stageMaps/read\",\n \"Microsoft.ChangeSafety/stageMaps/write\",\n \"Microsoft.ChangeSafety/stageMaps/delete\",\n \"Microsoft.ChangeSafety/validations/read\",\n \"Microsoft.ChangeSafety/validations/write\",\n \"Microsoft.ChangeSafety/validations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"updatedOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Clinical Coder Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in Clinical Coder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/AIActions/ClinicalCoder/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"updatedOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0a94e7a-d791-4571-b2e0-8bdd8f867544\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0a94e7a-d791-4571-b2e0-8bdd8f867544\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Data Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Data Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.operationalinsights/workspaces/read\",\n \"Microsoft.operationalinsights/workspaces/write\",\n \"Microsoft.operationalinsights/workspaces/query/read\",\n \"Microsoft.operationalinsights/workspaces/tables/write\",\n \"Microsoft.operationalinsights/workspaces/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-22T09:09:13.51896Z\",\n \"updatedOn\": \"2025-08-22T09:09:13.51896Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40ead2a5-466e-4039-8a80-325542d9d2dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40ead2a5-466e-4039-8a80-325542d9d2dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Local Disconnected Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Local Disconnected Operations Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/disconnectedOperations/*/read\",\n \"Microsoft.Edge/disconnectedOperations/*/write\",\n \"Microsoft.Edge/disconnectedOperations/*/delete\",\n \"Microsoft.Edge/winfields/*/read\",\n \"Microsoft.Edge/winfields/*/write\",\n \"Microsoft.Edge/winfields/*/delete\",\n \"Microsoft.Edge/winfields/*/action\",\n \"Microsoft.Edge/disconnectedOperations/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/478d20ba-a53e-4946-b33c-8078a92f2d0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"478d20ba-a53e-4946-b33c-8078a92f2d0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Workload Orchestration Administrator Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/*\",\n \"Microsoft.Edge/configTemplates/*\",\n \"Microsoft.Edge/solutionTemplates/*\",\n \"Microsoft.Edge/configurations/*\",\n \"Microsoft.Edge/configurationreferences/*\",\n \"Microsoft.Edge/schemas/*\",\n \"Microsoft.Edge/schemaReferences/*\",\n \"Microsoft.Edge/targets/*\",\n \"Microsoft.Edge/jobs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"updatedOn\": \"2025-09-04T04:15:37.014131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cbb820e9-e561-45bb-84c2-ef45d0a13f7d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cbb820e9-e561-45bb-84c2-ef45d0a13f7d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View firmware images but not upload them or perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*/read\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"updatedOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a94a2fd-3c4f-45d1-847d-6585ba88af94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a94a2fd-3c4f-45d1-847d-6585ba88af94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read, write, destructive and scripting actions on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"updatedOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04f6c337-ffae-414c-b00f-3e80c9ab8a2c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04f6c337-ffae-414c-b00f-3e80c9ab8a2c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Script Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows execution and management of scripts on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scripteval/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptevalsha/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptexists/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptflush/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptload/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:39:28.929238Z\",\n \"updatedOn\": \"2025-08-27T17:39:28.929238Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7021ea36-e168-4bc0-af53-88de51d20665\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7021ea36-e168-4bc0-af53-88de51d20665\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d9cd91b9-dada-4fa9-9406-454c4659c137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d9cd91b9-dada-4fa9-9406-454c4659c137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/append/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/del/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/expire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpersist/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hsetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/msetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psetex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readwrite/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/set/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setrange/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smove/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/spop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunionstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unlink/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangestore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebylex/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyrank/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyscore/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunionstore/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1694e55a-2496-4d07-b005-7259aa3fcbe8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1694e55a-2496-4d07-b005-7259aa3fcbe8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"updatedOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca62263b-07d5-4b48-b437-088803f5c2ff\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca62263b-07d5-4b48-b437-088803f5c2ff\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"updatedOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1fd5d8bf-9037-4ede-89bf-680f798e2765\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1fd5d8bf-9037-4ede-89bf-680f798e2765\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:38:33.2080873Z\",\n \"updatedOn\": \"2025-09-11T12:26:00.2449399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Contributor and Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Contributor and Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:53:37.3243745Z\",\n \"updatedOn\": \"2025-09-18T08:00:00.7910377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/625a1cea-653b-4a19-bd3a-df1d66ab6637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"625a1cea-653b-4a19-bd3a-df1d66ab6637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T15:23:46.8702579Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78b7345a-1e1b-483a-ac62-62228c6ea89d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78b7345a-1e1b-483a-ac62-62228c6ea89d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Azure Monitor Pipeline resources, providing full read and write access to pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/679dc20a-52e8-4ac0-a23c-3b557dfb1e24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"679dc20a-52e8-4ac0-a23c-3b557dfb1e24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Azure Monitor Pipeline resources, including pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to all SRE Agent data, including chats, incidents, logs, and configurations. Does not permit interaction with the agent.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.0394523Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b156ac-253f-4a1a-9851-96d62b71b047\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b156ac-253f-4a1a-9851-96d62b71b047\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Connectivity contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.HybridConnectivity contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/listIngressGatewayCredentials/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/delete\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/testPermissions/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/write\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/delete\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/syncNow/action\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.251471Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.251471Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0f57965-de58-41bc-ba76-2aaab4d09f30\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0f57965-de58-41bc-ba76-2aaab4d09f30\"\n },\n {\n \"properties\": {\n \"roleName\": \"Aws Connector contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AwsConnector contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/delete\",\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/write\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/delete\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/write\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/delete\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/write\",\n \"Microsoft.AwsConnector/apiGatewayStages/delete\",\n \"Microsoft.AwsConnector/apiGatewayStages/write\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/delete\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/write\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/delete\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/write\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/delete\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/write\",\n \"Microsoft.AwsConnector/cloudFormationStacks/delete\",\n \"Microsoft.AwsConnector/cloudFormationStacks/write\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/delete\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/write\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/delete\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/write\",\n \"Microsoft.AwsConnector/cloudTrailTrails/delete\",\n \"Microsoft.AwsConnector/cloudTrailTrails/write\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/delete\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/write\",\n \"Microsoft.AwsConnector/codeBuildProjects/delete\",\n \"Microsoft.AwsConnector/codeBuildProjects/write\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/delete\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/write\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/delete\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/write\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/delete\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/write\",\n \"Microsoft.AwsConnector/daxClusters/delete\",\n \"Microsoft.AwsConnector/daxClusters/write\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/delete\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/write\",\n \"Microsoft.AwsConnector/dynamoDBTables/delete\",\n \"Microsoft.AwsConnector/dynamoDBTables/write\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/delete\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/write\",\n \"Microsoft.AwsConnector/ec2Addresses/delete\",\n \"Microsoft.AwsConnector/ec2Addresses/write\",\n \"Microsoft.AwsConnector/ec2FlowLogs/delete\",\n \"Microsoft.AwsConnector/ec2FlowLogs/write\",\n \"Microsoft.AwsConnector/ec2Images/delete\",\n \"Microsoft.AwsConnector/ec2Images/write\",\n \"Microsoft.AwsConnector/ec2Instances/delete\",\n \"Microsoft.AwsConnector/ec2Instances/start/action\",\n \"Microsoft.AwsConnector/ec2Instances/stop/action\",\n \"Microsoft.AwsConnector/ec2Instances/write\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/delete\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/write\",\n \"Microsoft.AwsConnector/ec2Ipams/delete\",\n \"Microsoft.AwsConnector/ec2Ipams/write\",\n \"Microsoft.AwsConnector/ec2KeyPairs/delete\",\n \"Microsoft.AwsConnector/ec2KeyPairs/write\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/delete\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/write\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/delete\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/write\",\n \"Microsoft.AwsConnector/ec2RouteTables/delete\",\n \"Microsoft.AwsConnector/ec2RouteTables/write\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/delete\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/write\",\n \"Microsoft.AwsConnector/ec2Snapshots/delete\",\n \"Microsoft.AwsConnector/ec2Snapshots/write\",\n \"Microsoft.AwsConnector/ec2Subnets/delete\",\n \"Microsoft.AwsConnector/ec2Subnets/write\",\n \"Microsoft.AwsConnector/ec2Volumes/delete\",\n \"Microsoft.AwsConnector/ec2Volumes/write\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/delete\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/write\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/delete\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/write\",\n \"Microsoft.AwsConnector/ec2Vpcs/delete\",\n \"Microsoft.AwsConnector/ec2Vpcs/write\",\n \"Microsoft.AwsConnector/ecrImageDetails/delete\",\n \"Microsoft.AwsConnector/ecrImageDetails/write\",\n \"Microsoft.AwsConnector/ecrRepositories/delete\",\n \"Microsoft.AwsConnector/ecrRepositories/write\",\n \"Microsoft.AwsConnector/ecsClusters/delete\",\n \"Microsoft.AwsConnector/ecsClusters/write\",\n \"Microsoft.AwsConnector/ecsServices/delete\",\n \"Microsoft.AwsConnector/ecsServices/write\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/delete\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/write\",\n \"Microsoft.AwsConnector/efsFileSystems/delete\",\n \"Microsoft.AwsConnector/efsFileSystems/write\",\n \"Microsoft.AwsConnector/efsMountTargets/delete\",\n \"Microsoft.AwsConnector/efsMountTargets/write\",\n \"Microsoft.AwsConnector/eksClusters/delete\",\n \"Microsoft.AwsConnector/eksClusters/write\",\n \"Microsoft.AwsConnector/eksNodegroups/delete\",\n \"Microsoft.AwsConnector/eksNodegroups/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/write\",\n \"Microsoft.AwsConnector/elasticsearchDomains/delete\",\n \"Microsoft.AwsConnector/elasticsearchDomains/write\",\n \"Microsoft.AwsConnector/emrClusters/delete\",\n \"Microsoft.AwsConnector/emrClusters/write\",\n \"Microsoft.AwsConnector/guardDutyDetectors/delete\",\n \"Microsoft.AwsConnector/guardDutyDetectors/write\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/write\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/write\",\n \"Microsoft.AwsConnector/iamGroups/delete\",\n \"Microsoft.AwsConnector/iamGroups/write\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/delete\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/write\",\n \"Microsoft.AwsConnector/iamManagedPolicies/delete\",\n \"Microsoft.AwsConnector/iamManagedPolicies/write\",\n \"Microsoft.AwsConnector/iamMFADevices/delete\",\n \"Microsoft.AwsConnector/iamMFADevices/write\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/delete\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/write\",\n \"Microsoft.AwsConnector/iamPolicyVersions/delete\",\n \"Microsoft.AwsConnector/iamPolicyVersions/write\",\n \"Microsoft.AwsConnector/iamRoles/delete\",\n \"Microsoft.AwsConnector/iamRoles/write\",\n \"Microsoft.AwsConnector/iamServerCertificates/delete\",\n \"Microsoft.AwsConnector/iamServerCertificates/write\",\n \"Microsoft.AwsConnector/iamUserPolicies/delete\",\n \"Microsoft.AwsConnector/iamUserPolicies/write\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/delete\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/write\",\n \"Microsoft.AwsConnector/kmsAliases/delete\",\n \"Microsoft.AwsConnector/kmsAliases/write\",\n \"Microsoft.AwsConnector/kmsKeys/delete\",\n \"Microsoft.AwsConnector/kmsKeys/write\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/write\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/write\",\n \"Microsoft.AwsConnector/lambdaFunctions/delete\",\n \"Microsoft.AwsConnector/lambdaFunctions/write\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/delete\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/write\",\n \"Microsoft.AwsConnector/lightsailBuckets/delete\",\n \"Microsoft.AwsConnector/lightsailBuckets/write\",\n \"Microsoft.AwsConnector/lightsailInstances/delete\",\n \"Microsoft.AwsConnector/lightsailInstances/write\",\n \"Microsoft.AwsConnector/Locations/OperationStatuses/write\",\n \"Microsoft.AwsConnector/logsLogGroups/delete\",\n \"Microsoft.AwsConnector/logsLogGroups/write\",\n \"Microsoft.AwsConnector/logsLogStreams/delete\",\n \"Microsoft.AwsConnector/logsLogStreams/write\",\n \"Microsoft.AwsConnector/logsMetricFilters/delete\",\n \"Microsoft.AwsConnector/logsMetricFilters/write\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/delete\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/write\",\n \"Microsoft.AwsConnector/macie2JobSummaries/delete\",\n \"Microsoft.AwsConnector/macie2JobSummaries/write\",\n \"Microsoft.AwsConnector/macieAllowLists/delete\",\n \"Microsoft.AwsConnector/macieAllowLists/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/write\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/delete\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/write\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/delete\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/write\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/delete\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/write\",\n \"Microsoft.AwsConnector/organizationsAccounts/delete\",\n \"Microsoft.AwsConnector/organizationsAccounts/write\",\n \"Microsoft.AwsConnector/organizationsOrganizations/delete\",\n \"Microsoft.AwsConnector/organizationsOrganizations/write\",\n \"Microsoft.AwsConnector/rdsDBClusters/delete\",\n \"Microsoft.AwsConnector/rdsDBClusters/write\",\n \"Microsoft.AwsConnector/rdsDBInstances/delete\",\n \"Microsoft.AwsConnector/rdsDBInstances/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/write\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/delete\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/write\",\n \"Microsoft.AwsConnector/rdsExportTasks/delete\",\n \"Microsoft.AwsConnector/rdsExportTasks/write\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/delete\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/write\",\n \"Microsoft.AwsConnector/redshiftClusters/delete\",\n \"Microsoft.AwsConnector/redshiftClusters/write\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/delete\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/write\",\n \"Microsoft.AwsConnector/route53HostedZones/delete\",\n \"Microsoft.AwsConnector/route53HostedZones/write\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/delete\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/write\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/delete\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/write\",\n \"Microsoft.AwsConnector/s3AccessPoints/delete\",\n \"Microsoft.AwsConnector/s3AccessPoints/write\",\n \"Microsoft.AwsConnector/s3BucketPolicies/delete\",\n \"Microsoft.AwsConnector/s3BucketPolicies/write\",\n \"Microsoft.AwsConnector/s3Buckets/delete\",\n \"Microsoft.AwsConnector/s3Buckets/write\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/delete\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/write\",\n \"Microsoft.AwsConnector/sageMakerApps/delete\",\n \"Microsoft.AwsConnector/sageMakerApps/write\",\n \"Microsoft.AwsConnector/sageMakerDevices/delete\",\n \"Microsoft.AwsConnector/sageMakerDevices/write\",\n \"Microsoft.AwsConnector/sageMakerImages/delete\",\n \"Microsoft.AwsConnector/sageMakerImages/write\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/delete\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/write\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/delete\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/write\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/delete\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/write\",\n \"Microsoft.AwsConnector/snsSubscriptions/delete\",\n \"Microsoft.AwsConnector/snsSubscriptions/write\",\n \"Microsoft.AwsConnector/snsTopics/delete\",\n \"Microsoft.AwsConnector/snsTopics/write\",\n \"Microsoft.AwsConnector/sqsQueues/delete\",\n \"Microsoft.AwsConnector/sqsQueues/write\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/delete\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/write\",\n \"Microsoft.AwsConnector/ssmParameters/delete\",\n \"Microsoft.AwsConnector/ssmParameters/write\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/delete\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/write\",\n \"Microsoft.AwsConnector/wafv2IPSets/delete\",\n \"Microsoft.AwsConnector/wafv2IPSets/write\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/delete\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/write\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/delete\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/write\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/delete\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/98c206fe-ea1b-4578-93f8-83a99a5628fc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"98c206fe-ea1b-4578-93f8-83a99a5628fc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB MI Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin-level access for managed identities on files/directories in Azure file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a235d3ee-5935-4cfb-8cc5-a3303ad5995e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Common Edge Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Common Edge Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/connectivityStatuses/delete\",\n \"Microsoft.Edge/connectivityStatuses/write\",\n \"Microsoft.Edge/locations/operationStatuses/write\",\n \"Microsoft.Edge/updates/delete\",\n \"Microsoft.Edge/updates/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b256d512-9a3a-4a96-9366-9f54f900e58b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b256d512-9a3a-4a96-9366-9f54f900e58b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Upload and analyze firmware images but not perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/register/action\",\n \"Microsoft.IoTFirmwareDefense/unregister/action\",\n \"Microsoft.IoTFirmwareDefense/workspaces/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53b2724d-1e51-44fa-b586-bcace0c82609\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53b2724d-1e51-44fa-b586-bcace0c82609\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Standard User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to interact with the SRE Agent to triage incidents and run diagnostics.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\",\n \"Microsoft.App/agents/threads/write\",\n \"Microsoft.App/agents/graph/write\",\n \"Microsoft.App/agents/memory/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8379721Z\",\n \"updatedOn\": \"2025-09-16T15:14:52.3167343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d84a65a-63b2-4343-bbb6-31105d857bc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d84a65a-63b2-4343-bbb6-31105d857bc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full control of the agent—manage chats, incident response plans, and agent run modes; approve and execute commands.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/*/read\",\n \"Microsoft.App/agents/*/write\",\n \"Microsoft.App/agents/*/delete\",\n \"Microsoft.App/agents/threads/approve/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8389733Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e79298df-d852-4c6d-84f9-5d13249d1e55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e79298df-d852-4c6d-84f9-5d13249d1e55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Kubernetes Fleet Manager as well as the Kubernetes config file to connect to the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/listCredentials/action\",\n \"Microsoft.ContainerService/fleets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"updatedOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/850c5848-fc51-4a9a-8823-f220370626e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"850c5848-fc51-4a9a-8823-f220370626e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Data Reader can query and search the logs it is allowed to view over Log Analytics workspaces and tables\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"updatedOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b03c2da-16b3-4a49-8834-0f8130efdd3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b03c2da-16b3-4a49-8834-0f8130efdd3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dynamics 365 Customer Insights Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables Diagnostic Logging setup for Customer Insights instances.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.D365CustomerInsights/instances/write\",\n \"Microsoft.D365CustomerInsights/instances/providers/Microsoft.Insights/diagnosticSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"updatedOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Blob Data Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions - Storage Task to list & perform operations on the Storage Account blobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/runAsSuperUser/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/immutableStorage/runAsSuperUser/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4bad4d9e-2a13-4888-94bb-c8432f6f3040\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4bad4d9e-2a13-4888-94bb-c8432f6f3040\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Task Assignment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions assigner to create a Task Assignment on their target Storage Account, with RBAC privileges for Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/reports/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/write\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/delete\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/reports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040}))\"\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77789c21-1643-48a2-8f27-47f858540b51\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77789c21-1643-48a2-8f27-47f858540b51\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Native Dynatrace Agent Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage Dynatrace Agent on compute resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/55077723-1b30-4603-a70b-68de134cfa20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"55077723-1b30-4603-a70b-68de134cfa20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions author to create, read, update, and delete Storage Actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StorageActions/storageTasks/read\",\n \"Microsoft.StorageActions/storageTasks/write\",\n \"Microsoft.StorageActions/storageTasks/delete\",\n \"Microsoft.StorageActions/storageTasks/storageTaskAssignments/read\",\n \"Microsoft.StorageActions/storageTasks/reports/read\",\n \"Microsoft.StorageActions/locations/previewActions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Essential Machine Management Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can managed Essential Machine Management resources for subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/dataCollectionRules/read\",\n \"Microsoft.Insights/dataCollectionRules/write\",\n \"Microsoft.Monitor/accounts/write\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.ManagedOps/managedOps/read\",\n \"Microsoft.ManagedOps/managedOps/write\",\n \"Microsoft.ManagedOps/managedOps/delete\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationsManagement/solutions/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/metricAlerts/write\",\n \"Microsoft.Insights/metricAlerts/read\",\n \"Microsoft.Security/pricings/write\",\n \"Microsoft.Security/pricings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"updatedOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34013b0a-565b-43aa-8755-1b7c286f6cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34013b0a-565b-43aa-8755-1b7c286f6cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/da9adf61-39cd-41d5-87a0-30b21f7270d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"da9adf61-39cd-41d5-87a0-30b21f7270d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numsub/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numpat/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/publish/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56e95fdc-3337-468d-b964-30d07f2a2018\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56e95fdc-3337-468d-b964-30d07f2a2018\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tenant Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Entra ID Tenants.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [],\n \"createdOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"updatedOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a7c2fa1-6f28-41a4-86b8-e74937c63222\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a7c2fa1-6f28-41a4-86b8-e74937c63222\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin access equivalent to storage account key for end users over SMB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-30T15:23:51.084353Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Supercomputer Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Supercomputer Infrastructure resources, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SupercomputerInfrastructure/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"updatedOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68899692-f960-4247-af28-82f55b357997\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68899692-f960-4247-af28-82f55b357997\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions?api-version=2022-05-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZURlZmluaXRpb25zP2FwaS12ZXJzaW9uPTIwMjItMDUtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "65e4c945-8111-4d8f-aac8-5e95cb5b217a" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "54671ba8-5543-41de-bc81-e6e616056c1f" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/0d294b6c-b7c4-4d8a-8805-81d65b105c9f" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "abf194c2-d2a2-4640-a9f1-bb974fb6fe89" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101952Z:abf194c2-d2a2-4640-a9f1-bb974fb6fe89" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: 3BAE53371E684441B1F8FB210F1831D1 Ref B: DUB241062303062 Ref C: 2025-10-04T10:19:52Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:52 GMT" + ], + "Content-Length": [ + "993823" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleName\": \"AcrPush\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr push\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-29T17:52:32.5201177Z\",\n \"updatedOn\": \"2021-11-11T20:13:07.4993029Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8311e382-0749-4cb8-b61a-304f252e45ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service and the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8650193Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.3179618Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"312a565d-c81f-4fd8-895a-4e21e48d571c\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrPull\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr pull\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-22T19:01:56.8227182Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.8779328Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f951dda-4ed3-4680-a7ca-43fe172d538d\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrImageSigner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Planned DEPRECATION on March 31, 2028. Grant the signing permission for content trust. As content trust is being deprecated and will be completely removed on March 31, 2028, this role will also be removed. Refer to https://aka.ms/acr/dctdeprecation for details and transition guidance.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/sign/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/trustedCollections/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-15T23:23:08.4038322Z\",\n \"updatedOn\": \"2025-10-03T10:06:29.6549664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cef56e8-d556-48e5-a04f-b8e64114680f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cef56e8-d556-48e5-a04f-b8e64114680f\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrDelete\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr delete\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-11T20:19:31.6682804Z\",\n \"updatedOn\": \"2021-11-11T20:13:09.9631744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2f4ef07-c644-48eb-af81-4b1b4947fb11\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:27:39.9596835Z\",\n \"updatedOn\": \"2021-11-11T20:13:10.3188052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cdda3590-29a3-44f6-95f2-9f980659eb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cdda3590-29a3-44f6-95f2-9f980659eb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineWriter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data writer\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\",\n \"Microsoft.ContainerRegistry/registries/quarantine/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\",\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:26:37.587182Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.3488079Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d4ff99-41c3-41a8-9f60-21dfdad59608\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service but not the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/backup/action\",\n \"Microsoft.ApiManagement/service/delete\",\n \"Microsoft.ApiManagement/service/managedeployments/action\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/restore/action\",\n \"Microsoft.ApiManagement/service/updatecertificate/action\",\n \"Microsoft.ApiManagement/service/updatehostname/action\",\n \"Microsoft.ApiManagement/service/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:03:42.1194019Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.5244023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e022efe7-f5ba-4159-bbe4-b44f577e9b61\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to service and APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:26:45.1540473Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.8704466Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"71522526-b88f-4d52-b57f-d31fc3546d0d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Component Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Application Insights components\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:12.6428401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae349356-3a1b-4a5e-921d-050484c6347e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae349356-3a1b-4a5e-921d-050484c6347e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Snapshot Debugger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives user permission to use Application Insights Snapshot Debugger features\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T21:25:12.3728747Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.0034435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08954f03-6346-4c2e-81c0-ec3a5cfae23b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08954f03-6346-4c2e-81c0-ec3a5cfae23b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read the attestation provider properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-25T19:42:59.157671Z\",\n \"updatedOn\": \"2024-07-11T17:43:35.9489411Z\",\n \"createdBy\": null,\n \"updatedBy\": \"SYSTEM\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd1bd22b-8476-40bc-a0bc-69b95687b9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd1bd22b-8476-40bc-a0bc-69b95687b9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Job Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Manage Jobs using Automation Runbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:52:41.0020018Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.706566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fe576fe-1146-4730-92eb-48519fa6bf9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fe576fe-1146-4730-92eb-48519fa6bf9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Runbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Runbook properties - to be able to create Jobs of the runbook.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:47:49.5640674Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.8815461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Automation Operators are able to start, stop, suspend, and resume jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/read\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/write\",\n \"Microsoft.Automation/automationAccounts/linkedWorkspace/read\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/schedules/read\",\n \"Microsoft.Automation/automationAccounts/schedules/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-08-18T01:05:03.391613Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.0515408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d3881f73-407a-4167-8283-e981cbba0404\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d3881f73-407a-4167-8283-e981cbba0404\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create and manage an Avere vFXT cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/proximityPlacementGroups/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/disks/*\",\n \"Microsoft.Network/*/read\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/*/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:00:58.9207889Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.2265665Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f8fab4f-1852-4a58-a46a-8eaf358af14a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f8fab4f-1852-4a58-a46a-8eaf358af14a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Avere vFXT cluster to manage the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:02:38.3399857Z\",\n \"updatedOn\": \"2021-11-11T20:13:15.1065886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action\",\n \"Microsoft.ContainerService/managedClusters/accessProfiles/listCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/runcommand/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T21:38:18.5953853Z\",\n \"updatedOn\": \"2022-05-17T01:51:12.0390652Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T22:04:53.4037241Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.4351976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4abbcc35-e782-43d8-92c5-2d3f1bd2253f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4abbcc35-e782-43d8-92c5-2d3f1bd2253f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-05T19:47:03.472307Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.9582685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Registration Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Stack registrations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStack/edgeSubscriptions/read\",\n \"Microsoft.AzureStack/registrations/products/*/action\",\n \"Microsoft.AzureStack/registrations/products/read\",\n \"Microsoft.AzureStack/registrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-11-13T23:42:06.2161827Z\",\n \"updatedOn\": \"2021-11-11T20:13:23.295782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f12a6df-dd06-4f3e-bcb1-ce8be600526a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f12a6df-dd06-4f3e-bcb1-ce8be600526a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backups, but can't delete vaults and give access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/*\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/Vaults/usages/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/vaults/operationStatus/read\",\n \"Microsoft.RecoveryServices/vaults/operationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/delete\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/write\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/write\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/locations/checkNameAvailability/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/SuspendBackups/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:12:15.7321344Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2904248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e467623-bb1f-42f4-a55d-6e525e11384b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e467623-bb1f-42f4-a55d-6e525e11384b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to billing data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Billing/*/read\",\n \"Microsoft.Commerce/*/read\",\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T02:13:38.9054151Z\",\n \"updatedOn\": \"2021-11-11T20:13:24.5342563Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view backup services, but can't make changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:18:41.3893065Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.9723749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a795c7a0-d4a2-40c1-ae25-d81f01202912\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a795c7a0-d4a2-40c1-ae25-d81f01202912\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blockchain Member Node Access (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Blockchain Member nodes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T10:33:01.9604839Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.055892Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31a002a1-acaf-453e-8a5b-297c9ca1ea24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31a002a1-acaf-453e-8a5b-297c9ca1ea24\"\n },\n {\n \"properties\": {\n \"roleName\": \"BizTalk Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage BizTalk services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BizTalkServices/BizTalk/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.2359269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e3c6656-6cfa-4708-81fe-0de47ac73342\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T08:06:49.788929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"426e0c7f-0c7e-4658-b36f-ff54d6c29b45\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-06T16:25:55.5514166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ec156ff8-a8d1-4d15-830c-5b80698ca432\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Cdn/profiles/CheckResourceUsage/action\",\n \"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f96442b-4075-438f-813d-ad51ab4019af\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicNetwork/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.4433301Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b34d265f-36f7-4a0d-a4d4-e158ca92e90f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic storage accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.6183566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86e8f5dc-a6e9-4c67-9d15-de283e8eac25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86e8f5dc-a6e9-4c67-9d15-de283e8eac25\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicStorage/storageAccounts/listkeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:22:52.14611Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.9796021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/985d6b00-f706-48f5-a6fe-d0ca12fb668d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"985d6b00-f706-48f5-a6fe-d0ca12fb668d\"\n },\n {\n \"properties\": {\n \"roleName\": \"ClearDB MySQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage ClearDB MySQL databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"successbricks.cleardb/databases/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.1646373Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9106cda0-8a86-4e81-b686-29a22c54effe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9106cda0-8a86-4e81-b686-29a22c54effe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/domainNames/*\",\n \"Microsoft.ClassicCompute/virtualMachines/*\",\n \"Microsoft.ClassicNetwork/networkSecurityGroups/join/action\",\n \"Microsoft.ClassicNetwork/reservedIps/link/action\",\n \"Microsoft.ClassicNetwork/reservedIps/read\",\n \"Microsoft.ClassicNetwork/virtualNetworks/join/action\",\n \"Microsoft.ClassicNetwork/virtualNetworks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/disks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/images/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-04-25T00:37:56.5416086Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.3446332Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d73bb868-a0df-4d4d-bd69-98a00b01fccb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d73bb868-a0df-4d4d-bd69-98a00b01fccb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and list keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:23:43.7701274Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.5316443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a97b65f3-24c7-4388-baec-2e87135dc908\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read Cognitive Services data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-13T20:02:12.6849986Z\",\n \"updatedOn\": \"2024-10-10T18:41:31.3351912Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b59867f0-fa02-499b-be73-45a86b5b3e1c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create, read, update, delete and manage keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:18:39.2257848Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.911623Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosBackupOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can submit restore request for a Cosmos DB database or a container for an account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/databaseAccounts/backup/action\",\n \"Microsoft.DocumentDB/databaseAccounts/restore/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-07T19:47:14.965156Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.4333692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7b14f2-5adf-42da-9f96-f2ee17bab5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7b14f2-5adf-42da-9f96-f2ee17bab5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [\n \"Microsoft.Authorization/*/Delete\",\n \"Microsoft.Authorization/*/Write\",\n \"Microsoft.Authorization/elevateAccess/Action\",\n \"Microsoft.Blueprint/blueprintAssignments/write\",\n \"Microsoft.Blueprint/blueprintAssignments/delete\",\n \"Microsoft.Compute/galleries/share/action\",\n \"Microsoft.Purview/consents/write\",\n \"Microsoft.Purview/consents/delete\",\n \"Microsoft.Resources/deploymentStacks/manageDenySetting/action\",\n \"Microsoft.Subscription/cancel/action\",\n \"Microsoft.Subscription/enable/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2024-11-19T20:03:30.321264Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b24988ac-6180-42a0-ab88-20f7382dd24c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Account Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read Azure Cosmos DB Accounts data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDB/*/read\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlykeys/action\",\n \"Microsoft.Insights/MetricDefinitions/read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-10-30T17:53:54.6005577Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.7911765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbdf93bf-df7d-467e-a4d2-9458aa1360c8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbdf93bf-df7d-467e-a4d2-9458aa1360c8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view costs and manage cost configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*\",\n \"Microsoft.CostManagement/*\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.4851851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434105ed-43f6-45c7-a02f-909b2ba83430\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434105ed-43f6-45c7-a02f-909b2ba83430\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view cost data and configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.66018Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/72fafb9e-0641-4937-9268-a91bfd8191a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"72fafb9e-0641-4937-9268-a91bfd8191a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage everything under Data Box Service except giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Databox/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:28:42.714021Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.3737856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/add466c9-e687-43fc-8d98-dfcf8d720be5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"add466c9-e687-43fc-8d98-dfcf8d720be5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Data Box Service except creating order or editing order details and giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Databox/*/read\",\n \"Microsoft.Databox/jobs/listsecrets/action\",\n \"Microsoft.Databox/jobs/listcredentials/action\",\n \"Microsoft.Databox/locations/availableSkus/action\",\n \"Microsoft.Databox/locations/validateInputs/action\",\n \"Microsoft.Databox/locations/regionConfiguration/action\",\n \"Microsoft.Databox/locations/validateAddress/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:26:21.9284772Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.5546117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Factory Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage data factories, as well as child resources within them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DataFactory/dataFactories/*\",\n \"Microsoft.DataFactory/factories/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.EventGrid/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.7420174Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"673868aa-7521-48a0-acc6-0f60742d39f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Purger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can purge analytics data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Insights/components/purge/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/purge/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-04-30T22:39:49.61677Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.2788395Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"150f5e0c-0603-4f03-8c7f-cf70034c4e90\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Lake Analytics Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BigAnalytics/accounts/*\",\n \"Microsoft.DataLakeAnalytics/accounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.BigAnalytics/accounts/Delete\",\n \"Microsoft.BigAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.BigAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.DataLakeAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-20T00:33:29.3115234Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.4688491Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47b7735b-770e-4598-a7da-8b91488b4c88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47b7735b-770e-4598-a7da-8b91488b4c88\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevTest Labs User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.DevTestLab/*/read\",\n \"Microsoft.DevTestLab/labs/claimAnyVm/action\",\n \"Microsoft.DevTestLab/labs/createEnvironment/action\",\n \"Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action\",\n \"Microsoft.DevTestLab/labs/formulas/delete\",\n \"Microsoft.DevTestLab/labs/formulas/read\",\n \"Microsoft.DevTestLab/labs/formulas/write\",\n \"Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/claim/action\",\n \"Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkInterfaces/*/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/publicIPAddresses/*/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/virtualMachines/vmSizes/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-08T21:52:45.0657582Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.1746507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76283e04-6283-4c54-8f91-bcf1374a3c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76283e04-6283-4c54-8f91-bcf1374a3c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"DocumentDB Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DocumentDB accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.3496502Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bd9cd88-fe45-4216-938b-f97437e15450\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bd9cd88-fe45-4216-938b-f97437e15450\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/dnsZones/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.5233957Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"befefa01-2a29-4197-83a8-272ff33ce314\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid event subscription operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/*\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-08T23:27:28.3130743Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.4166738Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"428e0ff0-5e57-4d9c-a221-2c70d0e0a443\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read EventGrid event subscriptions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-09T17:29:28.1417894Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.7846748Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2414bbcf-6497-4faf-8c65-045460748405\"\n },\n {\n \"properties\": {\n \"roleName\": \"Graph Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage all aspects of the Enterprise Graph - Ontology, Schema mapping, Conflation and Conversational AI and Ingestions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/delete\",\n \"Microsoft.EnterpriseKnowledgeGraph/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:07:22.5844236Z\",\n \"updatedOn\": \"2021-11-11T20:13:34.6707886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b60367af-1334-4454-b71e-769d9a4f83d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b60367af-1334-4454-b71e-769d9a4f83d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AAD/*/read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.AAD/domainServices/oucontainer/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-12T22:42:51.7451109Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.3921342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d8d5a11-05d3-4bda-a417-a08778121c7c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Intelligent Systems Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Intelligent Systems accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.IntelligentSystems/accounts/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.9371582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"03a6d094-3444-4b3d-88af-7477090a9e5e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage key vaults, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/hsmPools/*\",\n \"Microsoft.KeyVault/managedHsms/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-02-25T17:08:28.5184971Z\",\n \"updatedOn\": \"2021-11-11T20:13:36.1170988Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f25e0fa2-a7c8-4377-a976-54943a77a395\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f25e0fa2-a7c8-4377-a976-54943a77a395\"\n },\n {\n \"properties\": {\n \"roleName\": \"Knowledge Consumer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Knowledge Read permission to consume Enterprise Graph Knowledge using entity search and graph query\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:23:31.4037552Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.0021342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ee361c5d-f7b5-4119-b4b6-892157c8f64c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ee361c5d-f7b5-4119-b4b6-892157c8f64c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Creator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create new labs under your Azure Lab Accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.LabServices/labAccounts/*/read\",\n \"Microsoft.LabServices/labAccounts/createLab/action\",\n \"Microsoft.LabServices/labAccounts/getPricingAndAvailability/action\",\n \"Microsoft.LabServices/labAccounts/getRestrictionsAndUsage/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-01-18T23:38:58.1036141Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.1821588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-02T00:20:28.1449012Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c42c96-874c-492b-b04d-ab87d138a893\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/extensions/*\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.Compute/virtualMachines/extensions/*\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/*\",\n \"Microsoft.OperationsManagement/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T21:51:45.3174711Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92aaf0da-9dab-42b6-94a3-d43ce8d16293\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, enable and disable logic app.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*/read\",\n \"Microsoft.Insights/metricAlerts/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.Insights/metricDefinitions/*/read\",\n \"Microsoft.Logic/*/read\",\n \"Microsoft.Logic/workflows/disable/action\",\n \"Microsoft.Logic/workflows/enable/action\",\n \"Microsoft.Logic/workflows/validate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*/read\",\n \"Microsoft.Web/connections/*/read\",\n \"Microsoft.Web/customApis/*/read\",\n \"Microsoft.Web/serverFarms/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.0573444Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage logic app, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logdefinitions/*\",\n \"Microsoft.Insights/metricDefinitions/*\",\n \"Microsoft.Logic/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/functions/listSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.2523833Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"87a39d53-fc1b-424a-814c-f7e04687dc9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and perform actions on Managed Application resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/read\",\n \"Microsoft.Solutions/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T00:59:33.7988813Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.5973763Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7393b34-138c-406f-901b-d8cf2b17e6ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7393b34-138c-406f-901b-d8cf2b17e6ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Publisher Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the publisher to read resources in the managed resource group for Managed Application and request JIT access for additional operations. This role is only used by the Managed Application service to provide access to publishers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Solutions/jitRequests/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-06T00:33:58.3651522Z\",\n \"updatedOn\": \"2025-05-01T17:14:44.1844267Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9331d33-8a36-4f8c-b097-4f54124fdb44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9331d33-8a36-4f8c-b097-4f54124fdb44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and Assign User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/assign/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:52:04.3924594Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.9523759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1a07417-d97a-45cb-824c-7a7467783830\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1a07417-d97a-45cb-824c-7a7467783830\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/revokeTokens/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:53:42.8804692Z\",\n \"updatedOn\": \"2024-03-29T00:22:59.7937695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/delete\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/delete\",\n \"Microsoft.Management/managementGroups/subscriptions/write\",\n \"Microsoft.Management/managementGroups/write\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:28:29.0523964Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:31:03.4295347Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ac63b705-f282-497d-ac71-919bf39d939d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ac63b705-f282-497d-ac71-919bf39d939d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:19:52.4939376Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/43d0d8ad-25c7-4714-9337-8ba259a9fe05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"43d0d8ad-25c7-4714-9337-8ba259a9fe05\"\n },\n {\n \"properties\": {\n \"roleName\": \"Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:44.6328966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d97b98b-1d4f-4787-a291-c67834d212e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"New Relic APM Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"NewRelic.APM/accounts/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.7178576Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d28c62d-5b37-4476-8438-e587778df237\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d28c62d-5b37-4476-8438-e587778df237\"\n },\n {\n \"properties\": {\n \"roleName\": \"Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.8978856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e3af657-a8ff-443c-a75c-2fe8c4bcb635\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:47.8628684Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"acdd72a7-3385-48ef-bd42-f606fba81ae7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Redis Cache Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Redis caches, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cache/register/action\",\n \"Microsoft.Cache/redis/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.0528671Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e0f68234-74aa-48ed-b826-c38b57376e17\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader and Data Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/ListAccountSas/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-27T23:20:46.1498906Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.2278951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c12c1c16-33a1-487b-954d-41c89c60f349\"\n },\n {\n \"properties\": {\n \"roleName\": \"Resource Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/policyassignments/*\",\n \"Microsoft.Authorization/policydefinitions/*\",\n \"Microsoft.Authorization/policyexemptions/*\",\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/policysetdefinitions/*\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-08-25T19:08:01.3861639Z\",\n \"updatedOn\": \"2025-03-25T15:25:05.1731507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36243c78-bf99-498c-9df9-86d9f8d28608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36243c78-bf99-498c-9df9-86d9f8d28608\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduler Job Collections Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Scheduler job collections, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Scheduler/jobcollections/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:49.8429293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"188a0f2f-5c9e-469b-ae67-2aa5ce574b94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Search services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Search/searchServices/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.0229309Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ca78c08-252a-4471-8644-bb5ff32d4ba0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Manager (Legacy)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is a legacy role. Please use Security Administrator instead\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/*/write\",\n \"Microsoft.ClassicNetwork/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-22T17:45:15.8986455Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.5729549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e3d13bf0-dd5a-482e-ba6b-9b8433878d10\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e3d13bf0-dd5a-482e-ba6b-9b8433878d10\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*/read\",\n \"Microsoft.IoTSecurity/*/read\",\n \"Microsoft.Support/*/read\",\n \"Microsoft.Security/iotDefenderSettings/packageDownloads/action\",\n \"Microsoft.Security/iotDefenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Security/iotSensors/downloadResetPassword/action\",\n \"Microsoft.IoTSecurity/defenderSettings/packageDownloads/action\",\n \"Microsoft.IoTSecurity/defenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Management/managementGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:48:49.0516559Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.7479015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39bc4728-0917-49c7-9d2c-d95423bc2eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39bc4728-0917-49c7-9d2c-d95423bc2eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, but not delete them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:41.1420864Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.28294Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Site Recovery service except vault creation and role assignment\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/*\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/*\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/*\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/*\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/*\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/*\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/vaults/replicationOperationStatus/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:46:17.4592776Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.4579503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6670b86e-a3f7-4917-ac9b-5d6ab1be4567\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6670b86e-a3f7-4917-ac9b-5d6ab1be4567\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you failover and failback but not perform other Site Recovery management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:47:50.1341148Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.6263418Z\",\n \"createdBy\": null,\n \"updatedBy\": \"\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494ae006-db33-4328-bf46-533a6560a3ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494ae006-db33-4328-bf46-533a6560a3ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you locate and read properties of spatial anchors in your account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:42.9271004Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.8013467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d51204f-eb77-4b1c-b86a-2ec626c49413\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d51204f-eb77-4b1c-b86a-2ec626c49413\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Site Recovery status but not perform other management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/read\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:35:40.0093634Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.9763366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dbaa88c4-0c30-4179-9fb3-46319faa6149\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dbaa88c4-0c30-4179-9fb3-46319faa6149\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/delete\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:43.5489832Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.166325Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/70bbe301-9835-447d-afdd-19eb3167307c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"70bbe301-9835-447d-afdd-19eb3167307c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Managed Instance Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/*\",\n \"Microsoft.Network/routeTables/*\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/locations/instanceFailoverGroups/*\",\n \"Microsoft.Sql/managedInstances/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/*\",\n \"Microsoft.Network/virtualNetworks/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-10T22:57:14.2937983Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.3513507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/databases/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/write\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/action\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.5363219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Security Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the security-related policies of SQL servers and databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/administratorAzureAsyncOperation/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/read\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/write\",\n \"Microsoft.Sql/locations/serverConfigurationOptionAzureAsyncOperation/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/read\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/servers/databases/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/firewallRules/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/*\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*\",\n \"Microsoft.Security/sqlVulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/administrators/read\",\n \"Microsoft.Sql/servers/administrators/read\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/*\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsAzureAsyncOperation/read\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsOperationResults/read\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-16T18:44:40.4607572Z\",\n \"updatedOn\": \"2025-10-01T18:55:10.630521Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"056cd41c-7e88-42e1-933e-88ba6a50c9c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.2363539Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"17d1049b-9a84-46fb-8f53-869881c3d3ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/write\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/delete\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-04-28T23:10:45.2206234Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:26:11.577057Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.7697481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81a9662b-bebf-436f-a333-f67b29880f12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81a9662b-bebf-436f-a333-f67b29880f12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.9397456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba92f5b4-2d11-453d-a403-e96b0029c9fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-04T07:02:58.2775257Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.1225062Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7e6dc6d-f1e8-4753-8033-0f276bb0955b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.2975076Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.4725469Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/974c5e8b-45b9-4653-ba55-5f855dd0fb88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"974c5e8b-45b9-4653-ba55-5f855dd0fb88\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Processor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for peek, receive, and delete access to Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:27:04.8947111Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.6575408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a0f0c08-91a1-4084-bc3d-661d67233fed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a0f0c08-91a1-4084-bc3d-661d67233fed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for sending of Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:28:34.7459724Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.8325508Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.0178497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19e7f393-937e-4f77-808e-94535e297925\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19e7f393-937e-4f77-808e-94535e297925\"\n },\n {\n \"properties\": {\n \"roleName\": \"Support Request Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create and manage Support requests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-06-22T22:25:37.8053068Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.7444481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Traffic Manager Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Traffic Manager profiles, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/trafficManagerProfiles/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.2744497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"User Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage user access to Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.7932023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/virtualMachineScaleSets/*\",\n \"Microsoft.Compute/cloudServices/*\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/hostgroups/write\",\n \"Microsoft.Compute/hostgroups/hosts/write\",\n \"Microsoft.DevTestLab/schedules/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/applicationGateways/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/loadBalancers/probes/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/locations/*\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/write\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SerialConsole/serialPorts/connect/action\",\n \"Microsoft.SqlVirtualMachine/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2025-02-06T01:34:42.8731411Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9980e02c-c2be-4d73-94e8-173b1dc7cf3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web Plan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the web plans for websites, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/hostingEnvironments/Join/Action\",\n \"Microsoft.Insights/autoscalesettings/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-09-05T15:10:54.6819807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Website Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage websites (not web plans), but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/listSitesAssignedToHostName/read\",\n \"Microsoft.Web/register/action\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-05-12T23:10:23.6193952Z\",\n \"updatedOn\": \"2024-08-05T15:09:29.7130534Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de139f84-1756-47ae-9be6-808fbbe84772\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:33:36.7445745Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.2005807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"090c5cfd-751d-490a-894a-3ce6f1109419\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:34:29.8656362Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.3721538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f526a384-b230-433a-b45c-95f59c4a2dec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read write or delete the attestation provider instance\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-19T00:24:09.3354177Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.7271218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and modify HDInsight cluster configurations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/*/read\",\n \"Microsoft.HDInsight/clusters/getGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/updateGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/configurations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-20T00:03:01.7110732Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.905218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61ed4efc-fab3-44fd-b111-e24485cc132a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [\n \"Microsoft.DocumentDB/databaseAccounts/copyJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/dataTransferJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/regenerateKey/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-26T17:01:17.0169383Z\",\n \"updatedOn\": \"2025-06-06T07:02:41.174245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/230815da-be43-4aae-9cb4-875f7bd000aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"230815da-be43-4aae-9cb4-875f7bd000aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete, and re-onboard Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T21:39:32.3132923Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.2548257Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48b40c6e-82e0-4eb3-90d5-19e40f49b624\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48b40c6e-82e0-4eb3-90d5-19e40f49b624\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard new Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T22:36:28.1873756Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.4308999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/consumergroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:25:21.1056666Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.3225169Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a638d3c7-ab3a-418d-83e6-5f17a39d4fde\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:26:12.4673714Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.4925583Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2b629674-e913-4c01-ae53-ef4638d8f975\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for receive access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:01.6343849Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.6629685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:46.7046934Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.8479199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure File Share over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:19:31.8620471Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.3642909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aba4ae5f-2193-4029-9191-0cb91df5e314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aba4ae5f-2193-4029-9191-0cb91df5e314\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:54:35.483431Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.5443323Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Private DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage private DNS zone resources, but not the virtual networks they are linked to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/privateDnsZones/*\",\n \"Microsoft.Network/privateDnsOperationResults/*\",\n \"Microsoft.Network/privateDnsOperationStatuses/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-10T19:31:15.5645518Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.7342851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b12aa53e-6015-4669-85d0-8515ebb3ae7f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key which can be used to sign SAS tokens\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-23T00:51:16.3376761Z\",\n \"updatedOn\": \"2021-11-11T20:14:05.4321714Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db58b8e5-c6ad-4a2a-8342-4190687cbf4a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db58b8e5-c6ad-4a2a-8342-4190687cbf4a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to use the applications in an application group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DesktopVirtualization/applicationGroups/useApplications/action\",\n \"Microsoft.DesktopVirtualization/appAttachPackages/useApplications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T00:29:03.8727621Z\",\n \"updatedOn\": \"2023-06-15T23:55:51.3849931Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Elevated Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T01:35:36.9935457Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.1571744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7264617-510b-434b-a828-9731dc254ea7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7264617-510b-434b-a828-9731dc254ea7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage blueprint definitions, but not assign them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprints/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:55:16.9683949Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.5171828Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41077137-e803-4205-871c-5a86e6a753b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41077137-e803-4205-871c-5a86e6a753b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can assign existing published blueprints, but cannot create new blueprints. NOTE: this only works if the assignment is done with a user-assigned managed identity.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprintAssignments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:56:48.7897875Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.6971401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/437d2ced-4a38-4302-8479-ed2bcb43d090\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"437d2ced-4a38-4302-8479-ed2bcb43d090\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:39:03.8725173Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ab8e14d6-4a74-4a29-9ba8-549422addade\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ab8e14d6-4a74-4a29-9ba8-549422addade\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Responder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:54:07.6467264Z\",\n \"updatedOn\": \"2024-04-03T15:49:45.0145489Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e150937-b8fe-4cfb-8069-0eaf05ecd056\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e150937-b8fe-4cfb-8069-0eaf05ecd056\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/templateSpecs/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:58:50.1132117Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d289c81-5878-46d4-8554-54e1e3d8b5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d289c81-5878-46d4-8554-54e1e3d8b5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Insights Data Writer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to resource policies and write access to resource component policy events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyassignments/read\",\n \"Microsoft.Authorization/policydefinitions/read\",\n \"Microsoft.Authorization/policyexemptions/read\",\n \"Microsoft.Authorization/policysetdefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.PolicyInsights/checkDataPolicyCompliance/action\",\n \"Microsoft.PolicyInsights/policyEvents/logDataEvents/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-19T19:35:20.9504127Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.4235132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66bb4e9e-b016-4a94-8249-4c0511c2be84\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66bb4e9e-b016-4a94-8249-4c0511c2be84\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR AccessKey Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read SignalR Service Access Keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*/read\",\n \"Microsoft.SignalRService/SignalR/listkeys/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:33:19.6236874Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.613486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04165923-9d83-45d5-8227-78b77b0a687e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04165923-9d83-45d5-8227-78b77b0a687e\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR/Web PubSub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete SignalR service resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:58:09.0009662Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.7884765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/write\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/delete\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.HybridCompute/machines/addExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:15:07.137287Z\",\n \"updatedOn\": \"2025-04-24T23:16:22.0803758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Services Registration assignment Delete Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedServices/registrationAssignments/read\",\n \"Microsoft.ManagedServices/registrationAssignments/delete\",\n \"Microsoft.ManagedServices/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T22:33:33.1183469Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.23364Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91c1777a-f3dc-4fae-b103-61d183457e46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91c1777a-f3dc-4fae-b103-61d183457e46\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\",\n \"Microsoft.AppConfiguration/configurationStores/*/write\",\n \"Microsoft.AppConfiguration/configurationStores/*/delete\",\n \"Microsoft.AppConfiguration/configurationStores/*/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/useSasAuth/action\"\n ]\n }\n ],\n \"createdOn\": \"2019-10-25T18:41:40.1185063Z\",\n \"updatedOn\": \"2024-10-25T19:38:13.5062377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-25T18:45:33.7975332Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.5885341Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"516239f1-63e1-4d78-a4de-a74fb236a071\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Cluster - Azure Arc Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role definition to authorize any user/service to create connectedClusters resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-11-18T17:00:02.2087147Z\",\n \"updatedOn\": \"2024-10-31T01:30:51.0732973Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34e09817-6cbe-4d01-b1a2-e0eac5743d41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34e09817-6cbe-4d01-b1a2-e0eac5743d41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-13T00:08:08.6679591Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.6454147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a22b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a22b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you read and test a KB only.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:26:12.3329439Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.8254033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"466ccd10-b268-4a11-b098-b4849f024126\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you create, edit, import and export a KB. You cannot publish or delete a KB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:27:30.6434556Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.9961559Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4cc2bf9-21be-47a1-bdf1-5c5804381025\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experimentadmin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-18T22:46:33.1116612Z\",\n \"updatedOn\": \"2021-11-11T20:14:15.1811577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a33b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a33b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:15:31.3450348Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.7621737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3df8b902-2a6f-47c7-8cc5-360e9b272a7e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3df8b902-2a6f-47c7-8cc5-360e9b272a7e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Client\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:32:52.7069824Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.9421512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d39065c4-c120-43c9-ab0a-63eed9795f0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d39065c4-c120-43c9-ab0a-63eed9795f0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating managed application resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/*\",\n \"Microsoft.Solutions/register/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-08T03:39:11.8933879Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.1271536Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/641177b8-a67a-45b9-a033-47bc880bb21e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"641177b8-a67a-45b9-a033-47bc880bb21e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Assessment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you push assessments to Security Center\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-13T08:23:47.7656161Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.3021974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/612c2aa1-cb24-443b-ac28-3ab7272de6f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"612c2aa1-cb24-443b-ac28-3ab7272de6f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tag Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage tags on entities, without providing access to the entities themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/tags/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-18T23:19:19.2977644Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.0172041Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a9ae827-6dc8-4573-8ac7-8239d42aa03f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows developers to create and update workflows, integration accounts and API connections in integration service environments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/read\",\n \"Microsoft.Logic/integrationServiceEnvironments/*/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:09:00.5627875Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.1871986Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage integration service environments, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:10:44.4008319Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.3622058Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a41e2c5b-bd99-4a07-88f4-9bf657a760b8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerService/locations/*\",\n \"Microsoft.ContainerService/managedClusters/*\",\n \"Microsoft.ContainerService/managedclustersnapshots/*\",\n \"Microsoft.ContainerService/snapshots/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/deploymentSafeguards/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-27T19:27:15.073997Z\",\n \"updatedOn\": \"2025-07-22T15:11:45.9409312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only role for Digital Twins data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/read\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/read\",\n \"Microsoft.DigitalTwins/eventroutes/read\",\n \"Microsoft.DigitalTwins/jobs/import/read\",\n \"Microsoft.DigitalTwins/jobs/imports/read\",\n \"Microsoft.DigitalTwins/jobs/deletions/read\",\n \"Microsoft.DigitalTwins/models/read\",\n \"Microsoft.DigitalTwins/query/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:48:14.7057381Z\",\n \"updatedOn\": \"2024-01-10T19:29:11.1291888Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d57506d4-4c8d-48b1-8587-93c323f6a5a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d57506d4-4c8d-48b1-8587-93c323f6a5a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access role for Digital Twins data-plane\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/*\",\n \"Microsoft.DigitalTwins/digitaltwins/commands/*\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/*\",\n \"Microsoft.DigitalTwins/eventroutes/*\",\n \"Microsoft.DigitalTwins/jobs/*\",\n \"Microsoft.DigitalTwins/models/*\",\n \"Microsoft.DigitalTwins/query/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:49:33.782193Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcd981a7-7f74-457b-83e1-cceb9e632ffe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hierarchy Settings Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to edit and delete Hierarchy Settings\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/settings/write\",\n \"Microsoft.Management/managementGroups/settings/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-13T23:55:11.0212387Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.0882347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/350f8d15-c687-4448-8ae1-157740a3936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"350f8d15-c687-4448-8ae1-157740a3936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal full access to FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/*\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-03-17T18:35:04.4949547Z\",\n \"updatedOn\": \"2023-08-18T22:59:42.5066274Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a1fc7df-4bf1-4951-a576-89034ee01acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and export FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:45:01.9764073Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.7992557Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3db33094-8700-4567-8da5-1501d4e7e843\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:49:04.8353499Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.9692275Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c8d0bbc-75d3-4935-991f-5f3c56d81508\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and write FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:55:35.2413335Z\",\n \"updatedOn\": \"2023-07-25T15:17:34.7618105Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f88fce4-5892-4214-ae73-ba5294559913\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-25T18:05:14.8375678Z\",\n \"updatedOn\": \"2021-11-11T20:14:24.504239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for Azure Object Understanding.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-04-22T19:15:09.0697923Z\",\n \"updatedOn\": \"2021-11-11T20:14:26.8743132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dd61c23-6743-42fe-a388-d8bdd41cb745\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dd61c23-6743-42fe-a388-d8bdd41cb745\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read, write, and delete access to map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\",\n \"Microsoft.Maps/accounts/*/write\",\n \"Microsoft.Maps/accounts/*/delete\",\n \"Microsoft.Maps/accounts/*/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-07T20:55:05.064541Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.3092598Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the ability to view, create, edit, or delete projects.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-08T23:47:07.0779345Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.8342655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Publish, unpublish or export models. Deployment can view the project but can’t update.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/classify/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/detect/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:31:05.952862Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.0142669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c4089e1-6d96-4d2f-b296-c1bc7137275f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can’t update anything other than training images and tags.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:33:20.8278896Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.1892871Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88424f51-ebe7-446f-bc41-7fa16989e96c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only actions in the project. Readers can’t create or update the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:34:18.5328818Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.3642707Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"93586559-c37d-4a6b-ba08-b9f0940c2d73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Trainer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can’t create or delete the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:35:13.8147804Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.5442713Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. Cannot manage key vault resources or manage role assignments. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:46.2349235Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.2542755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00482a5a-887f-4fb3-b363-3b7fe8e74483\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00482a5a-887f-4fb3-b363-3b7fe8e74483\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform cryptographic operations using keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/update/action\",\n \"Microsoft.KeyVault/vaults/keys/backup/action\",\n \"Microsoft.KeyVault/vaults/keys/encrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/decrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\",\n \"Microsoft.KeyVault/vaults/keys/sign/action\",\n \"Microsoft.KeyVault/vaults/keys/verify/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0699268Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.6042921Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12338af0-0e69-4776-bea7-57ae8d297424\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12338af0-0e69-4776-bea7-57ae8d297424\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the secrets of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.1449242Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.779347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b86a8fe4-44ce-4948-aee5-eccb2c155cd7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b86a8fe4-44ce-4948-aee5-eccb2c155cd7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read secret contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2049241Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.9542829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4633458b-17de-408a-b874-0445c86b69e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4633458b-17de-408a-b874-0445c86b69e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificates Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the certificates of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificatecas/*\",\n \"Microsoft.KeyVault/vaults/certificates/*\",\n \"Microsoft.KeyVault/vaults/certificatecontacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2499247Z\",\n \"updatedOn\": \"2023-06-09T18:51:51.8587772Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4417e6f-fecd-4de8-b567-7b0420556985\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4417e6f-fecd-4de8-b567-7b0420556985\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of key vaults and its certificates, keys, and secrets. Cannot read sensitive values such as secret contents or key material. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2949294Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.3043292Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21090545-7ca7-4776-b22c-e363652d74d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21090545-7ca7-4776-b22c-e363652d74d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Encryption User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-20T20:55:19.239847Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.8443056Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e147488a-f6f5-4113-8e2d-b22465e65bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e147488a-f6f5-4113-8e2d-b22465e65bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources in cluster/namespace, except secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/read\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/read\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/read\",\n \"Microsoft.Kubernetes/connectedClusters/pods/read\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/read\",\n \"Microsoft.Kubernetes/connectedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:51:12.8801199Z\",\n \"updatedOn\": \"2021-11-11T20:14:33.8193353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63f0a09d-1495-4db4-a681-037d84835eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63f0a09d-1495-4db4-a681-037d84835eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:53:50.6749823Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.0043462Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b999177-9696-4545-85c7-50de3797e5a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b999177-9696-4545-85c7-50de3797e5a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:55:30.9910462Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.1743694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8393591c-06b9-48a2-a542-1bd6b377f6a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8393591c-06b9-48a2-a542-1bd6b377f6a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:57:06.0391177Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.3593384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dffb1e0c-446f-4dde-a09f-99eb5cc68b96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dffb1e0c-446f-4dde-a09f-99eb5cc68b96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:47:24.4071415Z\",\n \"updatedOn\": \"2022-10-13T01:31:35.5535817Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.ContainerService/managedClusters/resourcequotas/write\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/delete\",\n \"Microsoft.ContainerService/managedClusters/namespaces/write\",\n \"Microsoft.ContainerService/managedClusters/namespaces/delete\"\n ]\n }\n ],\n \"createdOn\": \"2020-07-02T17:50:30.4020311Z\",\n \"updatedOn\": \"2023-05-09T19:55:25.9025082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3498e952-d568-435e-9b2c-8d77e338d7f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3498e952-d568-435e-9b2c-8d77e338d7f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/read\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/read\",\n \"Microsoft.ContainerService/managedClusters/configmaps/read\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/endpoints/read\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/managedClusters/pods/read\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/read\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/read\",\n \"Microsoft.ContainerService/managedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:53:05.5728294Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.286456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f6c6a51-bcf8-42ba-9220-52d62157d7db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f6c6a51-bcf8-42ba-9220-52d62157d7db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/*\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/*\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/read\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/write\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/delete\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/*\",\n \"Microsoft.ContainerService/managedClusters/configmaps/*\",\n \"Microsoft.ContainerService/managedClusters/endpoints/*\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/managedClusters/pods/*\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/*\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/secrets/*\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/*\",\n \"Microsoft.ContainerService/managedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:54:51.9644983Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.2854555Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Services Hub Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.ServicesHub/connectors/write\",\n \"Microsoft.ServicesHub/connectors/read\",\n \"Microsoft.ServicesHub/connectors/delete\",\n \"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action\",\n \"Microsoft.ServicesHub/supportOfferingEntitlement/read\",\n \"Microsoft.ServicesHub/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-20T17:57:22.0644902Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.5544021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"82200a5b-e217-47a5-b665-6d8765ee745b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object understanding account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-23T19:16:31.9929119Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.9070085Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18777c0-1514-4662-8490-608db7d334b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18777c0-1514-4662-8490-608db7d334b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/clientToken/action\",\n \"Microsoft.SignalRService/SignalR/hub/*\",\n \"Microsoft.SignalRService/SignalR/group/*\",\n \"Microsoft.SignalRService/SignalR/clientConnection/*\",\n \"Microsoft.SignalRService/SignalR/user/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T09:35:32.2764751Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd53cd77-2268-407a-8f46-7e7863d0f521\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd53cd77-2268-407a-8f46-7e7863d0f521\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage data packages of a collaborative.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/locations/dataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/receivedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/rejectDataPackage/action\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/sharedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/dataModels/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/auditLogs/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-14T11:58:31.8973556Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.2428145Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/daa9e50b-21df-454c-94a6-a8050adab352\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"daa9e50b-21df-454c-94a6-a8050adab352\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management and content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:40:19.237361Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.7922672Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management and content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:56:22.352051Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.9672678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/02ca0879-e8e4-47a5-a61e-5c618b76e64a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"02ca0879-e8e4-47a5-a61e-5c618b76e64a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:58:18.42555Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.1433368Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0378884a-3af5-44ab-8323-f5b22f9f3c98\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0378884a-3af5-44ab-8323-f5b22f9f3c98\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:02:43.3299181Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.6754856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the system level configuration.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-10T07:46:47.5804491Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.6930781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cb43c632-a144-4ec5-977c-e80c4affc34a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-10T07:47:59.6195639Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.8780761Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b20f47b-3825-43cb-8114-4bd2201156a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and list Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:31:38.027274Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:48:26.6032931Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5dffeca3-4936-4216-b2bc-10343a5abb25\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/list/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/search/action\",\n \"Microsoft.AgFoodPlatform/*/download/action\",\n \"Microsoft.AgFoodPlatform/*/overlap/action\",\n \"Microsoft.AgFoodPlatform/*/checkConsent/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:08.913882Z\",\n \"updatedOn\": \"2022-12-13T16:08:52.9655626Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/write\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/farmers/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.7239169Z\",\n \"updatedOn\": \"2023-12-01T07:52:03.4961232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8508508a-4469-4e45-963b-2518ee0bb728\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides admin access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.8039209Z\",\n \"updatedOn\": \"2021-11-11T20:14:45.3613128Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f8da80de-1ff9-4747-ad80-a19b7f6079e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed HSM contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage managed HSM pools, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/managedHSMs/*\",\n \"Microsoft.KeyVault/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/purge/action\",\n \"Microsoft.KeyVault/locations/managedHsmOperationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-16T21:47:01.1291104Z\",\n \"updatedOn\": \"2022-03-08T00:35:44.4196909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18500a29-7fe2-46b2-a342-b16a415e101d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-01T08:55:21.3980274Z\",\n \"updatedOn\": \"2021-11-11T20:14:47.547135Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b555d9b-b4a7-4f43-b330-627f0e5be8f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b555d9b-b4a7-4f43-b330-627f0e5be8f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/group/read\",\n \"Microsoft.SignalRService/SignalR/clientConnection/read\",\n \"Microsoft.SignalRService/SignalR/user/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:19:05.6463616Z\",\n \"updatedOn\": \"2021-11-11T20:14:48.790297Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddde6b66-c0df-4114-a159-3618637b3035\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddde6b66-c0df-4114-a159-3618637b3035\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:20:32.150141Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e4f1700-ea5a-4f59-8f37-079cfe29dce3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e4f1700-ea5a-4f59-8f37-079cfe29dce3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reservation Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase reservations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Compute/register/action\",\n \"Microsoft.Consumption/register/action\",\n \"Microsoft.Consumption/reservationRecommendationDetails/read\",\n \"Microsoft.Consumption/reservationRecommendations/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SQL/register/action\",\n \"Microsoft.Support/supporttickets/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-23T20:22:48.9217751Z\",\n \"updatedOn\": \"2022-04-14T02:20:54.5414624Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7b75c60-3036-4b75-91c3-6b41c27c1689\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7b75c60-3036-4b75-91c3-6b41c27c1689\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Metrics Writer (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you write metrics to AzureML workspace\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/metrics/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-27T16:55:19.566495Z\",\n \"updatedOn\": \"2021-11-11T20:14:49.8655015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"635dd51f-9968-44d3-b7fb-6d9a6bd613ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform backup and restore operations using Azure Backup on the storage account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/operations/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/delete\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/write\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/restorePointMarkers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/restoreBlobRanges/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-02T23:32:50.4203469Z\",\n \"updatedOn\": \"2022-04-20T05:50:13.0184092Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Metric Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creation, writes and reads to the metric set via the metrics service APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-10T20:07:53.7535885Z\",\n \"updatedOn\": \"2021-11-11T20:14:50.9524177Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6188b7c9-7d01-4f99-a59f-c88b630326c0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6188b7c9-7d01-4f99-a59f-c88b630326c0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Curator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\",\n \"Microsoft.ProjectBabylon/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:31:33.7988825Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.4929515Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9ef4ef9c-a049-46b0-82ab-dd8ac094c889\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9ef4ef9c-a049-46b0-82ab-dd8ac094c889\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:33:13.5342351Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.6729667Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d896ba-346d-4f50-bc1d-7d1c84130446\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d896ba-346d-4f50-bc1d-7d1c84130446\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Source Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/scan/read\",\n \"Microsoft.ProjectBabylon/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:34:01.8401954Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.8529643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05b7651b-dc44-475e-b74d-df3db49fae0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05b7651b-dc44-475e-b74d-df3db49fae0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-03T23:26:00.2784962Z\",\n \"updatedOn\": \"2021-11-11T20:14:52.9432015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca6382a4-1721-4bcf-a114-ff0c70227b6b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca6382a4-1721-4bcf-a114-ff0c70227b6b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:36:19.0140629Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.0407838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49a72310-ab8d-41df-bbb0-79b649203868\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49a72310-ab8d-41df-bbb0-79b649203868\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:37:16.2910337Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.2107872Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/082f0a83-3be5-4ba1-904c-961cca79b387\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"082f0a83-3be5-4ba1-904c-961cca79b387\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/*\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:38:29.6089216Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.3907854Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21efdde3-836f-432b-bf3d-3e8e734d4b2b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21efdde3-836f-432b-bf3d-3e8e734d4b2b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User Session Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization User Session.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:16.9100273Z\",\n \"updatedOn\": \"2024-10-31T14:20:50.9460757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Session Host Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization Session Host.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:53.2569741Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.7508042Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ad6aaab-ead9-4eaa-8ac5-da422f562408\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ad6aaab-ead9-4eaa-8ac5-da422f562408\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:33.1430834Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.9257967Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ceadfde2-b300-400a-ab7b-6143895aa822\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ceadfde2-b300-400a-ab7b-6143895aa822\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:57.2976187Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.1057701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e307426c-f9b6-4e81-87de-d99efb3c32bc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e307426c-f9b6-4e81-87de-d99efb3c32bc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:18.0287398Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.2858006Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:38.6205531Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.4677136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86240b0e-9422-4c43-887b-b61143f32ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86240b0e-9422-4c43-887b-b61143f32ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:58.1892707Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.6577168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T07:39:03.8394514Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.0178737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk restore.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:31.8481619Z\",\n \"updatedOn\": \"2025-08-21T09:27:36.8531131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b50d9833-a0cb-478e-945f-707fcc997c13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b50d9833-a0cb-478e-945f-707fcc997c13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to manage disk snapshots.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:51.4471411Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.9158814Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7efff54f-a5b4-42b5-a1c5-5411624893ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7efff54f-a5b4-42b5-a1c5-5411624893ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Kubernetes connected cluster role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Kubernetes connected cluster role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.Kubernetes/connectedClusters/write\",\n \"Microsoft.Kubernetes/connectedClusters/delete\",\n \"Microsoft.Kubernetes/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-07T23:57:10.9923232Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.2039838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5548b2cf-c94c-4228-90ba-30851930a12f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5548b2cf-c94c-4228-90ba-30851930a12f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submission Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create and manage submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/adminview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/analystview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/publicview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T09:35:36.5739297Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.3939604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a37b566d-3efa-4beb-a2f2-698963fa42ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a37b566d-3efa-4beb-a2f2-698963fa42ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/platforms/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/write\",\n \"Microsoft.SecurityDetonation/chambers/platforms/delete\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/write\",\n \"Microsoft.SecurityDetonation/chambers/workflows/delete\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/write\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/delete\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/cancel/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T11:43:14.0858184Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.5639749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/352470b3-6a9c-4686-b503-35deb827e500\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"352470b3-6a9c-4686-b503-35deb827e500\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Runtime Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage resources created by AICS at runtime\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/derivedModels/*\",\n \"Microsoft.IndustryDataLifecycle/pipelineSets/*\",\n \"Microsoft.IndustryDataLifecycle/modelMappings/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-19T10:00:27.3464971Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.7442136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a6f0e70-c033-4fb1-828c-08514e5f4102\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a6f0e70-c033-4fb1-828c-08514e5f4102\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosRestoreOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform restore action for Cosmos DB database account with continuous backup mode\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/restore/action\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/*/read\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-21T19:51:35.3884884Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.4892686Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5432c526-bc82-444a-b7ba-57c5b0b5b34f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5432c526-bc82-444a-b7ba-57c5b0b5b34f\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Converter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to convert data from legacy format to FHIR\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-22T19:39:01.1601069Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.8605937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1705bd2-3a8f-45a5-8683-466fcfd5cc24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create quota requests, get quota request status, and create support tickets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/read\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/write\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimitsRequests/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Quota/usages/read\",\n \"Microsoft.Quota/quotas/read\",\n \"Microsoft.Quota/quotas/write\",\n \"Microsoft.Quota/quotaRequests/read\",\n \"Microsoft.Quota/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-03T00:06:35.8404575Z\",\n \"updatedOn\": \"2022-12-07T21:46:59.0116853Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e5f05e5-9ab9-446b-b98d-1e2157c94125\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e5f05e5-9ab9-446b-b98d-1e2157c94125\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-08T18:46:18.8999557Z\",\n \"updatedOn\": \"2021-11-11T20:15:01.6867802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e241071-0855-49ea-94dc-649edcd759de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to query submission info and files from Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-01T14:06:46.2814905Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.327409Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28241645-39f8-410b-ad48-87863e2951d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28241645-39f8-410b-ad48-87863e2951d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:20:47.0279813Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.5006082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a167cdf-cb95-4554-9203-2347fe489bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a167cdf-cb95-4554-9203-2347fe489bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:42:02.0014737Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.6855873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\"\n },\n {\n \"properties\": {\n \"roleName\": \"WorkloadBuilder Migration Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"WorkloadBuilder Migration Agent Role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WorkloadBuilder/migrationAgents/Read\",\n \"Microsoft.WorkloadBuilder/migrationAgents/Write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-11T17:07:20.0828003Z\",\n \"updatedOn\": \"2021-11-11T20:15:04.2456706Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d17ce0a2-0697-43bc-aac5-9113337ab61c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d17ce0a2-0697-43bc-aac5-9113337ab61c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-25T11:12:12.678601Z\",\n \"updatedOn\": \"2021-11-11T20:15:05.3368606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5537268-8956-4941-a8f0-646150406f0c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5537268-8956-4941-a8f0-646150406f0c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:49.7826633Z\",\n \"updatedOn\": \"2024-04-12T06:28:35.0285254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e75ca1e-0464-4b4d-8b93-68208a576181\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Recognizer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/detect/action\",\n \"Microsoft.CognitiveServices/accounts/Face/verify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/identify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/group/action\",\n \"Microsoft.CognitiveServices/accounts/Face/findsimilars/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/read\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-31T01:51:41.3557295Z\",\n \"updatedOn\": \"2023-11-10T00:42:33.8288289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9894cab4-e18a-44aa-828b-cb588cd6f2d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Query Tester\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform query testing without creating a stream analytics job first\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/locations/TestQuery/action\",\n \"Microsoft.StreamAnalytics/locations/OperationResults/read\",\n \"Microsoft.StreamAnalytics/locations/SampleInput/action\",\n \"Microsoft.StreamAnalytics/locations/CompileQuery/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T17:33:24.572787Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.0481551Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\"\n },\n {\n \"properties\": {\n \"roleName\": \"AnyBuild Builder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AnyBuild/clusters/build/write\",\n \"Microsoft.AnyBuild/clusters/build/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T22:07:00.4963853Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.4254134Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2138dac-4907-4679-a376-736901ed8ad8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2138dac-4907-4679-a376-736901ed8ad8\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to IoT Hub data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*/read\",\n \"Microsoft.Devices/IotHubs/fileUpload/notifications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T18:03:29.8843192Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.6054154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b447c946-2db7-41ec-983d-d8bf3b1c77e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b447c946-2db7-41ec-983d-d8bf3b1c77e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Twin Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to all IoT Hub device and module twins.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/twins/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:10.1136903Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.7855063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494bdba2-168f-4f31-a0a1-191d2f7c028c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494bdba2-168f-4f31-a0a1-191d2f7c028c\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub device registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/devices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:47.5532704Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.9804295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ea46cd5-c1b2-4a8e-910b-273211f9ce47\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ea46cd5-c1b2-4a8e-910b-273211f9ce47\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:37:16.9927761Z\",\n \"updatedOn\": \"2021-11-11T20:15:09.1754206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fc6c259-987e-4a07-842e-c321cc9d413f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fc6c259-987e-4a07-842e-c321cc9d413f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Test Base Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let you view and download packages and test results.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getVideoDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/getDownloadUrl/action\",\n \"Microsoft.TestBase/*/read\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/write\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-05-11T23:41:33.1038367Z\",\n \"updatedOn\": \"2021-11-11T20:15:10.8004347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/15e0f5a1-3450-4248-8e25-e2afe88a9e85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"15e0f5a1-3450-4248-8e25-e2afe88a9e85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T20:26:13.4850461Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.3604371Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1407120a-92aa-4202-b7e9-c0e197c71c8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T22:15:16.5388472Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.5504385Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ebe5a00-799e-43f5-93ac-243d3dce84a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:40:54.9150717Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.1005298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76199698-9eea-4c19-bc75-cec21354c6b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76199698-9eea-4c19-bc75-cec21354c6b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:51:59.820761Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.2854966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and search DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:58:30.1630494Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.0154948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:59:30.8659515Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.1904985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58a3b984-7adf-4c20-983a-32417c86fbc8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58a3b984-7adf-4c20-983a-32417c86fbc8\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-02T21:55:40.4847495Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6111233Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a91429-5739-47e2-a06b-3470a27159e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Pool Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-08T17:26:05.1079972Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.9154612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60fc6e62-5479-42d4-8bf4-67625fcc2840\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60fc6e62-5479-42d4-8bf4-67625fcc2840\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Data Scientist\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-14T21:51:06.0361218Z\",\n \"updatedOn\": \"2023-05-30T15:09:08.4457249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6c7c914-8db3-469d-8ca1-694a8f32e121\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage server-wide settings and manage access to resources such as organizations, users, and licenses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-15T21:32:35.380234Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/22926164-76b3-42b3-bc55-97df8dab3e41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"22926164-76b3-42b3-bc55-97df8dab3e41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected SQL Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/sqlServerInstances/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-19T23:52:15.8885739Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.1754742Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8113dce-c529-4d33-91fa-e9b972617508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8113dce-c529-4d33-91fa-e9b972617508\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:37:20.7558643Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.5454755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26baccc8-eea7-41f1-98f4-1762cc7f685d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:44:26.3023126Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.7154782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2787bf04-f1f5-4bfe-8383-c8a24483ee38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Listener\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listen access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/listen/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T18:38:03.1437496Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.9005232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26e0b698-aa6d-4085-9386-aadae190014d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View dashboards, playlists, and query data sources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:36:18.7737511Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60921a7e-fef1-4a43-9b16-a26c52ad4769\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60921a7e-fef1-4a43-9b16-a26c52ad4769\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, edit, delete, or view dashboards; create, edit, or delete folders; and edit or view playlists.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:37:32.5299593Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a79a5197-3a5c-4973-a920-486035ffd60f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a79a5197-3a5c-4973-a920-486035ffd60f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage azure automation resources and other resources using azure automation.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automation/automationAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/ActionGroups/*\",\n \"Microsoft.Insights/ActivityLogAlerts/*\",\n \"Microsoft.Insights/MetricAlerts/*\",\n \"Microsoft.Insights/ScheduledQueryRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T10:18:19.1054699Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.7304954Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f353d9bd-d4a6-484e-a77a-8050b599b867\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f353d9bd-d4a6-484e-a77a-8050b599b867\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Extension Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:47:50.6828896Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.9155393Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85cb6faf-e071-4c9b-8136-154b5a04f717\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85cb6faf-e071-4c9b-8136-154b5a04f717\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to Device Provisioning Service data-plane properties.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:53:12.1374732Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.0905503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/10745317-c249-44a1-a5ce-3a4353c0bbd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"10745317-c249-44a1-a5ce-3a4353c0bbd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Device Provisioning Service data-plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:54:03.2783227Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.2605302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce44e4-17b7-4bd1-a6d1-04996ec95633\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce44e4-17b7-4bd1-a6d1-04996ec95633\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Certificate Profile Signer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Sign files with a certificate profile. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/certificateProfiles/Sign/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-16T23:17:53.0002693Z\",\n \"updatedOn\": \"2024-04-05T05:34:02.8330268Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2837e146-70d7-4cfd-ad55-7efa6464f958\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2837e146-70d7-4cfd-ad55-7efa6464f958\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:40:17.9785063Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.9655101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cff1b556-2399-4e7e-856d-a8f754be7b65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cff1b556-2399-4e7e-856d-a8f754be7b65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\",\n \"Microsoft.AppPlatform/Spring/eurekaService/write\",\n \"Microsoft.AppPlatform/Spring/eurekaService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:42:38.9153779Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.1405497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5880b48-c26d-48be-b172-7927bfa1c8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5880b48-c26d-48be-b172-7927bfa1c8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-26T01:50:51.5123701Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.3155517Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d04c6db6-4947-4782-9e91-30a88feb7be7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d04c6db6-4947-4782-9e91-30a88feb7be7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\",\n \"Microsoft.AppPlatform/Spring/configService/write\",\n \"Microsoft.AppPlatform/Spring/configService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-06T02:30:47.861158Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.0405208Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure VM Managed identities restore Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-13T05:27:59.2180214Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.5805266Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6ae96244-5829-4925-a7d3-5975537d91dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6ae96244-5829-4925-a7d3-5975537d91dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Search and Render Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/render/read\",\n \"Microsoft.Maps/accounts/services/search/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:17:50.5178931Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.045541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6be48352-4f82-47c9-ad5e-0acacefdb005\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6be48352-4f82-47c9-ad5e-0acacefdb005\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access all Azure Maps resource management.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maps/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:19:13.1357904Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.2455414Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dba33070-676a-4fb0-87fa-064dc56ff7fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dba33070-676a-4fb0-87fa-064dc56ff7fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/*\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachineinstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:19:53.0087024Z\",\n \"updatedOn\": \"2023-08-31T13:23:35.2639121Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b748a06d-6150-4f8a-aaa9-ce3940cd96cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b748a06d-6150-4f8a-aaa9-ce3940cd96cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/join/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/Read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/clone/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/Read\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/Read\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/Read\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/allocateSpace/action\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:20:46.5105444Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Administrator role \",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all connected VMwarevSphere actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T17:12:42.6172725Z\",\n \"updatedOn\": \"2024-05-21T15:16:30.6838061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddc140ed-e463-4246-9145-7c664192013f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddc140ed-e463-4246-9145-7c664192013f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, Write, Deploy and Delete functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:28:02.96118Z\",\n \"updatedOn\": \"2021-11-11T20:15:25.4884913Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f72c8140-2111-481c-87ff-72b910f6e3f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/*/read\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action\",\n \"Microsoft.CognitiveServices/accounts/Language/generate/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:14.7643336Z\",\n \"updatedOn\": \"2023-02-28T16:09:04.1394585Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7628b7b8-a8b2-4cdc-b46f-e9b35248918e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, and Write functions under Language Portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:39.5761019Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2904465Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, Write, Deploy and Delete functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:07.6173528Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2749033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f07febfe-79bc-46b1-8b37-790e26e6e498\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under LUIS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*/read\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:31.2704834Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.2134821Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e81cdc-4e98-4e29-a639-e7d10c5a6226\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, and Write functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/delete\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:31:12.1580052Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.3934523Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6322a993-d5c9-4bed-b113-e49bbea25b27\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PlayFab/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T23:26:57.2248605Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.5784834Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9a19cc5-31f4-447c-901f-56c0bb18fcaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9a19cc5-31f4-447c-901f-56c0bb18fcaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, update, delete and execute load tests. View and list load test resources but can not make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/*\",\n \"Microsoft.LoadTestService/testProfiles/*\",\n \"Microsoft.LoadTestService/testProfileRuns/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:11:21.0936461Z\",\n \"updatedOn\": \"2025-09-29T15:12:02.8710803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749a398d-560b-491b-bb21-08924219302e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749a398d-560b-491b-bb21-08924219302e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute all operations on load test resources and load tests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:12:24.5500195Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45bb0b16-2f0c-4e78-afaa-a07599b003f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45bb0b16-2f0c-4e78-afaa-a07599b003f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contributor access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PlayFab/*/read\",\n \"Microsoft.PlayFab/*/write\",\n \"Microsoft.PlayFab/*/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T00:55:37.3326276Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.0547167Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c8b84dc-067c-4039-9615-fa1a4b77c726\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c8b84dc-067c-4039-9615-fa1a4b77c726\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View and list all load tests and load test resources but can not make any changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/readTest/action\",\n \"Microsoft.LoadTestService/testProfiles/read\",\n \"Microsoft.LoadTestService/testProfileRuns/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T06:14:08.3903105Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3ae3fb29-0000-4ccd-bf80-542e7b26e081\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3ae3fb29-0000-4ccd-bf80-542e7b26e081\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Immersive Reader User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create Immersive Reader sessions and call APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T19:52:14.4487503Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.4146975Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b2de6794-95db-4659-8781-7e080d3f2b9d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:51:03.3308981Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.7792013Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f69b8690-cc87-41d6-b77a-a4bc3c0a966f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f69b8690-cc87-41d6-b77a-a4bc3c0a966f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services reader role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:55:30.4208618Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.9592032Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Assistant\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab assistant role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:10.4295443Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.144253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce40b423-cede-4313-a93f-9b28290b72e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce40b423-cede-4313-a93f-9b28290b72e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab operator role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:41.9942935Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.3242664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a36e6959-b6be-4b12-8e9f-ef4b474d304d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a36e6959-b6be-4b12-8e9f-ef4b474d304d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/write\",\n \"Microsoft.LabServices/labs/delete\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/syncGroup/action\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:57:05.9018065Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.4992096Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5daaa2af-1fe8-407c-9122-bba179798270\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5daaa2af-1fe8-407c-9122-bba179798270\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/policyAssignments/*\",\n \"Microsoft.Authorization/policyDefinitions/*\",\n \"Microsoft.Authorization/policyExemptions/*\",\n \"Microsoft.Authorization/policySetDefinitions/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.IoTSecurity/*\",\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:51:23.0917487Z\",\n \"updatedOn\": \"2023-06-27T15:20:21.4401023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb1c8493-542b-48eb-b624-b4c8fea62acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:10:11.833518Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12cf5a90-567b-43ae-8102-96cf46c7d9b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12cf5a90-567b-43ae-8102-96cf46c7d9b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:11:12.6235436Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR App Server\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets your app server access SignalR Service with AAD auth options.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/accessKey/action\",\n \"Microsoft.SignalRService/SignalR/serverConnection/write\",\n \"Microsoft.SignalRService/SignalR/clientConnection/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T06:54:40.1201435Z\",\n \"updatedOn\": \"2021-11-16T05:19:04.8579948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/420fcaa2-552c-430f-98ca-3264be4806c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"420fcaa2-552c-430f-98ca-3264be4806c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a regular user.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.HybridCompute/machines/login/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:55:50.6185845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb879df8-f326-4884-b1cf-06f3ad86be52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb879df8-f326-4884-b1cf-06f3ad86be52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.Compute/virtualMachines/loginAsAdmin/action\",\n \"Microsoft.HybridCompute/machines/login/action\",\n \"Microsoft.HybridCompute/machines/loginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:56:53.8134295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c0163c0-47e6-4577-8991-ea5c82e286e4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c0163c0-47e6-4577-8991-ea5c82e286e4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete and re-onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/*\",\n \"Microsoft.HybridCompute/machines/runCommands/*\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/settings/*\",\n \"Microsoft.HybridCompute/gateways/*\",\n \"Microsoft.HybridCompute/privateLinkScopes/*\",\n \"Microsoft.HybridCompute/licenses/*\",\n \"Microsoft.HybridCompute/locations/*\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:24:59.1474607Z\",\n \"updatedOn\": \"2025-01-31T22:43:26.2952467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd570a14-e51a-42ad-bac8-bafd67325302\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd570a14-e51a-42ad-bac8-bafd67325302\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backup services, except removal of backup, vault creation and giving access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/accessToken/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/write\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/write\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupTriggerValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationsStatuses/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupAadProperties/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrossRegionRestore/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:21:11.894764Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2914246Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00c29273-979b-4161-815c-10b084fb9324\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00c29273-979b-4161-815c-10b084fb9324\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can save shared workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/workbooks/write\",\n \"Microsoft.Insights/workbooks/delete\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/workbooks/revisions/read\",\n \"Microsoft.Insights/workbooktemplates/write\",\n \"Microsoft.Insights/workbooktemplates/delete\",\n \"Microsoft.Insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:59:42.4820277Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8ddcd69-c73f-4f9f-9844-4100522f16ad\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8ddcd69-c73f-4f9f-9844-4100522f16ad\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.insights/workbooks/read\",\n \"microsoft.insights/workbooks/revisions/read\",\n \"microsoft.insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:56:17.680814Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b279062a-9be3-42a0-92ae-8b3cf002ec4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b279062a-9be3-42a0-92ae-8b3cf002ec4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data and update monitoring settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.Monitor/settings/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:21:08.4345976Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749f88d5-cbae-40b8-bcfc-e573ddc772fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Metrics Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables publishing metrics against Azure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Insights/Metrics/Write\",\n \"Microsoft.Insights/Telemetry/Write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-14T00:36:16.5610279Z\",\n \"updatedOn\": \"2022-01-04T00:38:04.0289073Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3913510d-42f4-4e42-8a64-420c390055eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3913510d-42f4-4e42-8a64-420c390055eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 1 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\",\n \"Microsoft.Purview/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:37:15.0123345Z\",\n \"updatedOn\": \"2022-01-04T00:43:15.6924286Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a3c2885-9b38-4fd2-9d99-91af537c1347\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a3c2885-9b38-4fd2-9d99-91af537c1347\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 2 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/scan/read\",\n \"Microsoft.Purview/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:40:05.0975648Z\",\n \"updatedOn\": \"2022-01-04T00:47:22.9678219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/200bba9e-f0c8-430f-892b-6f0794863803\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"200bba9e-f0c8-430f-892b-6f0794863803\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 3 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:39:22.234474Z\",\n \"updatedOn\": \"2022-01-04T00:48:08.2844802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff100721-1b9d-43d8-af52-42b69c1272db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff100721-1b9d-43d8-af52-42b69c1272db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to upload and manage new Autonomous Development Platform measurements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/read\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/dataStreams/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurementCollections/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/changeState/action\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/changeState/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-12-15T11:30:01.7459379Z\",\n \"updatedOn\": \"2022-09-15T17:13:47.5365709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8b15564-4fa6-4a59-ab12-03e1d9594795\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8b15564-4fa6-4a59-ab12-03e1d9594795\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:13:59.9702378Z\",\n \"updatedOn\": \"2022-01-04T13:20:26.2040404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/27f8b550-c507-4db9-86f2-f4b8e816d59d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"27f8b550-c507-4db9-86f2-f4b8e816d59d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:11:31.9843256Z\",\n \"updatedOn\": \"2022-01-04T13:21:04.3207709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d63b75f7-47ea-4f27-92ac-e0d173aaf093\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d63b75f7-47ea-4f27-92ac-e0d173aaf093\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the keys of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/*\",\n \"Microsoft.KeyVault/vaults/keyrotationpolicies/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0099249Z\",\n \"updatedOn\": \"2022-01-06T23:21:17.9760884Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/14b46e9e-c2b7-41b4-b07b-48a6ebf60603\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"14b46e9e-c2b7-41b4-b07b-48a6ebf60603\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:01:34.705363Z\",\n \"updatedOn\": \"2022-01-13T01:35:51.6463216Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49e2f5d2-7741-4835-8efa-19e1fe35e47f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49e2f5d2-7741-4835-8efa-19e1fe35e47f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:59:52.1001666Z\",\n \"updatedOn\": \"2022-01-13T01:59:19.4616366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e4237640-0e3d-4a46-8fda-70bc94856432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e4237640-0e3d-4a46-8fda-70bc94856432\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Write\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.KubernetesConfiguration/extensions/Write\",\n \"Microsoft.KubernetesConfiguration/extensions/Read\",\n \"Microsoft.KubernetesConfiguration/extensions/Delete\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Write\",\n \"Microsoft.ExtendedLocation/customLocations/Delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ResourceConnector/appliances/Read\",\n \"Microsoft.ResourceConnector/appliances/Write\",\n \"Microsoft.ResourceConnector/appliances/Delete\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.BackupSolutions/vmwareapplications/write\",\n \"Microsoft.BackupSolutions/vmwareapplications/delete\",\n \"Microsoft.BackupSolutions/vmwareapplications/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T22:18:08.4480747Z\",\n \"updatedOn\": \"2023-08-18T17:54:09.8815166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/67d33e57-3129-45e6-bb0b-7cc522f762fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"67d33e57-3129-45e6-bb0b-7cc522f762fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Automation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Logic/workflows/triggers/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Logic/workflows/runs/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/runs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-24T08:50:52.0382991Z\",\n \"updatedOn\": \"2022-01-26T09:25:00.4699337Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4c81013-99ee-4d62-a7ee-b3f1f648599a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4c81013-99ee-4d62-a7ee-b3f1f648599a\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*/read\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.097708Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"871e35f6-b5c1-49cc-a043-bde969a0f2cd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can’t create, delete or modify the data/test/model/endpoint for custom models.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read\"\n ]\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:27.4339032Z\",\n \"updatedOn\": \"2024-10-18T20:00:21.397467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2dc8367-1007-4938-bd23-fe263f013447\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows Admin Center Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let's you manage the OS of your resource via Windows Admin Center as an administrator.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/upgradeExtensions/action\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkWatchers/securityGroupView/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/listManagedProxyDetails/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/versions/read\",\n \"Microsoft.Compute/diskAccesses/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete\",\n \"Microsoft.AzureStackHCI/Operations/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Write\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HybridCompute/machines/WACLoginAsAdmin/action\",\n \"Microsoft.Compute/virtualMachines/WACloginAsAdmin/action\",\n \"Microsoft.AzureStackHCI/Clusters/WACloginAsAdmin/Action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/WACloginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-12T00:51:19.5581155Z\",\n \"updatedOn\": \"2024-01-24T16:28:56.8362682Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a6333a3e-0164-44c3-b281-7a577aff287f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a6333a3e-0164-44c3-b281-7a577aff287f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Policy Add-on Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy the Azure Policy add-on on Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/proximityPlacementGroups/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-07T20:51:48.5662807Z\",\n \"updatedOn\": \"2022-03-15T23:34:13.5188193Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ed5180-3e48-46fd-8541-4ea054d57064\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ed5180-3e48-46fd-8541-4ea054d57064\"\n },\n {\n \"properties\": {\n \"roleName\": \"Guest Configuration Resource Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, write Guest Configuration Resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-13T21:31:41.9626667Z\",\n \"updatedOn\": \"2022-02-10T19:22:44.9057916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/088ab73d-1256-47ae-bea9-9de8e7131f31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"088ab73d-1256-47ae-bea9-9de8e7131f31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Insights/DiagnosticSettings/read\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/routes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:38:46.904317Z\",\n \"updatedOn\": \"2022-06-27T17:28:30.2892869Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/361898ef-9ed1-48c2-849c-a832951106bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"361898ef-9ed1-48c2-849c-a832951106bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/Read\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/register/action\",\n \"Microsoft.AAD/unregister/action\",\n \"Microsoft.AAD/domainServices/*\",\n \"Microsoft.Network/register/action\",\n \"Microsoft.Network/unregister/action\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/delete\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:40:22.3943189Z\",\n \"updatedOn\": \"2022-06-27T17:28:31.1017906Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eeaeda52-9324-47f6-8069-5d5bade478b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eeaeda52-9324-47f6-8069-5d5bade478b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Resolver Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS resolver resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsResolvers/read\",\n \"Microsoft.Network/dnsResolvers/write\",\n \"Microsoft.Network/dnsResolvers/delete\",\n \"Microsoft.Network/dnsResolvers/join/action\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/join/action\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/read\",\n \"Microsoft.Network/dnsForwardingRulesets/write\",\n \"Microsoft.Network/dnsForwardingRulesets/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/read\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/write\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/read\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/write\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/delete\",\n \"Microsoft.Network/locations/dnsResolverOperationResults/read\",\n \"Microsoft.Network/locations/dnsResolverOperationStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-16T23:25:04.4308795Z\",\n \"updatedOn\": \"2022-03-12T01:08:44.4650132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Enabled Kubernetes Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credentials action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredentials/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-28T17:37:00.7637445Z\",\n \"updatedOn\": \"2022-02-17T02:29:05.1000798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00493d72-78f6-4148-b6c5-d3ce8e4799dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00493d72-78f6-4148-b6c5-d3ce8e4799dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to upload data to empty managed disks, read, or export data of managed disks (not attached to running VMs) and snapshots using SAS URIs and Azure AD authentication.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/disks/download/action\",\n \"Microsoft.Compute/disks/upload/action\",\n \"Microsoft.Compute/snapshots/download/action\",\n \"Microsoft.Compute/snapshots/upload/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"updatedOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/959f8984-c045-4866-89c7-12bf9737be2e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"959f8984-c045-4866-89c7-12bf9737be2e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Sensor Partner Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to manage sensor related entities in AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete\"\n ]\n }\n ],\n \"createdOn\": \"2022-03-09T09:03:53.490279Z\",\n \"updatedOn\": \"2022-10-27T07:34:00.932807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b77f0a0-0d89-41cc-acd1-579c22c17a67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Sharing Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role allows user to share gallery to another subscription/tenant or share it to the public.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-10T04:36:08.9040323Z\",\n \"updatedOn\": \"2022-03-26T00:40:55.2620635Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ef6a3be-d0ac-425d-8c01-acb62866290b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ef6a3be-d0ac-425d-8c01-acb62866290b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Patching Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/maintenanceConfigurations/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/delete\",\n \"Microsoft.Maintenance/configurationAssignments/read\",\n \"Microsoft.Maintenance/configurationAssignments/write\",\n \"Microsoft.Maintenance/configurationAssignments/delete\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/applyUpdates/read\",\n \"Microsoft.Maintenance/updates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-21T14:34:05.5308153Z\",\n \"updatedOn\": \"2025-02-27T13:35:19.3626961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd08ab90-6b14-449c-ad9a-8f8e549482c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd08ab90-6b14-449c-ad9a-8f8e549482c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Dev Box User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create and manage dev boxes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T22:42:03.2894277Z\",\n \"updatedOn\": \"2023-10-18T19:06:15.1790546Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45d50f46-0b78-4001-a660-4198cbe8cd05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45d50f46-0b78-4001-a660-4198cbe8cd05\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Project Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage project resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/write\",\n \"Microsoft.DevCenter/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/adminStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminAlign/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminAction/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T23:57:37.3708041Z\",\n \"updatedOn\": \"2025-07-23T23:00:43.7994094Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/331c37c6-af14-46d9-b9f4-e1909e1b95a0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"331c37c6-af14-46d9-b9f4-e1909e1b95a0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Local User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a local user configured on the arc server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-07T04:12:11.0327385Z\",\n \"updatedOn\": \"2022-04-16T23:03:02.5542069Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/602da2ba-a5c2-41da-b01d-5360126ab525\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"602da2ba-a5c2-41da-b01d-5360126ab525\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/virtualmachines/*\",\n \"microsoft.scvmm/virtualMachineInstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.9085842Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e582369a-e17b-42a5-b10c-874c387c530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e582369a-e17b-42a5-b10c-874c387c530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Administrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ScVmm/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a92dfd61-77f9-4aec-a531-19858b406c87\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a92dfd61-77f9-4aec-a531-19858b406c87\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/vmmservers/Read\",\n \"microsoft.scvmm/vmmservers/Write\",\n \"microsoft.scvmm/vmmservers/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-05-19T07:39:31.0563245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"microsoft.scvmm/virtualnetworks/join/action\",\n \"microsoft.scvmm/virtualnetworks/Read\",\n \"microsoft.scvmm/virtualmachinetemplates/clone/action\",\n \"microsoft.scvmm/virtualmachinetemplates/Read\",\n \"microsoft.scvmm/clouds/deploy/action\",\n \"microsoft.scvmm/clouds/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0781e91-8102-4553-8951-97c6d4243cda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0781e91-8102-4553-8951-97c6d4243cda\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Pool Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/delete\",\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.HDInsight/clusterPools/write\",\n \"Microsoft.HDInsight/clusterpools/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterpools/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/upgradehistories/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:43.7126562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7656b436-37d4-490a-a4ab-d39f838f0042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7656b436-37d4-490a-a4ab-d39f838f0042\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/clusters/delete\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/rollback/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd036e6b-1266-47a0-b0bb-a05d04831731\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd036e6b-1266-47a0-b0bb-a05d04831731\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and import FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-19T12:03:07.1913541Z\",\n \"updatedOn\": \"2022-04-21T13:19:49.7566662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4465e953-8ced-4406-a58e-0f6e3f3b530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to read cluster configurations, resize clusters and run jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.Hdinsight/clusterpools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\",\n \"Microsoft.Insights/diagnosticSettings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-26T14:14:33.8566334Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcf28286-af25-4c81-bb6f-351fcab5dbe9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcf28286-af25-4c81-bb6f-351fcab5dbe9\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Developer Portal Content Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can customize the developer portal, edit its content, and publish it.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/portalRevisions/read\",\n \"Microsoft.ApiManagement/service/portalRevisions/write\",\n \"Microsoft.ApiManagement/service/contentTypes/read\",\n \"Microsoft.ApiManagement/service/contentTypes/delete\",\n \"Microsoft.ApiManagement/service/contentTypes/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/read\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-06T21:46:28.7501982Z\",\n \"updatedOn\": \"2022-05-11T01:48:03.0899467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c031e6a8-4391-4de0-8d69-4706a7ed3729\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c031e6a8-4391-4de0-8d69-4706a7ed3729\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role that provides access to disk snapshot for security analysis.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/instanceView/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/instanceView/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-15T19:19:38.5462809Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7808068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to all resources under Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-26T12:41:01.1833837Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80dcbedb-47ef-405d-95bd-188a1b4ac406\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80dcbedb-47ef-405d-95bd-188a1b4ac406\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for control path read access to Azure Elastic SAN\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-01T07:05:04.5639037Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af6a70f8-3c9f-4105-acf1-d719e9fca4ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af6a70f8-3c9f-4105-acf1-d719e9fca4ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read\",\n \"Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/availabilitySets/vmSizes/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.Compute/locations/usages/read\",\n \"Microsoft.Compute/locations/vmSizes/read\",\n \"Microsoft.Compute/operations/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/runCommand/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/write\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read\",\n \"Microsoft.KeyVault/vaults/deploy/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.2575005Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5340758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a959dbd1-f747-45e3-8ba6-dd80f235f97c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Off Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureStackHCI/operations/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/restart/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/stop/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/eventtypes/values/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-08-15T18:24:59.2883823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40c5ff49-9181-41f8-ae61-143b0e78555e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40c5ff49-9181-41f8-ae61-143b0e78555e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-02-12T16:11:25.5904731Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/489581de-a3bd-480d-9518-53dea7416b33\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"489581de-a3bd-480d-9518-53dea7416b33\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Group Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to a volume group in Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8281131-f312-4f34-8d98-ae12be9f0d23\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8281131-f312-4f34-8d98-ae12be9f0d23\"\n },\n {\n \"properties\": {\n \"roleName\": \"Access Review Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Management/getEntities/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76cc9ee4-d5d3-4a45-a930-26add3d73475\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76cc9ee4-d5d3-4a45-a930-26add3d73475\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Identity Verifier\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage identity or business verification requests. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/IdentityVerification/Read\",\n \"Microsoft.CodeSigning/IdentityVerification/Write\",\n \"Microsoft.CodeSigning/IdentityVerification/Delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-29T07:36:35.8877235Z\",\n \"updatedOn\": \"2024-10-24T14:08:43.6479343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4339b7cf-9826-4e41-b4ed-c7f4505dac08\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4339b7cf-9826-4e41-b4ed-c7f4505dac08\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Restricted Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to view and search through all video's insights and transcription in the Video Indexer portal. No access to model customization, embedding of widget, downloading videos, or sharing the account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/*/read\",\n \"Microsoft.VideoIndexer/accounts/*/action\"\n ],\n \"notActions\": [\n \"Microsoft.VideoIndexer/*/write\",\n \"Microsoft.VideoIndexer/*/delete\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"updatedOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2c4a527-7dc0-4ee3-897b-403ade70fafb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2c4a527-7dc0-4ee3-897b-403ade70fafb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access the data in an Azure Monitor Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Monitor/accounts/data/metrics/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T15:27:32.9926129Z\",\n \"updatedOn\": \"2022-10-07T20:52:48.6545841Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b0d8363b-8ddd-447d-831f-62ca05bff136\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b0d8363b-8ddd-447d-831f-62ca05bff136\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7837694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5af6afb3-c06c-4fa4-8848-71a8aee05683\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5af6afb3-c06c-4fa4-8848-71a8aee05683\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/apps/deployments/*\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/*\",\n \"Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/*\",\n \"Microsoft.ContainerService/fleets/batch/jobs/*\",\n \"Microsoft.ContainerService/fleets/configmaps/*\",\n \"Microsoft.ContainerService/fleets/endpoints/*\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/*\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/*\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/*\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/*\",\n \"Microsoft.ContainerService/fleets/services/*\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/*\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434fb43a-c01c-447e-9f67-c3ad923cfaba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434fb43a-c01c-447e-9f67-c3ad923cfaba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63bb64ad-9799-4770-b5c3-24ed299a07bf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63bb64ad-9799-4770-b5c3-24ed299a07bf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-23T18:34:36.152431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/30b27cfc-9c84-438e-b0ce-70e35255df80\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"30b27cfc-9c84-438e-b0ce-70e35255df80\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ab4d3d-a1bf-4477-8ad9-8359bc988f69\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ab4d3d-a1bf-4477-8ad9-8359bc988f69\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to read namespace resources and retrieve kubeconfig for the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/listUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"updatedOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba79058c-0414-4a34-9e42-c3399d80cd5a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba79058c-0414-4a34-9e42-c3399d80cd5a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Labeling - Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can label data in Labeling.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/experiments/runs/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/summary/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-02T20:34:03.6536098Z\",\n \"updatedOn\": \"2022-09-08T21:01:04.9492408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6decf44-fd0a-444c-a844-d653c394e7ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6decf44-fd0a-444c-a844-d653c394e7ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Role Based Access Control Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T00:28:32.1779656Z\",\n \"updatedOn\": \"2023-11-08T20:50:17.2103449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f58310d9-a9f6-439a-9e8d-f62e7b41a168\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f58310d9-a9f6-439a-9e8d-f62e7b41a168\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Template Spec operations at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c9b6475-caf0-4164-b5a1-2142a7116f4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c9b6475-caf0-4164-b5a1-2142a7116f4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Template Specs at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/392ae280-861d-42bd-9ea5-08ee6d83b80e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"392ae280-861d-42bd-9ea5-08ee6d83b80e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Playbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Playbook Operator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Logic/workflows/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-20T17:17:53.1732035Z\",\n \"updatedOn\": \"2022-12-07T18:28:46.3977543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/51d6186e-6489-4900-b93f-92e23144cca5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"51d6186e-6489-4900-b93f-92e23144cca5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/userRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/userOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-21T23:02:10.9267534Z\",\n \"updatedOn\": \"2023-11-11T02:44:04.8360299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e40d4e-8d2e-438d-97e1-9528336e149c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e40d4e-8d2e-438d-97e1-9528336e149c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Connect Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Connect Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"updatedOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80558df3-64f9-4c0f-b32d-e5094b036b0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80558df3-64f9-4c0f-b32d-e5094b036b0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Remote Debugging Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Remote Debugging Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"updatedOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a99b0159-1064-4c22-a57b-c9b3caa1c054\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a99b0159-1064-4c22-a57b-c9b3caa1c054\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Registry User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/registries/assets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1823dd4f-9b8c-4ab6-ab4e-7397a3684615\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Compute Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/computes/*\",\n \"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/write\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/virtualNetworks/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/join/action\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aabbc5dd-1af0-458b-a942-81af88f9c138\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aabbc5dd-1af0-458b-a942-81af88f9c138\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/Operations/read\",\n \"Microsoft.Workloads/Locations/OperationStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2024-01-12T10:58:11.4343824Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05352d14-a920-4328-a0de-4cbe7430e26b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05352d14-a920-4328-a0de-4cbe7430e26b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read and write access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/write\",\n \"Microsoft.Workloads/sapVirtualInstances/*/delete\",\n \"Microsoft.Workloads/Locations/*/action\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/start/action\",\n \"Microsoft.Workloads/sapVirtualInstances/*/stop/action\",\n \"Microsoft.Workloads/connectors/*/read\",\n \"Microsoft.Workloads/connectors/*/write\",\n \"Microsoft.Workloads/connectors/*/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/*/generateKeyPair/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-04T17:14:14.5212968Z\",\n \"updatedOn\": \"2023-06-21T15:30:31.2294248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"AppGw for Containers Configuration Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access and configuration updates to Application Gateway for Containers resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/delete\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-06T03:15:51.8980834Z\",\n \"updatedOn\": \"2024-10-29T15:24:36.1024666Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbc52c3f-28ad-4303-a892-8a056630b8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbc52c3f-28ad-4303-a892-8a056630b8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR SMART User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user to access FHIR Service according to SMART on FHIR specification\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T17:20:25.4418773Z\",\n \"updatedOn\": \"2022-12-07T20:30:43.3899302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ba50f17-9666-485c-a643-ff00808643f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ba50f17-9666-485c-a643-ff00808643f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access including the ability to fine-tune, deploy and generate text\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/read\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/write\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/delete\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/read\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/write\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/delete\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2023-08-25T21:51:58.6134163Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a001fd3d-188f-4b5d-821b-7da978bf7442\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Ability to view files, models, deployments. Readers can't make any changes They can inference and create images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*/read\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/delete\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/assistants/*\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/responses/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read\"\n ]\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2025-04-28T15:13:50.0338628Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact Reporter role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact write access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*\",\n \"Microsoft.Impact/ImpactCategories/read\",\n \"Microsoft.Impact/TopologyImpacts/*\",\n \"Microsoft.Impact/getUploadToken/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:34:10.0140145Z\",\n \"updatedOn\": \"2025-09-26T15:39:14.9829777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Impact Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to reported impacts and impact categories\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/read\",\n \"Microsoft.Impact/ImpactCategories/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:49:23.8706555Z\",\n \"updatedOn\": \"2022-11-14T16:02:29.4536312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Monitoring User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster monitoring user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-02-06T16:01:22.3399796Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1afdec4b-e479-420e-99e7-f82237c7c5e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1afdec4b-e479-420e-99e7-f82237c7c5e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"ContainerApp Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all containerapp resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-01-02T16:08:35.1119461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EdgeMarketplace/locations/operationStatuses/read\",\n \"Microsoft.EdgeMarketPlace/offers/getAccessToken/action\",\n \"Microsoft.EdgeMarketPlace/offers/generateAccessToken/action\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Attestation/attestationProviders/write\",\n \"Microsoft.Attestation/attestationProviders/read\",\n \"Microsoft.Attestation/attestationProviders/delete\",\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-15T16:12:10.4398106Z\",\n \"updatedOn\": \"2024-08-26T15:01:40.009798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5819b54-e033-4d82-ac66-4fec3cbf3f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5819b54-e033-4d82-ac66-4fec3cbf3f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlDb Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlDb migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/write\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/write\",\n \"Microsoft.Sql/servers/databases/delete\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-12-07T23:03:17.2201214Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6344876Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/189207d4-bb67-4208-a635-b06afe8b2c57\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"189207d4-bb67-4208-a635-b06afe8b2c57\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services GDU Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to GDU Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.7508137Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c4bc862a-3b64-4a35-a021-a380c159b042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c4bc862a-3b64-4a35-a021-a380c159b042\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Imagery Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.2220222Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef29765d-0d37-4119-a4f8-f9f9902c9588\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef29765d-0d37-4119-a4f8-f9f9902c9588\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Service role for management\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions that the user assigned managed identity must have to enable registration for the existing systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0105a6b0-4bb9-43d2-982a-12806f9faddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0105a6b0-4bb9-43d2-982a-12806f9faddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Management role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions which allow users to register existing systems, view and manage systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d949e1d-41e2-46e3-8920-c6e4f31a8310\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d949e1d-41e2-46e3-8920-c6e4f31a8310\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes API Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Security/pricings/securityoperators/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T13:11:09.1105477Z\",\n \"updatedOn\": \"2025-09-12T08:03:06.9409916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a2ae44-610b-4500-93be-660a0c5f5ca6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a2ae44-610b-4500-93be-660a0c5f5ca6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Usage Billing Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Usage Billing shared BuiltIn role to be used for all Customer Account Authentication\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.UsageBilling/accounts/inputs/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T20:45:56.3071212Z\",\n \"updatedOn\": \"2023-01-26T19:26:37.6422441Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Registry secure supply chain operator service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\",\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-19T15:58:15.6513344Z\",\n \"updatedOn\": \"2024-06-12T15:19:54.7471937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96062cf7-95ca-4f89-9b9d-2a2aa47356af\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlMI Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlMI migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/write\",\n \"Microsoft.Sql/managedInstances/databases/read\",\n \"Microsoft.Sql/managedInstances/databases/write\",\n \"Microsoft.Sql/managedInstances/databases/delete\",\n \"Microsoft.Sql/managedInstances/metrics/read\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.2824316Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3295951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d335eef-eee1-47fe-a9e0-53214eba8872\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d335eef-eee1-47fe-a9e0-53214eba8872\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services CWUM Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to CWUM Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3570667Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9b99099-ead7-47db-8fcf-072597a61dfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9b99099-ead7-47db-8fcf-072597a61dfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlVM Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlVM migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3580681Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6444899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae8036db-e102-405b-a1b9-bae082ea436d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae8036db-e102-405b-a1b9-bae082ea436d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Cdn/profiles/customdomains/write\",\n \"Microsoft.Cdn/profiles/customdomains/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.0560669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab34830-df19-4f8c-b84e-aa85b8afa6e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7541192Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0db238c4-885e-4c4f-a933-aa2cef684fca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Cdn/profiles/secrets/write\",\n \"Microsoft.Cdn/profiles/secrets/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f2eb865-5811-4578-b90a-6fc6fa0df8e5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door domains, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7551197Z\",\n \"updatedOn\": \"2023-12-07T09:22:52.9393362Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f99d363-226e-4dca-9920-b807cf8e1a5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/register/action\",\n \"Microsoft.AzureStackHCI/Unregister/Action\",\n \"Microsoft.AzureStackHCI/clusters/*\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action\",\n \"Microsoft.HybridCompute/register/action\",\n \"Microsoft.GuestConfiguration/register/action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.AzureStackHCI/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068}))\"\n }\n ],\n \"createdOn\": \"2023-02-03T05:08:48.3968454Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bda0d508-adf1-4af0-9c28-88919fc3ae06\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bda0d508-adf1-4af0-9c28-88919fc3ae06\"\n },\n {\n \"properties\": {\n \"roleName\": \"MySQL Backup And Export Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage backup and export resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforMySQL/flexibleServers/validateBackup/action\",\n \"Microsoft.DBforMySQL/flexibleServers/backupAndExport/action\",\n \"Microsoft.DBforMySQL/locations/operationResults/read\",\n \"Microsoft.DBforMySQL/locations/azureAsyncOperation/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T06:09:26.5657063Z\",\n \"updatedOn\": \"2023-05-12T10:55:29.6654289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18ad5f3-1baf-4119-b49b-d944edb1f9d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18ad5f3-1baf-4119-b49b-d944edb1f9d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalNGFirewallAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to create, modify, describe, or delete NGFirewalls.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/firewalls/*\",\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/globalRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/networkVirtualAppliances/read\",\n \"Microsoft.Network/networkVirtualAppliances/write\",\n \"Microsoft.Network/networkVirtualAppliances/delete\",\n \"Microsoft.Network/virtualHubs/read\",\n \"Microsoft.Network/virtualWans/read\",\n \"Microsoft.Network/virtualWans/virtualHubs/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4098652Z\",\n \"updatedOn\": \"2023-03-13T15:13:22.9170402Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalRulestacksAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create, modify, describe, or delete Rulestacks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4108678Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3315958Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfc3b73d-c6ff-45eb-9a5f-40298295bf20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfc3b73d-c6ff-45eb-9a5f-40298295bf20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Extension for SQL Server Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to enable deployment of Azure Extension for SQL Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.HybridCompute/machines/extensions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-09T19:23:30.8734404Z\",\n \"updatedOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7392c568-9289-4bde-aaaa-b7131215889d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7392c568-9289-4bde-aaaa-b7131215889d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Read and Batch Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can be used to assign read and batch actions on Azure Maps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/*/read\",\n \"Microsoft.Maps/accounts/services/batch/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"updatedOn\": \"2023-05-16T15:12:18.5723729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6470a16-71bd-43ab-86b3-6f3a73f4e787\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6470a16-71bd-43ab-86b3-6f3a73f4e787\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/users/read\",\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/groups/read\",\n \"Microsoft.ApiManagement/service/groups/users/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/apis/*\",\n \"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*\",\n \"Microsoft.ApiManagement/service/workspaces/policies/*\",\n \"Microsoft.ApiManagement/service/workspaces/schemas/*\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/policyFragments/*\",\n \"Microsoft.ApiManagement/service/workspaces/namedValues/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/backends/*\",\n \"Microsoft.ApiManagement/service/workspaces/certificates/*\",\n \"Microsoft.ApiManagement/service/workspaces/diagnostics/*\",\n \"Microsoft.ApiManagement/service/workspaces/loggers/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56328988-075d-4c6a-8766-d93edd6725b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/subscriptions/*\",\n \"Microsoft.ApiManagement/service/workspaces/groups/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/notifications/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c2c328-d004-4c5e-938c-35c6f5679a1f\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9565a273-41b9-4368-97d2-aeb0c976a9b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:33:57.1067324Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8eda974-7b85-4f76-af95-65846b26df6d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8eda974-7b85-4f76-af95-65846b26df6d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:49:03.5905581Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69566ab7-960f-475b-8e7c-b3118f30c6bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to read virtual networks and join the designated virtual networks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7eabc9a4-85f7-4f71-b8ab-75daaccc1033\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7eabc9a4-85f7-4f71-b8ab-75daaccc1033\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows365SubscriptionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d55a8f6-4133-418d-8051-facdb1735758\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d55a8f6-4133-418d-8051-facdb1735758\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network Interface Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action\",\n \"Microsoft.Network/networkInterfaces/effectiveRouteTable/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1f135831-5bbe-4924-9016-264044c00788\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1f135831-5bbe-4924-9016-264044c00788\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1250456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppComplianceAutomation/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/fileservices/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.PolicyInsights/policyStates/queryResults/action\",\n \"Microsoft.PolicyInsights/policyStates/triggerEvaluation/action\",\n \"Microsoft.Resources/resources/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/tags/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Security/automations/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Security/automations/delete\",\n \"Microsoft.Security/automations/write\",\n \"Microsoft.Security/register/action\",\n \"Microsoft.Security/unregister/action\",\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1240456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f37683f-2463-46b6-9ce7-9b788b988ba2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f37683f-2463-46b6-9ce7-9b788b988ba2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-01T15:11:52.6370946Z\",\n \"updatedOn\": \"2023-05-05T22:39:42.6328063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9dfcab-4b77-4632-a6df-94bd07820648\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9dfcab-4b77-4632-a6df-94bd07820648\"\n },\n {\n \"properties\": {\n \"roleName\": \"SaaS Hub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"SaaS Hub contributor can manage SaaS Hub resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-02T15:22:12.2506952Z\",\n \"updatedOn\": \"2023-05-11T22:10:29.48093Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeployments/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.1951056Z\",\n \"updatedOn\": \"2023-05-11T22:10:28.3488114Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read and download Azure Sphere resources and upload images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.AzureSphere/catalogs/images/write\",\n \"Microsoft.AzureSphere/catalogs/uploadImage/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.8007514Z\",\n \"updatedOn\": \"2024-01-26T23:01:00.4162781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d994134-994b-4a59-9974-f479f0b227fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d994134-994b-4a59-9974-f479f0b227fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Machine Learning Workspace Connection Secrets Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can list workspace connection secrets\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/secrets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2023-10-13T16:37:23.7956902Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea01e6af-a1c1-4350-9563-ad00f8c72ec5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea01e6af-a1c1-4350-9563-ad00f8c72ec5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Procurement Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the procurement of products and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\",\n \"Microsoft.SaaSHub/register/action\",\n \"Microsoft.SaaS/resources/read\",\n \"Microsoft.SaaS/resources/write\",\n \"Microsoft.SaaS/resources/delete\",\n \"Microsoft.SaaS/register/action\",\n \"Microsoft.ProfessionalService/resources/read\",\n \"Microsoft.ProfessionalService/resources/write\",\n \"Microsoft.ProfessionalService/resources/delete\",\n \"Microsoft.ProfessionalService/register/action\",\n \"Microsoft.BillingBenefits/register/action\",\n \"Microsoft.BillingBenefits/maccs/read\",\n \"Microsoft.BillingBenefits/maccs/write\",\n \"Microsoft.BillingBenefits/maccs/delete\",\n \"Microsoft.BillingBenefits/maccs/cancel/action\",\n \"Microsoft.BillingBenefits/maccs/chargeShortfall/action\",\n \"Microsoft.BillingBenefits/maccs/contributors/read\",\n \"Microsoft.BillingBenefits/credits/read\",\n \"Microsoft.BillingBenefits/credits/write\",\n \"Microsoft.BillingBenefits/credits/cancel/action\",\n \"Microsoft.BillingBenefits/credits/sources/read\",\n \"Microsoft.BillingBenefits/credits/sources/write\",\n \"Microsoft.BillingBenefits/credits/sources/delete\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/read\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/write\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/delete\",\n \"Microsoft.EnterpriseSupport/register/action\",\n \"Microsoft.SoftwarePlan/register/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/read\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/write\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/delete\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/cancel/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/listKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2025-06-17T15:17:30.9745788Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be1a1ac2-09d3-4261-9e57-a73a6e227f53\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be1a1ac2-09d3-4261-9e57-a73a6e227f53\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Contributor (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/*\",\n \"Microsoft.CognitiveSearch/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:21.2869168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Reader (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/read\",\n \"Microsoft.CognitiveSearch/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:20.8732351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79b01272-bf9f-4f4c-9517-5506269cf524\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79b01272-bf9f-4f4c-9517-5506269cf524\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/communities/delete\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/communityEndpoints/delete\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/communities/transitHubs/delete\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-25T20:51:16.2041501Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e28a61e-8040-49db-b175-bb5b88af6239\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e28a61e-8040-49db-b175-bb5b88af6239\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrative user that can upload/view firmwares & configure firmware workspaces\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-12T15:03:22.1277659Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4423915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9c1607d1-791d-4c68-885d-c7b7aaff7c8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9c1607d1-791d-4c68-885d-c7b7aaff7c8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Data Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure Key Vault by adding or removing role assignments for the Key Vault Administrator, Key Vault Certificates Officer, Key Vault Crypto Officer, Key Vault Crypto Service Encryption User, Key Vault Crypto User, Key Vault Reader, Key Vault Secrets Officer, or Key Vault Secrets User roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/vaults/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6}))\"\n }\n ],\n \"createdOn\": \"2023-06-20T22:26:01.661921Z\",\n \"updatedOn\": \"2023-12-07T01:33:05.5970688Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b54135c-b56d-4d72-a534-26097cfdc8d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b54135c-b56d-4d72-a534-26097cfdc8d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and update index tags. This role is used by the data scanner of Defender for Storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-21T15:30:31.2244258Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Diagnostics Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to execute diagnostics provided by Compute Diagnostic Service for Compute Resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/virtualmachinescalesets/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-03T15:01:36.9754614Z\",\n \"updatedOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df2711a6-406d-41cf-b366-b0250bff9ad1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df2711a6-406d-41cf-b366-b0250bff9ad1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Network Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to create Private Endpoints on SAN resources, and to read SAN resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/write\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/delete\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-11T15:16:02.2537915Z\",\n \"updatedOn\": \"2023-07-24T15:07:43.2245803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa6cecf6-5db3-4c43-8470-c540bcb4eafa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa6cecf6-5db3-4c43-8470-c540bcb4eafa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Usages Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Minimal permission to view Cognitive Services usages.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/locations/usages/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"updatedOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bba48692-92b0-4667-a9ad-c31c7b334ac2\"\n },\n {\n \"properties\": {\n \"roleName\": \"PostgreSQL Flexible Server Long Term Retention Backup Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role to allow backup vault to access PostgreSQL Flexible Server Resource APIs for Long Term Retention Backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrBackupOperations/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrPreBackup/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/startLtrBackup/action\",\n \"Microsoft.DBforPostgreSQL/locations/azureAsyncOperation/read\",\n \"Microsoft.DBforPostgreSQL/locations/operationResults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-19T15:33:56.5176195Z\",\n \"updatedOn\": \"2023-08-02T22:48:06.4502162Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c088a766-074b-43ba-90d4-1fb21feae531\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c088a766-074b-43ba-90d4-1fb21feae531\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Parameter Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal access to $status and $reindex to update search parameters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/searchparameter/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"updatedOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a02f7c31-354d-4106-865a-deedf37fa038\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a02f7c31-354d-4106-865a-deedf37fa038\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Data Access Administrator (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Virtual Machines by adding or removing role assignments for the Virtual Machine Administrator Login and Virtual Machine User Login roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52}))\"\n }\n ],\n \"createdOn\": \"2023-08-07T15:25:15.1179899Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Developer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/sites/config/list/Action\",\n \"microsoft.web/sites/config/Write\",\n \"microsoft.web/sites/config/web/appsettings/delete\",\n \"microsoft.web/sites/config/web/appsettings/write\",\n \"microsoft.web/sites/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"microsoft.web/sites/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/publish/Action\",\n \"microsoft.web/sites/slots/config/appsettings/write\",\n \"Microsoft.Web/sites/slots/config/list/Action\",\n \"microsoft.web/sites/slots/config/web/appsettings/delete\",\n \"microsoft.web/sites/slots/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/slots/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/slots/publish/Action\",\n \"microsoft.web/sites/workflows/*\",\n \"microsoft.web/sites/workflowsconfiguration/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:10.0284774Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"523776ba-4eb2-4600-a3c8-f2dc93da4bdb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.2307952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad710c24-b039-4e85-a019-deb4a06e8570\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Operator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/sites/applySlotConfig/Action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"Microsoft.Web/sites/restart/Action\",\n \"Microsoft.Web/sites/slots/restart/Action\",\n \"Microsoft.Web/sites/slots/slotsswap/Action\",\n \"Microsoft.Web/sites/slots/start/Action\",\n \"Microsoft.Web/sites/slots/stop/Action\",\n \"Microsoft.Web/sites/slotsdiffs/Action\",\n \"Microsoft.Web/sites/slotsswap/Action\",\n \"Microsoft.Web/sites/start/Action\",\n \"Microsoft.Web/sites/stop/Action\",\n \"Microsoft.Web/sites/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.616246Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.0327572Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b70c96e9-66fe-4c09-b6e7-c98e69c98555\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:52.9359215Z\",\n \"updatedOn\": \"2024-04-03T21:08:11.472321Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4accf36b-2c05-432f-91c8-5c532dff4c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"IPAM Pool User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read IPAM Pools and child resources. Create and remove associations. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkManagers/ipamPools/*/read\",\n \"Microsoft.Network/networkManagers/ipamPools/*/action\",\n \"Microsoft.Network/networkManagers/ipamPools/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"updatedOn\": \"2024-10-14T15:14:50.4699933Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\"\n },\n {\n \"properties\": {\n \"roleName\": \"SpatialMapsAccounts Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage data in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/spatialMapsAccounts/read\",\n \"Microsoft.MixedReality/spatialMapsAccounts/delete\",\n \"Microsoft.MixedReality/spatialMapsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-24T22:24:26.823752Z\",\n \"updatedOn\": \"2023-08-24T22:24:26.823752Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Notifications System Topics Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create system topics and event subscriptions on all system topics exposed currently and in the future by Azure Resource Notifications\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToImpactReportingResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToAksResources/action\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/systemTopics/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-31T17:58:41.4180876Z\",\n \"updatedOn\": \"2025-10-01T20:11:41.338522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b962ed2-6d56-471c-bd5f-3477d83a7ba4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b962ed2-6d56-471c-bd5f-3477d83a7ba4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for Importing Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preRestore/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/90e8b822-3e73-47b5-868a-787dc80c008f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"90e8b822-3e73-47b5-868a-787dc80c008f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Snapshot Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating and exporting Snapshot of Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preBackup/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c4770c0-34f7-4110-a1ea-a5855cc7a939\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c4770c0-34f7-4110-a1ea-a5855cc7a939\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-14T21:20:02.9426432Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49435da6-99fe-48a5-a235-fc668b9dc04a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49435da6-99fe-48a5-a235-fc668b9dc04a\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you subscribe messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/subscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b0f2fd7-60b4-4eca-896f-4435034f8bf5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b0f2fd7-60b4-4eca-896f-4435034f8bf5\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you publish messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/publish/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a12b0b94-b317-4dcd-84a8-502ce99884c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a12b0b94-b317-4dcd-84a8-502ce99884c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Boundary Tenant Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows tenant level administration for data boundaries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/dataBoundaries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"updatedOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1a38570-4b05-4d70-b8e4-1100bcf76d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1a38570-4b05-4d70-b8e4-1100bcf76d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Realtime Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute requests against DeID realtime endpoint. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Realtime/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"updatedOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\"\n ]\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b73a14ee-91f5-41b7-bd81-920e12466be9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b73a14ee-91f5-41b7-bd81-920e12466be9\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a90fa6b-6997-4a07-8a95-30633a7c97b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a90fa6b-6997-4a07-8a95-30633a7c97b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Carbon Optimization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Carbon Optimization data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Carbon/carbonEmissionReports/action\",\n \"Microsoft.Carbon/carbonEmissionReports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-29T19:24:38.5828579Z\",\n \"updatedOn\": \"2025-02-17T16:06:32.7430565Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa0d39e6-28e5-40cf-8521-1eb320653a4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa0d39e6-28e5-40cf-8521-1eb320653a4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Owner allowing to review and modify Landing Zone Configurations as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/*\",\n \"Microsoft.Sovereign/landingZoneRegistrations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"updatedOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/38863829-c2a4-4f8d-b1d2-2e325973ebc7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"38863829-c2a4-4f8d-b1d2-2e325973ebc7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Reader allowing to review Landing Zone Configurations and corresponding Registrations without the ability to modify. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/read\",\n \"Microsoft.Sovereign/landingZoneRegistrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"updatedOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8fe6e843-6d9e-417b-9073-106b048f50bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8fe6e843-6d9e-417b-9073-106b048f50bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Device Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Management Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/Clusters/*\",\n \"Microsoft.AzureStackHCI/EdgeDevices/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*/read\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-10T15:19:13.4820522Z\",\n \"updatedOn\": \"2025-02-11T16:14:17.6124295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"865ae368-6a45-4bd1-8fbf-0d5151f56fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Customer Lockbox Approver for Subscription\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve Microsoft support requests to access specific resources contained within a subscription, or the subscription itself, when Customer Lockbox for Microsoft Azure is enabled on the tenant where the subscription resides.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.CustomerLockbox/requests/UpdateApproval/action\",\n \"Microsoft.CustomerLockbox/requests/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/eventtypes/values/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-12T18:01:15.239432Z\",\n \"updatedOn\": \"2024-08-08T19:08:54.2825991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dae6930-7baf-46f5-909e-0383bc931c46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dae6930-7baf-46f5-909e-0383bc931c46\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Bridge Deployment Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Resource Bridge Deployment Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-16T15:13:24.2748766Z\",\n \"updatedOn\": \"2024-02-26T16:08:40.5270416Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b1f81f9-4196-4058-8aae-762e593270df\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b1f81f9-4196-4058-8aae-762e593270df\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view VMs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/Read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/Read\",\n \"Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/Read\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-19T22:56:37.6955839Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b3fe76c-f777-4d24-a2d7-b027b0f7b273\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b3fe76c-f777-4d24-a2d7-b027b0f7b273\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure AI resource besides managing the resource itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\",\n \"Microsoft.MachineLearningServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/reasonings/read\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/results/images/read\"\n ],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/ContentSafety/*\",\n \"Microsoft.CognitiveServices/accounts/MaaS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:06:45.817201Z\",\n \"updatedOn\": \"2025-04-17T17:55:39.8922431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"64702f94-c441-49e6-a78b-ef80e0188fee\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to perform all VM actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/*\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/*\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/*\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/*\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/join/action\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/join/action\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/deploy/action\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:51:51.8242229Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/874d1c73-6003-4e60-a13a-cb31ea190a85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"874d1c73-6003-4e60-a13a-cb31ea190a85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"updatedOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb960402-bf75-4cc3-8d68-35b34f960f72\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb960402-bf75-4cc3-8d68-35b34f960f72\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send and receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\",\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d8c3fe3-8864-474b-8749-01e3783e8157\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d8c3fe3-8864-474b-8749-01e3783e8157\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and triage recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageRecommendations/approve/action\",\n \"Microsoft.Advisor/triageRecommendations/reject/action\",\n \"Microsoft.Advisor/triageRecommendations/reset/action\",\n \"Microsoft.Advisor/triageResources/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:31.5895356Z\",\n \"updatedOn\": \"2025-04-02T19:27:15.4734544Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8aac15f0-d885-4138-8afa-bfb5872f7d13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8aac15f0-d885-4138-8afa-bfb5872f7d13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageResources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:32.6518882Z\",\n \"updatedOn\": \"2025-04-02T19:42:31.0079991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c64499e0-74c3-47ad-921c-13865957895c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c64499e0-74c3-47ad-921c-13865957895c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Inference Deployment Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions required to create a resource deployment within a resource group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/AutoscaleSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T18:08:40.1583451Z\",\n \"updatedOn\": \"2024-03-15T17:43:35.7204254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3afb7f49-54cb-416e-8c09-6dc049efa503\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connected Cluster Managed Identity CheckAccess Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built-in role that allows a Connected Cluster managed identity to call the checkAccess API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T19:09:07.911497Z\",\n \"updatedOn\": \"2023-11-07T16:18:43.5381941Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/65a14201-8f6c-4c28-bec4-12619c5a9aaa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"65a14201-8f6c-4c28-bec4-12619c5a9aaa\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Dataset Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dataset APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"updatedOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d4b70f-0fb9-4f72-b267-b87b2f990aec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d4b70f-0fb9-4f72-b267-b87b2f990aec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender for Storage's malware scanning and sensitive data discovery features on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/defenderforstoragesettings/read\",\n \"Microsoft.Security/defenderforstoragesettings/write\",\n \"Microsoft.Security/advancedThreatProtectionSettings/read\",\n \"Microsoft.Security/advancedThreatProtectionSettings/write\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7}))\"\n }\n ],\n \"createdOn\": \"2023-11-10T10:31:03.38275Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f641de8-0b88-4198-bdef-bd8b45ceba96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f641de8-0b88-4198-bdef-bd8b45ceba96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view AFD standard and premium profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/Usages/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/Usages/action\",\n \"Microsoft.Cdn/profiles/origingroups/Usages/action\",\n \"Microsoft.Cdn/profiles/rulesets/Usages/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-15T16:30:04.3609762Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"662802e2-50f6-46b0-aed2-e834bacc6d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-28T16:02:03.528699Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86fede04-b259-4277-8c3e-e26b9865abd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86fede04-b259-4277-8c3e-e26b9865abd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc3f91a1-40bf-4439-8c46-45edbd83563a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc3f91a1-40bf-4439-8c46-45edbd83563a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5092dac-c796-4349-8681-1a322a31c3f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5092dac-c796-4349-8681-1a322a31c3f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e7037d40-443a-4434-a3fb-8cd202011e1d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e7037d40-443a-4434-a3fb-8cd202011e1d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/enclaveConnections/delete\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/delete\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-05T16:13:20.7602458Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-07T23:59:26.5917667Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19feefae-eacc-4106-81fd-ac34c0671f14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19feefae-eacc-4106-81fd-ac34c0671f14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-08T19:37:02.3189417Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3911351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Encryption Scope Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of Encryption Scopes on a Storage Account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/encryptionScopes/read\",\n \"Microsoft.Storage/storageAccounts/encryptionScopes/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-01-10T18:58:49.3538976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a316ed6d-1efe-48ac-ac08-f7995a9c26fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a316ed6d-1efe-48ac-ac08-f7995a9c26fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Key Vault Writer Service Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/vaults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/setSecret/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-08-14T19:11:47.7610812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44f0a1a8-6fea-4b35-980a-8ff50c487c97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44f0a1a8-6fea-4b35-980a-8ff50c487c97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Release User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/release/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"updatedOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08bbd89e-9f13-488c-ac41-acfcb10c90ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08bbd89e-9f13-488c-ac41-acfcb10c90ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Runtime Storage Class Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Kubernetes Runtime storage classes in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/storageClasses/read\",\n \"Microsoft.KubernetesRuntime/storageClasses/write\",\n \"Microsoft.KubernetesRuntime/storageClasses/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-15T06:02:00.5747685Z\",\n \"updatedOn\": \"2024-08-19T15:08:52.7461468Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0cd9749a-3aaf-4ae5-8803-bd217705bf3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0cd9749a-3aaf-4ae5-8803-bd217705bf3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"updatedOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/609c0c20-e0a0-4a71-b99f-e7e755ac493d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"609c0c20-e0a0-4a71-b99f-e7e755ac493d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificate User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificates/read\",\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\",\n \"Microsoft.KeyVault/vaults/keys/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"updatedOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Managed Components Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for all managed components in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/managedComponents/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/52fd16bd-6ed5-46af-9c40-29cbd7952a29\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"52fd16bd-6ed5-46af-9c40-29cbd7952a29\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6593e776-2a30-40f9-8a32-4fe28b77655d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6593e776-2a30-40f9-8a32-4fe28b77655d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Gateway Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Gateway in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/gateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"updatedOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge On-Site Deployment Engineer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an on-site person to assist in the provisioning of an edge device\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/orderItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T11:05:20.8919638Z\",\n \"updatedOn\": \"2024-08-30T13:53:39.2810677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/207bcc4b-86a6-4487-9141-d6c1f4c238aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"207bcc4b-86a6-4487-9141-d6c1f4c238aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane read operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.ApiCenter/services/workspaces/search/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T20:37:59.9775707Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7244dfb-f447-457d-b2ba-3999044d1706\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact-insight reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact-insight read access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"updatedOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfb2f09d-25f8-4558-8986-497084006d7a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfb2f09d-25f8-4558-8986-497084006d7a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud permissions to provision the Kubernetes defender security agent\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-29T16:00:38.0450387Z\",\n \"updatedOn\": \"2024-04-08T15:07:46.3009159Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cloud Controller Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and update the cloud controller manager deployed on top of OpenShift.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/privatelinkservices/write\",\n \"Microsoft.Network/privatelinkservices/read\",\n \"Microsoft.Network/privatelinkservices/delete\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.7996135Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.5578538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1f96423-95ce-4224-ab27-4e3dc72facd4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1f96423-95ce-4224-ab27-4e3dc72facd4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Disk Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Disks. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-03-28T17:59:48.0577945Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b7237c5-45e1-49d6-bc18-a1f62f400748\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b7237c5-45e1-49d6-bc18-a1f62f400748\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Network Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install and upgrade the networking components on an OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Compute/virtualMachines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be7a6435-15ae-4171-8f30-4a343eff9e8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be7a6435-15ae-4171-8f30-4a343eff9e8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Image Registry Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Resources/tags/write\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift File Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Files. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/privateDnsOperationStatuses/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateEndpoints/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0d7aedc0-15fd-4a67-a412-efad370c947e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0d7aedc0-15fd-4a67-a412-efad370c947e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Service Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Maintain machine health, network configuration, monitoring, and other features that are specific to an OpenShift cluster's continued functionality as a managed service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-06-03T15:14:11.4486606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4436bae4-7702-4c84-919b-c4069ff25ee2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4436bae4-7702-4c84-919b-c4069ff25ee2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Machine API Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage the lifecycle of specific-purpose custom resource definitions (CRD), controllers, and Azure RBAC objects that extend the Kubernetes API to declares the desired state of machines in a cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/capacityReservationGroups/deploy/action\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action\",\n \"Microsoft.Network/applicationSecurityGroups/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNATRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-03-20T13:43:14.3948725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0358943c-7e01-48ba-8889-02cc51d78637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0358943c-7e01-48ba-8889-02cc51d78637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cluster Ingress Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and configure the OpenShift router.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsZones/A/delete\",\n \"Microsoft.Network/dnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/A/delete\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-02-14T18:54:20.1640655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0336e1d3-7a87-462b-b6db-342b63f7802c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0336e1d3-7a87-462b-b6db-342b63f7802c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources and RBAC configuration, includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n }\n ],\n \"createdOn\": \"2024-02-01T23:40:30.7387663Z\",\n \"updatedOn\": \"2024-03-12T15:09:00.907512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a382001-fe36-41ff-bba4-8bf06bd54da9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a382001-fe36-41ff-bba4-8bf06bd54da9\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/WRITE\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/*/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/*/WRITE\",\n \"Microsoft.Quota/GROUPQUOTAS/*/DELETE\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:36.8464681Z\",\n \"updatedOn\": \"2025-02-04T16:18:52.2174712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e2217c0e-04bb-4724-9580-91cf9871bc01\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e2217c0e-04bb-4724-9580-91cf9871bc01\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/subscriptions/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"updatedOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0f495dc-44ef-4140-aeb0-b89110e6a7c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0f495dc-44ef-4140-aeb0-b89110e6a7c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Smart Boundary Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Smart Boundary Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-16T08:39:51.0915233Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.223022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/539283cd-c185-4a9a-9503-d35217a1db7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"539283cd-c185-4a9a-9503-d35217a1db7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender CSPM's sensitive data discovery feature on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n }\n ],\n \"createdOn\": \"2024-02-23T11:40:48.9476806Z\",\n \"updatedOn\": \"2025-09-24T15:22:44.3542995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8480c0f0-4509-4229-9339-7c10018cb8c4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8480c0f0-4509-4229-9339-7c10018cb8c4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Recommendations Contributor (Assessments and Reviews)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View assessment recommendations, accepted review recommendations, and manage the recommendations lifecycle (mark recommendations as completed, postponed or dismissed, in progress, or not started).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Advisor/recommendations/write\",\n \"Microsoft.Advisor/recommendations/available/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-26T16:08:40.5151834Z\",\n \"updatedOn\": \"2024-03-13T23:14:21.178011Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b534d80-e337-47c4-864f-140f5c7f593d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b534d80-e337-47c4-864f-140f5c7f593d\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage GeoCatalogs, but does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9c97b9c-105d-4bb5-a2a7-7d15666c2484\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9c97b9c-105d-4bb5-a2a7-7d15666c2484\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View GeoCatalogs, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7b8f583-43d0-40ae-b147-6b46f53661c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7b8f583-43d0-40ae-b147-6b46f53661c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7661499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af854a69-80ce-4ff7-8447-f1118a2e0ca8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/RestoreBuiltinTemplate/Read\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/Read\",\n \"Microsoft.HealthBot/healthBots/Localization/Read\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/Read\",\n \"Microsoft.HealthBot/healthBots/DataConnections/Read\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/Read\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*/Read\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/Read\",\n \"Microsoft.HealthBot/healthBots/Resources/Files/Read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7381488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway Dataplane User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8503139Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c20923c5-b089-47a5-bf67-fd89569c4ad9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c20923c5-b089-47a5-bf67-fd89569c4ad9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\",\n \"Microsoft.HealthBot/healthBots/Admin/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8513161Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7431492Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1082fec-a70f-419f-9230-885d2550fb38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Network Connection Approver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve private endpoint connections to Azure AI common dependency resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/privateEndpointConnections/read\",\n \"Microsoft.ApiManagement/service/privateEndpointConnections/write\",\n \"Microsoft.ApiManagement/service/privateLinkResources/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/privateLinkResources/read\",\n \"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Cache/redisEnterprise/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write\",\n \"Microsoft.Cache/redisEnterprise/privateLinkResources/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action\",\n \"Microsoft.CognitiveServices/accounts/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write\",\n \"Microsoft.CognitiveServices/accounts/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforMySQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write\",\n \"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read\",\n \"Microsoft.DocumentDB/databaseAccounts/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/write\",\n \"Microsoft.KeyVault/vaults/privateLinkResources/read\",\n \"Microsoft.KeyVault/vaults/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/registries/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/write\",\n \"Microsoft.Storage/storageAccounts/privateLinkResources/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnections/read\",\n \"Microsoft.Sql/servers/privateEndpointConnections/write\",\n \"Microsoft.Sql/servers/privateLinkResources/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/write\",\n \"Microsoft.EventHub/namespaces/privateLinkResources/read\",\n \"Microsoft.EventHub/namespaces/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/write\",\n \"Microsoft.Search/searchServices/sharedPrivateLinkResources/read\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/write\",\n \"Microsoft.Insights/privatelinkscopes/privateLinkResources/read\",\n \"Microsoft.Insights/privatelinkscopes/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/write\",\n \"Microsoft.Network/privateLinkServices/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/write\",\n \"Microsoft.Network/applicationGateways/privateLinkResources/read\",\n \"Microsoft.Network/applicationGateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-29T22:43:58.7323849Z\",\n \"updatedOn\": \"2025-01-29T21:07:16.6125101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b556d68e-0be0-4f35-a333-ad7ee1ce17ea\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role required by a Managed Identity for Azure Container Storage operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Resources/subscriptions/providers/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-06T18:09:47.8933525Z\",\n \"updatedOn\": \"2024-03-21T21:58:56.1897725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and manage its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.6502598Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95dd08a6-00bd-4661-84bf-f6726f83a4d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95dd08a6-00bd-4661-84bf-f6726f83a4d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and grants access to its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.882353Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95de85bd-744d-4664-9dde-11430bc34793\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95de85bd-744d-4664-9dde-11430bc34793\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Locations/operationStatuses/write\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.AzureStackHCI/clusters/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:44.8716461Z\",\n \"updatedOn\": \"2025-09-25T18:20:47.1023449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d3f1697-4507-4d08-bb4a-477695db5f82\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d3f1697-4507-4d08-bb4a-477695db5f82\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/233ca253-b031-42ff-9fba-87ef12d6b55f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"233ca253-b031-42ff-9fba-87ef12d6b55f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/action\",\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f54b6d04-23c6-443e-b462-9c16ab7b4a52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f54b6d04-23c6-443e-b462-9c16ab7b4a52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Can create/delete ResourceGuard \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.DataProtection/*/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/subscriptions/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Savings plan Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase savings plans\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.BillingBenefits/savingsPlanOrders/write\",\n \"Microsoft.BIllingBenefits/register/action\",\n \"Microsoft.Support/supporttickets/write\",\n \"Microsoft.Billing/billingProperty/read\",\n \"Microsoft.CostManagement/benefitRecommendations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"updatedOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read\",\n \"Microsoft.Network/expressRouteCrossConnections/*/read\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionManager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*\",\n \"Microsoft.Network/expressRouteCrossConnections/*\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [\n \"Microsoft.Network/expressRouteCrossConnections/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/399c3b2b-64c2-4ff1-af34-571db925b068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"399c3b2b-64c2-4ff1-af34-571db925b068\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/write\",\n \"Microsoft.Security/pricings/securityoperators/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-20T15:36:16.6580488Z\",\n \"updatedOn\": \"2024-12-05T16:14:33.0969374Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e93ba01-8f92-4c7a-b12a-801e3df23824\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e93ba01-8f92-4c7a-b12a-801e3df23824\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*\",\n \"Microsoft.ApiCenter/deletedServices/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1026818Z\",\n \"updatedOn\": \"2025-06-27T17:59:17.7305662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd24193f-ef65-44e5-8a7e-6fa6e03f7713\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cba8790-29c5-48e5-bab1-c7541b01cb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Compliance Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing API compliance in Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ede9aaa3-4627-494e-be13-4aa7c256148d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Historical Weather Data Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Historical Weather Data Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:24.6069385Z\",\n \"updatedOn\": \"2024-08-08T17:08:36.118249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b192c1-773c-4543-bfb0-6c59254b74a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b192c1-773c-4543-bfb0-6c59254b74a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database VmCluster Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all VmCluster resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudExadataInfrastructures/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4654513Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9ce8739-6fa2-4123-a0a2-0ef41a67806f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9ce8739-6fa2-4123-a0a2-0ef41a67806f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Reader Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/resourceAnchors/read\",\n \"Oracle.Database/networkAnchors/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2025-08-21T18:37:52.3681201Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d623d097-b882-4e1e-a26f-ac60e31065a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d623d097-b882-4e1e-a26f-ac60e31065a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Owner Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-04T21:25:06.0488389Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4562aac9-b209-4bd7-a144-6d7f3bb516f4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4562aac9-b209-4bd7-a144-6d7f3bb516f4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle Subscriptions Manager Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle Subscriptions resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/write\",\n \"Oracle.Database/oracleSubscriptions/*/delete\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-05T15:59:48.0147406Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4caf51ec-f9f5-413f-8a94-b9f5fddba66b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4caf51ec-f9f5-413f-8a94-b9f5fddba66b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exadata Infrastructure Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Exadata Infrastructure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:26.7449799Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4cfdd23b-aece-4fd1-b614-ad3a06c53453\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4cfdd23b-aece-4fd1-b614-ad3a06c53453\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Catalog Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Catalog resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f27b7598-bc64-41f7-8a44-855ff16326c2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f27b7598-bc64-41f7-8a44-855ff16326c2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Config File Pattern Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read content of config file pattern for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.869223Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.869223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25211fc6-dc78-40b6-b205-e4ac934fd9fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25211fc6-dc78-40b6-b205-e4ac934fd9fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Hybrid Database Administrator - Read Only Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read only access to Azure hybrid database services resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/*/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/getTelemetry/action\",\n \"Microsoft.AzureArcData/sqlServerInstances/availabilityGroups/getDetailView/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"updatedOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d9c6a55-fc0e-4e21-ae6f-f7b095497342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d9c6a55-fc0e-4e21-ae6f-f7b095497342\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Business Applications Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List and update actions on a business applications system. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-04T08:02:29.5240808Z\",\n \"updatedOn\": \"2024-06-05T15:32:09.463486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure ContainerApps Session Executor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and execute sessions in a sessionPool\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/sessions/generatesessions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/interpreters/execute/action\",\n \"Microsoft.App/sessionPools/interpreters/read\",\n \"Microsoft.App/sessionPools/executions/*\",\n \"Microsoft.App/sessionPools/files/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-05T18:15:51.9984875Z\",\n \"updatedOn\": \"2024-11-01T09:37:25.3241262Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Edge Winfields federated subscription read access role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Edge Winfields role for read access on federated subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-11T23:06:49.0273732Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3701285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83ee7727-862c-4213-8ed8-2ce6c5d69a40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83ee7727-862c-4213-8ed8-2ce6c5d69a40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Federated Credential\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, update and delete federated credentials on user assigned managed identities in order to build a trust relationship between the managed identity, OpenID Connect (OIDC), and the service account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-12T00:30:33.7626424Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4504757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef318e2a-8334-4a05-9e4a-295a196c6a6e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef318e2a-8334-4a05-9e4a-295a196c6a6e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Crop Id Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Crop Id Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-19T09:07:57.429491Z\",\n \"updatedOn\": \"2024-05-15T15:18:59.4401968Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39138f76-04e6-41f0-ba6b-c411b59081a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39138f76-04e6-41f0-ba6b-c411b59081a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Events Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to scheduled event actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/scheduledevents/acknowledge/action\",\n \"Microsoft.Compute/VirtualMachines/read\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/AvailabilitySets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-23T15:07:32.157769Z\",\n \"updatedOn\": \"2024-05-03T21:25:12.6392452Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b67fe603-310e-4889-b9ee-8257d09d353d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b67fe603-310e-4889-b9ee-8257d09d353d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Recommendations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to call Compute Recommendations APIs provided by Compute Diagnostic Resource Provider service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/locations/placementScores/generate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-30T15:20:17.6310289Z\",\n \"updatedOn\": \"2024-07-02T15:07:54.755272Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e82342c9-ac7f-422b-af64-e426d2e12b2d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e82342c9-ac7f-422b-af64-e426d2e12b2d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Execution Instance List Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List instances for job executions in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91422e52-bb88-4415-bb4a-90f5b71f6dcb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91422e52-bb88-4415-bb4a-90f5b71f6dcb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for jobs in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/jobs/read\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/logstream/action\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b459aa1d-e3c8-436f-ae21-c0531140f43e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b459aa1d-e3c8-436f-ae21-c0531140f43e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T17:46:29.728767Z\",\n \"updatedOn\": \"2024-05-10T17:46:29.728767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05fdd44c-adc6-4aff-981c-61041f0c929a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05fdd44c-adc6-4aff-981c-61041f0c929a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-write access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"updatedOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a5eb8433-97a5-4a06-80b2-a877e1622c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a5eb8433-97a5-4a06-80b2-a877e1622c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/write\",\n \"Microsoft.Resources/deploymentStacks/read\",\n \"Microsoft.Resources/deploymentStacks/validate/action\",\n \"Microsoft.Resources/deploymentStacks/exportTemplate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2025-06-05T00:56:22.3468702Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf7f8882-3383-422a-806a-6526c631a88a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf7f8882-3383-422a-806a-6526c631a88a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, including those with deny assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adb29209-aa1d-457b-a786-c913953d2891\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adb29209-aa1d-457b-a786-c913953d2891\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Config Server Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Config Server in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configServers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"updatedOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/74252426-c508-480e-9345-4607bbebead4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"74252426-c508-480e-9345-4607bbebead4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Catalog Lister\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listing all repositories in an Azure Container Registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:09.4683575Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5848534Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2efddaa5-3f1f-4df3-97df-af3f13818f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2efddaa5-3f1f-4df3-97df-af3f13818f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.586855Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a1e307c-b015-4ebd-883e-5b7698a07328\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a1e307c-b015-4ebd-883e-5b7698a07328\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5818531Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b93aa761-3e63-49ed-ac28-beffa264f7ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b93aa761-3e63-49ed-ac28-beffa264f7ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DeID data. This role is in preview and subject to change\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"updatedOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78e4b983-1a0b-472e-8b7d-8d770f7c5890\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78e4b983-1a0b-472e-8b7d-8d770f7c5890\"\n },\n {\n \"properties\": {\n \"roleName\": \"Locks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Locks Operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"updatedOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28bf596f-4eb7-45ce-b5bc-6cf482fec137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28bf596f-4eb7-45ce-b5bc-6cf482fec137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Standby Container Group Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage standby container group pool resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/revisions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StandbyPool/Locations/OperationStatuses/read\",\n \"Microsoft.StandbyPool/Operations/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/delete\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/runtimeViews/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"updatedOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39fcb0de-8844-4706-b050-c28ddbe3ff83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39fcb0de-8844-4706-b050-c28ddbe3ff83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Artifacts Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for publishing gallery artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/*\",\n \"Microsoft.Compute/locations/capsOperations/read\",\n \"Microsoft.Compute/locations/communityGalleries/*\",\n \"Microsoft.Compute/locations/sharedGalleries/*\",\n \"Microsoft.Compute/images/*\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"updatedOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Viewer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant access to view all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T07:46:35.012434Z\",\n \"updatedOn\": \"2024-06-28T08:35:31.7949436Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5826735-177b-4a0d-a9a3-d0e4b4bda107\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5826735-177b-4a0d-a9a3-d0e4b4bda107\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant full access to manage all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T08:01:39.0551096Z\",\n \"updatedOn\": \"2024-06-28T08:35:33.2869473Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ccf8795-8983-4912-8036-1c45212c95e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ccf8795-8983-4912-8036-1c45212c95e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a3ab03bc-5350-42ff-b0d5-00207672db55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a3ab03bc-5350-42ff-b0d5-00207672db55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Connected InfraVMs\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role of Arc Integration for Azure Stack HCI Infrastructure Virtual Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:27.6822616Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3691302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c99c945f-8bd1-4fb1-a903-01460aae6068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c99c945f-8bd1-4fb1-a903-01460aae6068\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Delete resources during VM Restore. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/locations/diskOperations/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/checkNameAvailability/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"updatedOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce8971-25e3-42e3-ba33-6055438e3080\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce8971-25e3-42e3-ba33-6055438e3080\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight clusters, configuration, extensions, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXECUTESCRIPTACTIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/GETGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/LISTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATEENDPOINTCONNECTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATELINKRESOURCES/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESOLVEPRIVATELINKSERVICEID/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESTARTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/AUTOSCALE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/RESIZE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/PROMOTE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/UPDATEGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AVAILABLECLUSTERVERSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/BILLINGSPECS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CAPABILITIES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CHECKNAMEAVAILABILITY/ACTION\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/USAGES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/VALIDATECREATEREQUEST/ACTION\",\n \"MICROSOFT.HDINSIGHT/OPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/REGISTER/ACTION\",\n \"MICROSOFT.HDINSIGHT/RESOURCETYPES/READ\",\n \"MICROSOFT.HDINSIGHT/UNREGISTER/ACTION\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"updatedOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0847e196-2fd2-4c2f-a48c-fca6fd030f44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0847e196-2fd2-4c2f-a48c-fca6fd030f44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Compute Contributor Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Manage and configure Azure Operator Nexus infrastructure resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/classicAdministrators/operationstatuses/read\",\n \"Microsoft.Authorization/classicAdministrators/read\",\n \"Microsoft.Authorization/denyAssignments/read\",\n \"Microsoft.Authorization/diagnosticSettings/read\",\n \"Microsoft.Authorization/diagnosticSettingsCategories/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/operations/read\",\n \"Microsoft.Authorization/permissions/read\",\n \"Microsoft.Authorization/policyAssignments/read\",\n \"Microsoft.Authorization/policyAssignments/privateLinkAssociations/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read\",\n \"Microsoft.Authorization/policyDefinitions/read\",\n \"Microsoft.Authorization/policyExemptions/read\",\n \"Microsoft.Authorization/policySetDefinitions/read\",\n \"Microsoft.Authorization/providerOperations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleInstances/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleRequests/read\",\n \"Microsoft.Authorization/roleAssignmentSchedules/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleInstances/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleRequests/read\",\n \"Microsoft.Authorization/roleEligibilitySchedules/read\",\n \"Microsoft.Authorization/roleManagementPolicies/read\",\n \"Microsoft.Authorization/roleManagementPolicyAssignments/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.Insights/alertRules/activated/action\",\n \"Microsoft.Insights/alertRules/delete\",\n \"Microsoft.Insights/alertRules/incidents/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/alertRules/resolved/action\",\n \"Microsoft.Insights/alertRules/throttled/action\",\n \"Microsoft.Insights/alertRules/write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.ManagedNetworkFabric/networkFabricControllers/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkFabrics/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkRacks/join/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/cordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/delete\",\n \"Microsoft.NetworkCloud/bareMetalMachines/powerOff/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/read\",\n \"Microsoft.NetworkCloud/bareMetalMachines/reimage/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/replace/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/restart/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runDataExtracts/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runReadCommands/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/start/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/uncordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/write\",\n \"Microsoft.NetworkCloud/clusterManagers/delete\",\n \"Microsoft.NetworkCloud/clusterManagers/read\",\n \"Microsoft.NetworkCloud/clusterManagers/write\",\n \"Microsoft.NetworkCloud/clusters/bareMetalMachineKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/bmcKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/continueUpdateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/delete\",\n \"Microsoft.NetworkCloud/clusters/deploy/action\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/delete\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/read\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/write\",\n \"Microsoft.NetworkCloud/clusters/read\",\n \"Microsoft.NetworkCloud/clusters/scanRuntime/action\",\n \"Microsoft.NetworkCloud/clusters/updateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/write\",\n \"Microsoft.NetworkCloud/locations/operationStatuses/read\",\n \"Microsoft.NetworkCloud/operations/read\",\n \"Microsoft.NetworkCloud/rackSkus/read\",\n \"Microsoft.NetworkCloud/racks/delete\",\n \"Microsoft.NetworkCloud/racks/join/action\",\n \"Microsoft.NetworkCloud/racks/read\",\n \"Microsoft.NetworkCloud/racks/write\",\n \"Microsoft.NetworkCloud/register/action\",\n \"Microsoft.NetworkCloud/registeredSubscriptions/read\",\n \"Microsoft.NetworkCloud/storageAppliances/read\",\n \"Microsoft.NetworkCloud/unregister/action\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"updatedOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4aa368ec-fba9-4e93-81ed-396b3d461cc5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4aa368ec-fba9-4e93-81ed-396b3d461cc5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Instances Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to container groups provided by Azure Container Instances\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerInstance/containerGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"updatedOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d977122-f97e-4b4d-a52f-6b43003ddb4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d977122-f97e-4b4d-a52f-6b43003ddb4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read connectors and their associated resources, such as impacts and insights.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Insights/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"updatedOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cdbb904-5ff3-429d-8169-7d7818b91bd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cdbb904-5ff3-429d-8169-7d7818b91bd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Transparency Logs Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Transparency Log resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/transparencyLogs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"updatedOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Limited Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View home page.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41e04612-9dac-4699-a02b-c82ff2cc3fb5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41e04612-9dac-4699-a02b-c82ff2cc3fb5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Encryption Set Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/diskEncryptionSets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"updatedOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/136d308c-0937-4a49-9bd7-edfb42adbffc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"136d308c-0937-4a49-9bd7-edfb42adbffc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Field Imagery Solution Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Field Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-01T08:16:34.164867Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1af232de-e806-426f-8ca1-c36142449755\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1af232de-e806-426f-8ca1-c36142449755\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge Hardware Center Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an edge order administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-06T15:15:42.539443Z\",\n \"updatedOn\": \"2024-08-06T15:15:42.539443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9295f069-25d0-4f44-bb6a-3da70d11aa00\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9295f069-25d0-4f44-bb6a-3da70d11aa00\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-In Role that has all control plane permissions to work with Azure AI and its dependencies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.ContainerRegistry/registries/*\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.MachineLearningServices/workspaces/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Search/searchServices/write\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Search/searchServices/delete\",\n \"Microsoft.Search/searchServices/indexes/*\",\n \"Microsoft.Search/searchServices/listAdminKeys/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/*\",\n \"Microsoft.DataFactory/factories/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-07T23:50:52.3424998Z\",\n \"updatedOn\": \"2025-04-15T15:19:36.7198543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b78c5d69-af96-48a3-bf8d-a8b4d589de94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b78c5d69-af96-48a3-bf8d-a8b4d589de94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Image Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for reading gallery images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-09T07:40:21.6696134Z\",\n \"updatedOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cf7c76d2-98a3-4358-a134-615aa78bf44d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cf7c76d2-98a3-4358-a134-615aa78bf44d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, logstream and exec into Container Apps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/containerApps/logstream/action\",\n \"Microsoft.App/containerApps/exec/action\",\n \"Microsoft.App/containerApps/debug/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-11-13T16:12:37.8788949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f3bd1b5c-91fa-40e7-afe7-0c11d331232c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f3bd1b5c-91fa-40e7-afe7-0c11d331232c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/*/write\",\n \"Microsoft.App/managedEnvironments/*/delete\",\n \"Microsoft.App/managedEnvironments/*/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/57cc5028-e6a7-4284-868d-0611c5923f8d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"57cc5028-e6a7-4284-868d-0611c5923f8d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/write\",\n \"Microsoft.App/containerApps/*/delete\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.437978Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.437978Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/358470bc-b998-42bd-ab17-a7e34c199c0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"358470bc-b998-42bd-ab17-a7e34c199c0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps managedenvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b32c00b-7eff-4c22-93e6-93d11d72d2d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b32c00b-7eff-4c22-93e6-93d11d72d2d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/managedenvironments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/edd66693-d32a-450b-997d-0158c03976b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"edd66693-d32a-450b-997d-0158c03976b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps sessionpools.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af61e8fc-2633-4b95-bed3-421ad6826515\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af61e8fc-2633-4b95-bed3-421ad6826515\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps jobs, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.App/jobs/write\",\n \"Microsoft.App/jobs/delete\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps SessionPools, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/*/write\",\n \"Microsoft.App/sessionPools/*/delete\",\n \"Microsoft.App/sessionPools/*/action\",\n \"microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7669afb-68b2-44b4-9c5f-6d2a47fddda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7669afb-68b2-44b4-9c5f-6d2a47fddda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Durable Task role for all data access operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"updatedOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ad04412-c4d5-4796-b79c-f76d14c8d402\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ad04412-c4d5-4796-b79c-f76d14c8d402\"\n },\n {\n \"properties\": {\n \"roleName\": \"KubernetesRuntime Load Balancer Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete load balancers in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/loadBalancers/read\",\n \"Microsoft.KubernetesRuntime/loadBalancers/write\",\n \"Microsoft.KubernetesRuntime/loadBalancers/delete\",\n \"Microsoft.KubernetesRuntime/bgpPeers/read\",\n \"Microsoft.KubernetesRuntime/bgpPeers/write\",\n \"Microsoft.KubernetesRuntime/bgpPeers/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesRuntime/locations/operationStatuses/write\",\n \"Microsoft.KubernetesRuntime/services/write\",\n \"Microsoft.KubernetesRuntime/services/delete\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/write\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-26T15:01:39.6821551Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a5682fc-4f12-4b25-927e-e8cfed0c539e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a5682fc-4f12-4b25-927e-e8cfed0c539e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS Orchestrator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource group because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to create the supporting resources in the resource group of the private clouds attached virtual network and bind them to the attached virtual network. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/operationStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Network/virtualHubs/delete\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/networkIntentPolicies/read\",\n \"Microsoft.Network/networkIntentPolicies/delete\",\n \"Microsoft.Network/networkIntentPolicies/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualHubs/write\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/read\",\n \"Microsoft.Network/virtualHubs/bgpConnections/write\",\n \"Microsoft.Network/virtualHubs/bgpConnections/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{d715fb95a0f04f1c8be65ad2d2767f67, 4d97b98b1d4f4787a291c67834d212e7, 49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"updatedOn\": \"2025-02-13T20:38:23.7051408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Connector Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Service Connector.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceLinker/linkers/read\",\n \"Microsoft.ServiceLinker/linkers/delete\",\n \"Microsoft.ServiceLinker/linkers/write\",\n \"Microsoft.ServiceLinker/linkers/listConfigurations/action\",\n \"Microsoft.ServiceLinker/linkers/validateLinker/action\",\n \"Microsoft.ServiceLinker/dryruns/delete\",\n \"Microsoft.ServiceLinker/dryruns/write\",\n \"Microsoft.ServiceLinker/linkers/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/delete\",\n \"Microsoft.ServiceLinker/locations/connectors/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/validate/action\",\n \"Microsoft.ServiceLinker/locations/connectors/write\",\n \"Microsoft.ServiceLinker/locations/dryruns/delete\",\n \"Microsoft.ServiceLinker/locations/dryruns/write\",\n \"Microsoft.ServiceLinker/locations/operationStatuses/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-28T15:23:35.037597Z\",\n \"updatedOn\": \"2025-05-16T03:07:33.2225582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7003cd-07a9-490c-bfa5-23e40314f8d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7003cd-07a9-490c-bfa5-23e40314f8d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Approver Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all resources in Azure Virtual Enclaves and Approve approval requests within the Enclave\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/enclaveConnections/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/communities/communityEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/approvals/initiatorCallback/action\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T15:25:33.0231286Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.356225Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2142ea27-02ad-4094-bfea-2dbac6d24934\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2142ea27-02ad-4094-bfea-2dbac6d24934\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Update Agent\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide full access to all Azure Device Update agent operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"updatedOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a740172-0fc2-4039-972c-b31864cd47d6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a740172-0fc2-4039-972c-b31864cd47d6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Purge Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows permanent deletion of soft-deleted vaults.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/locations/operationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"updatedOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a68e7c17-0ab2-4c09-9a58-125dae29748c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a68e7c17-0ab2-4c09-9a58-125dae29748c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to perform all Face APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"updatedOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, start, and stop Container Apps jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/jobs/logstream/action\",\n \"Microsoft.App/jobs/exec/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"updatedOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) This role allows full access to Azure Operator Nexus Network Cloud resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NetworkCloud/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\"\n },\n {\n \"properties\": {\n \"roleName\": \"CloudTest Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on CloudTest Accounts, CloudTest Pools, 1ES Hosted Pools and 1ES Images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CloudTest/*/read\",\n \"Microsoft.CloudTest/hostedpools/write\",\n \"Microsoft.CloudTest/hostedpools/delete\",\n \"Microsoft.CloudTest/images/write\",\n \"Microsoft.CloudTest/images/delete\",\n \"Microsoft.CloudTest/images/cancel/action\",\n \"Microsoft.CloudTest/images/refresh/action\",\n \"Microsoft.CloudTest/pools/write\",\n \"Microsoft.CloudTest/pools/delete\",\n \"Microsoft.CloudTest/accounts/write\",\n \"Microsoft.CloudTest/accounts/delete\",\n \"Microsoft.CloudTest/pools/leases/action\",\n \"Microsoft.CloudTest/pools/leases/complete/action\",\n \"Microsoft.CloudTest/pools/leases/extend/action\",\n \"Microsoft.CloudTest/hostedpools/leases/action\",\n \"Microsoft.CloudTest/hostedpools/leases/complete/action\",\n \"Microsoft.CloudTest/hostedpools/leases/extend/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2025-08-14T01:17:34.3715766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e9d0bd4-5aab-4f91-92df-9def33fe287c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e9d0bd4-5aab-4f91-92df-9def33fe287c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Automanage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Automanage Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automanage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d6517c1-e434-405c-9f3f-e0ae65085d76\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d6517c1-e434-405c-9f3f-e0ae65085d76\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Bot Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"To perform actions on the bots by copilot studio platform and extensibility team\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.BotService/listAuthServiceProviders/action\",\n \"Microsoft.BotService/listauthserviceproviders/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/read\",\n \"Microsoft.BotService/botServices/write\",\n \"Microsoft.BotService/botServices/delete\",\n \"Microsoft.BotService/botServices/channels/write\",\n \"Microsoft.BotService/botServices/channels/read\",\n \"Microsoft.BotService/botServices/channels/listchannelwithkeys/action\",\n \"Microsoft.BotService/botServices/channels/delete\",\n \"Microsoft.BotService/botServices/channels/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/connections/read\",\n \"Microsoft.BotService/botServices/connections/write\",\n \"Microsoft.BotService/botServices/connections/delete\",\n \"Microsoft.BotService/botServices/connections/listwithsecrets/write\",\n \"Microsoft.BotService/botServices/connections/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/createemailsigninurl/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.BotService/botServices/joinPerimeter/action\",\n \"Microsoft.BotService/botServices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/checknameavailability/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/hostsettings/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/delete\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/delete\",\n \"Microsoft.BotService/listqnamakerendpointkeys/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterConfigurations/reconcile/action\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/delete\",\n \"Microsoft.BotService/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.BotService/botServices/channels/regeneratekeys/action\",\n \"Microsoft.BotService/botServices/Connections/listWithSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-12T05:29:14.6965924Z\",\n \"updatedOn\": \"2025-01-30T16:45:30.6156198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/175b81b9-6e0d-490a-85e4-0d422273c10c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"175b81b9-6e0d-490a-85e4-0d422273c10c\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for all management operations, except purge, for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fe86443c-f201-4fc4-9d2a-ac61149fbda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fe86443c-f201-4fc4-9d2a-ac61149fbda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Managed Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy and manage your Service Fabric Managed Cluster resources. Includes managed clusters, node types, application types, application type versions, applications, and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/managedclusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-17T15:06:28.2939568Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83f80186-3729-438c-ad2d-39e94d718838\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83f80186-3729-438c-ad2d-39e94d718838\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Data Importer and Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to import images into a registry through the registry import operation. Provides the ability to list repositories, view images and tags, get manifests, and pull images. Does not provide permissions for importing images through configuring registry transfer pipelines such as import and export pipelines. Does not provide permissions for importing through configuring Artifact Cache or Sync rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/importImage/action\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-19T02:48:17.8131685Z\",\n \"updatedOn\": \"2025-04-25T08:31:50.8322354Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/577a9874-89fd-4f24-9dbd-b5034d0ad23a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"577a9874-89fd-4f24-9dbd-b5034d0ad23a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Service Orchestration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants the required permissions to Azure Batch Resource Provider to manage compute and other backing resources in the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/read\",\n \"Microsoft.AzureFleet/fleets/write\",\n \"Microsoft.AzureFleet/fleets/read\",\n \"Microsoft.AzureFleet/fleets/delete\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/approveRollingUpgrade/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/deallocate/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete/action\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimage/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimageall/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/restart/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/start/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/extensions/read\",\n \"microsoft.Compute/virtualMachineScaleSets/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualmachines/restart/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Network/networkWatchers/read\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T04:53:47.7198421Z\",\n \"updatedOn\": \"2025-02-12T16:18:23.8859317Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a35466a1-cfd6-450a-b35e-683fcdf30363\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a35466a1-cfd6-450a-b35e-683fcdf30363\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft PowerBI Tenant Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of tenant operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerBI/tenants/workspaces/read\",\n \"Microsoft.PowerBI/tenants/workspaces/delete\",\n \"Microsoft.PowerBI/tenants/read\",\n \"Microsoft.PowerBI/tenants/delete\",\n \"Microsoft.PowerBI/tenants/write\",\n \"Microsoft.PowerBI/tenants/workspaces/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"updatedOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8c87871d-6201-42da-abb1-1c0c985ff71c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8c87871d-6201-42da-abb1-1c0c985ff71c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage your Service Fabric Cluster resources. Includes clusters, application types, application type versions, applications, and services. You will need additional permissions to deploy and manage the cluster's underlying resources such as virtual machine scale sets, storage accounts, networks, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/clusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-01T15:07:22.3648709Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6efc156-f0da-4e90-a50a-8c000140b017\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6efc156-f0da-4e90-a50a-8c000140b017\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6e0c8711-85a0-4490-8365-8ec13c4560b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6e0c8711-85a0-4490-8365-8ec13c4560b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/streamingjobs/Read\",\n \"Microsoft.StreamAnalytics/streamingjobs/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/Read\",\n \"Microsoft.StreamAnalytics/clusters/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/ListStreamingJobs/action\",\n \"Microsoft.StreamAnalytics/locations/*/Read\",\n \"Microsoft.StreamAnalytics/operations/Read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dfc38e8-6ce7-447f-807c-029c65262c5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dfc38e8-6ce7-447f-807c-029c65262c5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Worker\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by worker applications to interact with the Durable Task service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/execute/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-04T12:40:48.3980573Z\",\n \"updatedOn\": \"2025-07-10T20:34:53.5413918Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80d0d6b0-f522-40a4-8886-a5a11720c375\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80d0d6b0-f522-40a4-8886-a5a11720c375\"\n },\n {\n \"properties\": {\n \"roleName\": \"Portal Dashboard Writer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can write an Azure Portal Dashboard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Portal/dashboards/read\",\n \"Microsoft.Portal/dashboards/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-08T15:25:11.3964685Z\",\n \"updatedOn\": \"2025-07-23T23:16:02.9942117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78eacb5e-e318-4560-85a9-e6a724ca60c9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78eacb5e-e318-4560-85a9-e6a724ca60c9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Owner allowing to review and modify Landing Zone Account, Landing Zone Configurations, as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Reader allowing to read Landing Zone Account, Landing Zone Configurations and Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2718b1f7-eb07-424e-8868-0137541392a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2718b1f7-eb07-424e-8868-0137541392a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Windows365.CloudPcDelegatedMsis Writer User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role to perform Write operations on CloudPcDelegatedMsis resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Windows365/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": \"dipakmahajan\",\n \"updatedBy\": \"dipakmahajan\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21bffb94-04c0-4ed0-b676-68bb926e832b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21bffb94-04c0-4ed0-b676-68bb926e832b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Job Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit and manage jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/batchAccounts/applications/read\",\n \"Microsoft.Batch/batchAccounts/applications/versions/read\",\n \"Microsoft.Batch/batchAccounts/pools/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48e5e92e-a480-4e71-aa9c-2778f4c13781\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48e5e92e-a480-4e71-aa9c-2778f4c13781\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources including pools and jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2025-08-07T11:36:35.1603929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11076f67-66f6-4be0-8f6b-f0609fd05cc9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11076f67-66f6-4be0-8f6b-f0609fd05cc9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Batch resources, including Batch accounts, pools and jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2025-08-07T12:06:49.3936883Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29fe4964-1e60-436b-bd3a-77fd4c178b3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29fe4964-1e60-436b-bd3a-77fd4c178b3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to manage Batch pools and jobs but not to modify accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/batchAccounts/read\",\n \"Microsoft.Batch/batchAccounts/applications/*\",\n \"Microsoft.Batch/batchAccounts/certificates/*\",\n \"Microsoft.Batch/batchAccounts/certificateOperationResults/*\",\n \"Microsoft.Batch/batchAccounts/pools/*\",\n \"Microsoft.Batch/batchAccounts/poolOperationResults/*\",\n \"Microsoft.Batch/locations/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aaa78f1-f7de-44ca-8722-c64a23943cae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aaa78f1-f7de-44ca-8722-c64a23943cae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and files. This role is used by the data scanner of Dfender CSPM.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-11-06T16:01:17.0833766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Managed Grafana Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure Managed Grafana resources, without providing access to the workspaces themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/grafana/write\",\n \"Microsoft.Dashboard/grafana/delete\",\n \"Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/action\",\n \"Microsoft.Dashboard/locations/operationStatuses/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/delete\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/write\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/write\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T19:05:56.9094034Z\",\n \"updatedOn\": \"2025-05-16T00:34:45.2747678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows to call data plane APIs, but not any control plane APIs for Microsoft Cognitive Services. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"updatedOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19c28022-e58e-450d-a464-0b2a53034789\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19c28022-e58e-450d-a464-0b2a53034789\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to Container Apps ConnectedEnvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-18T03:26:58.612812Z\",\n \"updatedOn\": \"2024-10-18T03:26:58.612812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd80684d-2f5f-4130-892a-0955546282de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd80684d-2f5f-4130-892a-0955546282de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/nodes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"updatedOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Experiment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, run, and see details for experiments, onboard targets, and manage capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2875737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7c2e40b7-25eb-482a-82cb-78ba06cb46d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7c2e40b7-25eb-482a-82cb-78ba06cb46d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view targets, capabilities, experiments, and experiment details.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:35.5075532Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29e2da8a-229c-4157-8ae8-cc72fc506b74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29e2da8a-229c-4157-8ae8-cc72fc506b74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can run and see details for experiments but cannot create experiments or manage targets and capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:07.6428446Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2476916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a40e87e-6645-48e0-b27a-0b115d849a20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a40e87e-6645-48e0-b27a-0b115d849a20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Connectors Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Connectors resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff478a4e-8633-416e-91bc-ec33ce7c9516\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff478a4e-8633-416e-91bc-ec33ce7c9516\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ConnectedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/connectedEnvironments/*\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/*/write\",\n \"Microsoft.App/connectedEnvironments/*/delete\",\n \"Microsoft.App/connectedEnvironments/*/action\",\n \"Microsoft.App/connectedEnvironments/daprComponents/listSecrets/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f4fe6fc-f04f-4d97-8528-8bc18c848dca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f4fe6fc-f04f-4d97-8528-8bc18c848dca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Contributor and Data Access Configuration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to create, list, and update container registries and registry configuration properties. Provides permissions to configure data access such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/write\",\n \"Microsoft.ContainerRegistry/registries/delete\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/regenerateCredential/action\",\n \"Microsoft.ContainerRegistry/registries/generateCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/write\",\n \"Microsoft.ContainerRegistry/registries/replications/delete\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/delete\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/write\",\n \"Microsoft.ContainerRegistry/registries/tokens/delete\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/write\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/delete\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/write\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/delete\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/deactivate/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/write\",\n \"Microsoft.ContainerRegistry/registries/webhooks/delete\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/ping/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.ContainerRegistry/locations/operationResults/read\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/privateEndpoints/privateLinkServiceProxies/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"updatedOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bc748fc-213d-45c1-8d91-9da5725539b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bc748fc-213d-45c1-8d91-9da5725539b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Health Safeguards Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in all available Health Safeguards\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalAnchoring/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalCodesValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalConflictDetection/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalEvidenceVerification/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalProvenance/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalSemanticValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/DetectHallucinationsAndOmissions/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/HealthAdaptedFiltering/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-25T13:47:32.4836018Z\",\n \"updatedOn\": \"2024-12-09T16:09:07.9062467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/566f0da3-e2a5-4393-9089-763f8bab8fb6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"566f0da3-e2a5-4393-9089-763f8bab8fb6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Configuration Reader and Data Access Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to list container registries and registry configuration properties. Provides permissions to list data access configuration such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"updatedOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69b07be0-09bf-439a-b9a6-e73de851bd59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69b07be0-09bf-439a-b9a6-e73de851bd59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Transfer Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to transfer, import, and export artifacts through configuring registry transfer pipelines that involve intermediary storage accounts and key vaults. Does not provide permissions to push or pull images. Does not provide permissions to create, manage, or list storage accounts or key vaults. Does not provide permissions to perform role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/exportPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/read\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/write\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"updatedOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization App Attach Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to manage app attach resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/write\",\n \"Microsoft.DesktopVirtualization/appattachpackages/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"updatedOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/97dfb3ce-e936-462c-9425-9cdb67e66d45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"97dfb3ce-e936-462c-9425-9cdb67e66d45\"\n },\n {\n \"properties\": {\n \"roleName\": \"HybridCompute Machine ListAccessDetails Action In-Built Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"In-Built Role definition that grants permissions to execute the listAccessDetails action on HybridCompute Machines\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/listAccessDetails/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-08T16:19:16.7242676Z\",\n \"updatedOn\": \"2025-03-12T16:00:45.5699939Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9701b4d-e6e7-4657-91cd-360a0881d224\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9701b4d-e6e7-4657-91cd-360a0881d224\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage App Service Environments but not the App Service Plans or Websites that it hosts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Web/hostingEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"updatedOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Subscription Level Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud subscription level permissions needed to activate Containers plan\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-14T10:01:45.877748Z\",\n \"updatedOn\": \"2024-12-12T11:16:08.7763533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ada52afe-776a-4b4d-a8f2-55670d3d8178\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ada52afe-776a-4b4d-a8f2-55670d3d8178\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quantum Workspace Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Quantum/Workspaces/read\",\n \"Microsoft.Quantum/locations/offerings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Quantum/Workspaces/jobs/read\",\n \"Microsoft.Quantum/Workspaces/jobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"updatedOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1410b24-3e69-4857-8f86-4d0a2e603250\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1410b24-3e69-4857-8f86-4d0a2e603250\"\n },\n {\n \"properties\": {\n \"roleName\": \"Communication and Email Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete Communications and Email Service resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Communication/CheckNameAvailability/action\",\n \"Microsoft.Communication/Locations/OperationStatuses/read\",\n \"Microsoft.Communication/Locations/OperationStatuses/write\",\n \"Microsoft.Communication/Operations/read\",\n \"Microsoft.Communication/CommunicationServices/read\",\n \"Microsoft.Communication/CommunicationServices/write\",\n \"Microsoft.Communication/CommunicationServices/delete\",\n \"Microsoft.Communication/CommunicationServices/ListKeys/action\",\n \"Microsoft.Communication/CommunicationServices/RegenerateKey/action\",\n \"Microsoft.Communication/CommunicationServices/LinkNotificationHub/action\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/read\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/write\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/delete\",\n \"Microsoft.Communication/EmailServices/read\",\n \"Microsoft.Communication/EmailServices/write\",\n \"Microsoft.Communication/EmailServices/delete\",\n \"Microsoft.Communication/EmailServices/Domains/read\",\n \"Microsoft.Communication/EmailServices/Domains/write\",\n \"Microsoft.Communication/EmailServices/Domains/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/read\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/write\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/delete\",\n \"Microsoft.Communication/EmailServices/Domains/InitiateVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/CancelVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"updatedOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/09976791-48a7-449e-bb21-39d1a415f350\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"09976791-48a7-449e-bb21-39d1a415f350\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Autonomous Database Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Autonomous Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/autonomousDatabases/*/read\",\n \"Oracle.Database/autonomousDatabases/*/write\",\n \"Oracle.Database/autonomousDatabases/*/delete\",\n \"Oracle.Database/autonomousDatabases/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-03T16:00:22.0003479Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59c05558-2358-462d-ba19-afbd7118936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59c05558-2358-462d-ba19-afbd7118936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Safety Evaluator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can perform all actions under workspace evaluations and simulations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/evaluations/*\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"updatedOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11102f94-c441-49e6-a78b-ef80e0188abc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11102f94-c441-49e6-a78b-ef80e0188abc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Tasks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to configure, read, list, trigger, or cancel Container Registry Tasks, Task Runs, Task Logs, Quick Runs, Quick Builds, and Task Agent Pools. Permissions granted for Tasks management can be used for full registry data plane permissions including reading/writing/deleting container images in registries. Permissions granted for Tasks management can also be used to run customer authored build directives and run scripts to build software artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/agentpools/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/write\",\n \"Microsoft.ContainerRegistry/registries/agentpools/delete\",\n \"Microsoft.ContainerRegistry/registries/agentpools/listQueueStatus/action\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationResults/status/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/write\",\n \"Microsoft.ContainerRegistry/registries/tasks/delete\",\n \"Microsoft.ContainerRegistry/registries/tasks/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/scheduleRun/action\",\n \"Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/read\",\n \"Microsoft.ContainerRegistry/registries/runs/write\",\n \"Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/cancel/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/read\",\n \"Microsoft.ContainerRegistry/registries/taskruns/write\",\n \"Microsoft.ContainerRegistry/registries/taskruns/delete\",\n \"Microsoft.ContainerRegistry/registries/taskruns/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/operationStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"updatedOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb382eab-e894-4461-af04-94435c366c3f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb382eab-e894-4461-af04-94435c366c3f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Backup Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permissions to backup identity to manage RPC snapshots\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/restorePointCollections/read\",\n \"Microsoft.Compute/restorePointCollections/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T12:02:58.1197573Z\",\n \"updatedOn\": \"2025-03-17T15:14:48.6639401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/afc680e2-a938-412d-b213-9a49efa7fb83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"afc680e2-a938-412d-b213-9a49efa7fb83\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS on Fleet VIS Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to inject address prefix changes of the private clouds attached virtual network to SDN and support peering sync feature. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.BareMetal/peeringSettings/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Authorization/roleAssignments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2025-01-13T16:06:06.5931961Z\",\n \"updatedOn\": \"2025-06-11T06:31:53.4195138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49fc33c1-886f-4b21-a00e-1d9993234734\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49fc33c1-886f-4b21-a00e-1d9993234734\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Management Copilot User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables users access to Edge Management Copilot.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeManagement/locations/chat/action\",\n \"Microsoft.EdgeManagement/troubleshoot/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T02:53:10.7767692Z\",\n \"updatedOn\": \"2025-09-01T15:03:56.0546394Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53e48117-a530-4075-bcbe-d91913e3bdb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53e48117-a530-4075-bcbe-d91913e3bdb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all Durable Task Scheduler data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/read\",\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T21:39:28.7653514Z\",\n \"updatedOn\": \"2025-07-10T20:34:54.3629229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Edge Machine Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Edge Machine Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"updatedOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a6f9009-515c-4455-b170-143e4c9ce229\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a6f9009-515c-4455-b170-143e4c9ce229\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\",\n \"Microsoft.OnlineExperimentation/workspaces/write\",\n \"Microsoft.OnlineExperimentation/workspaces/delete\",\n \"Microsoft.OnlineExperimentation/workspaces/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.7573167Z\",\n \"updatedOn\": \"2025-02-14T17:38:48.3796504Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53747cdd-e97c-477a-948c-b587d0e514b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53747cdd-e97c-477a-948c-b587d0e514b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"updatedOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1363e94d-546f-4fe9-8434-b0eefb292d59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1363e94d-546f-4fe9-8434-b0eefb292d59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Target Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard targets and manage capabilities but cannot create, run, or see details for experiments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"updatedOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59a618e3-3c9a-406e-9f03-1a20dd1c55f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59a618e3-3c9a-406e-9f03-1a20dd1c55f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Auto Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Auto Actions resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/OperationStatuses/write\",\n \"Microsoft.ComputeSchedule/autoActions/write\",\n \"Microsoft.ComputeSchedule/autoActions/delete\",\n \"Microsoft.ComputeSchedule/autoActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/disable/action\",\n \"Microsoft.ComputeSchedule/autoActions/enable/action\",\n \"Microsoft.ComputeSchedule/autoActions/listResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/listResources/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"updatedOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d01690-9418-4783-8ca2-9f0f1791783d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d01690-9418-4783-8ca2-9f0f1791783d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Onboarding Discovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write or delete the discovery and it's child resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DeviceOnboarding/discoveryServices/*\",\n \"Microsoft.DeviceOnboarding/locations/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"updatedOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a227fb39-f479-404b-96fd-0176f5d88ab4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a227fb39-f479-404b-96fd-0176f5d88ab4\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:00:59.904969Z\",\n \"updatedOn\": \"2025-02-24T16:00:59.904969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31ef6312-5b0c-4ce9-8c5d-587a91344fe7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31ef6312-5b0c-4ce9-8c5d-587a91344fe7\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\",\n \"Microsoft.Compute/sshpublickeys/write\",\n \"Microsoft.Compute/sshpublickeys/delete\",\n \"Microsoft.Compute/sshpublickeys/generatekeypair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"updatedOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Agent Pool Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for agentpool related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/write\",\n \"Microsoft.ContainerService/managedClusters/agentPools/delete\",\n \"Microsoft.ContainerService/managedClusters/agentPools/upgradeNodeImageVersion/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/abort/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"updatedOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b7f3653-4324-473a-9165-bc55e4d04ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b7f3653-4324-473a-9165-bc55e4d04ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Serverless Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Serverless resources and thier connections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.web/sites/publish/action\",\n \"microsoft.web/sites/slots/publish/action\",\n \"microsoft.web/sites/config/list/action\",\n \"microsoft.web/sites/slots/config/list/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T09:38:08.4219917Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ac31b4-936a-4046-a6d2-ba6f8a757bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ac31b4-936a-4046-a6d2-ba6f8a757bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dedicated Host Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for DedicatedHosts Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/hostGroups/read\",\n \"Microsoft.Compute/hostGroups/write\",\n \"Microsoft.Compute/hostGroups/delete\",\n \"Microsoft.Compute/hostGroups/hosts/read\",\n \"Microsoft.Compute/hostGroups/hosts/write\",\n \"Microsoft.Compute/hostGroups/hosts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Fleet Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Compute Fleet resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureFleet/fleets/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2bed379c-9fba-455b-99e4-6b911073bcf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2bed379c-9fba-455b-99e4-6b911073bcf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Credential Access Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane get credentials operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/getCredentials/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"updatedOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1df7cd83-1d3f-41df-95b0-53b30d963369\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1df7cd83-1d3f-41df-95b0-53b30d963369\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Federated Identity Credential Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity Federated Identity Credentials(FIC)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"updatedOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e559ce2-48d7-4b27-9128-fa1b247f1308\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e559ce2-48d7-4b27-9128-fa1b247f1308\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides full access to manage all Azure File Sync (Storage Sync Service) resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/register/action\",\n \"Microsoft.StorageSync/unregister/action\",\n \"Microsoft.StorageSync/locations/*\",\n \"Microsoft.StorageSync/deployments/preflight/action\",\n \"Microsoft.StorageSync/storageSyncServices/*\",\n \"Microsoft.StorageSync/operations/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:11:32.1254077Z\",\n \"updatedOn\": \"2025-05-21T16:06:38.6938985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92b92042-07d9-4307-87f7-36a593fc5850\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to Azure File Sync service (Storage Sync Service).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:26:47.840119Z\",\n \"updatedOn\": \"2025-03-27T21:26:47.840119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/754c1a27-40dc-4708-8ad4-2bffdeee09e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"754c1a27-40dc-4708-8ad4-2bffdeee09e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Cluster API Provider\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions to allow cluster API to manage nodes, networks and disks for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-28T17:59:48.0497955Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5098891Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88366f10-ed47-4cc0-9fab-c8a06148393e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88366f10-ed47-4cc0-9fab-c8a06148393e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions for all management operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"updatedOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c7a01fe-5518-4a42-93c2-658e45441691\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c7a01fe-5518-4a42-93c2-658e45441691\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale Storage Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale Storage Vaults\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exascaleDbStorageVaults/write\",\n \"Oracle.Database/exascaleDbStorageVaults/delete\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3733644Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2643111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a00ed373-f085-4b75-a950-53eacdc52ac0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a00ed373-f085-4b75-a950-53eacdc52ac0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"updatedOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58b80de8-4b34-424c-9e47-23faf0f7cfe2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58b80de8-4b34-424c-9e47-23faf0f7cfe2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Flux Configurations Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Flux Configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/write\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/delete\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"updatedOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61eb6405-5f4a-440b-ad03-fe06c5c85e44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61eb6405-5f4a-440b-ad03-fe06c5c85e44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Issue Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all issues data and update issues settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AlertsManagement/Issues/*\",\n \"microsoft.monitor/accounts/issues/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:12.3898424Z\",\n \"updatedOn\": \"2025-08-08T06:45:21.8923687Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d7ecc5c-f27b-43cf-883f-46409d445502\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d7ecc5c-f27b-43cf-883f-46409d445502\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Credential Sets in Container Registry. This role doesn't affect the needed permissions for storing content inside Azure Key Vault. This role also doesn't grant permissions to manage Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/write\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/delete\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f094fb07-0703-4400-ad6a-e16dd8000e14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f094fb07-0703-4400-ad6a-e16dd8000e14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale VmCluster Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale VmClusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/exadbVmClusters/*/write\",\n \"Oracle.Database/exadbVmClusters/*/delete\",\n \"Oracle.Database/exadbVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0869d06d-e3d1-4472-8764-1bb71b2bdaf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0869d06d-e3d1-4472-8764-1bb71b2bdaf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Credential Sets in Container Registry. This permission doesn't allow permission to see content inside Azure Key vault only the content inside Container Registry. This permission doesn't grant permission to read Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29093635-9924-4f2c-913b-650a12949526\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29093635-9924-4f2c-913b-650a12949526\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Cache Rules in Container Registry. This permission doesn't grant permission to read Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c357b964-0002-4b64-a50d-7a28f02edc52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c357b964-0002-4b64-a50d-7a28f02edc52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Cache Rules in Container Registry. This role doesn't grant permissions to manage Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/write\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/delete\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df87f177-bb12-4db1-9793-a413691eff94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df87f177-bb12-4db1-9793-a413691eff94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Account resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/accounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2593f4c7-8bf4-4fff-9804-2ee069b41902\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2593f4c7-8bf4-4fff-9804-2ee069b41902\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Enterprise Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Enterprise Policy resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/enterprisePolicies/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/babe7770-cdbc-4f46-9bd7-b90b34842946\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"babe7770-cdbc-4f46-9bd7-b90b34842946\"\n },\n {\n \"properties\": {\n \"roleName\": \"Usage Billing Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.UsageBilling/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/33cdeeac-0940-4f85-9317-7e2432c17289\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"33cdeeac-0940-4f85-9317-7e2432c17289\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Solution External Validator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to fetch targets, solution templates, solutions and update the external validation status\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/targets/read\",\n \"Microsoft.Edge/solutionTemplates/read\",\n \"Microsoft.Edge/solutionTemplates/versions/read\",\n \"Microsoft.Edge/targets/solutions/versions/read\",\n \"Microsoft.Edge/targets/updateExternalValidationStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db9875ba-bd2b-4e98-934d-0daa549a07f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db9875ba-bd2b-4e98-934d-0daa549a07f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Project Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/accounts/*/read\",\n \"Microsoft.CognitiveServices/accounts/projects/*\",\n \"Microsoft.CognitiveServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.5915009Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eadc314b-1a2d-4efa-be10-5d325db5065e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Dashboards with Grafana Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage dashboards with Grafana.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/dashboards/read\",\n \"Microsoft.Dashboard/dashboards/write\",\n \"Microsoft.Dashboard/dashboards/delete\",\n \"Microsoft.Dashboard/locations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"updatedOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0618ae3d-2930-4bb7-aa00-718db34ee9f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0618ae3d-2930-4bb7-aa00-718db34ee9f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage AI projects and accounts. Grants conditional assignment of the Azure AI User role to other user principles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-05-01T00:11:10.589501Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.589501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e47c6f54-e4a2-4754-9501-8e0985b135e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e47c6f54-e4a2-4754-9501-8e0985b135e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Secrets Store Extension Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, create and modify secretsync and secretproviderclass objects. Register and deregister the provider from the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecretSyncController/register/action\",\n \"Microsoft.SecretSyncController/unregister/action\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/read\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/write\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/delete\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/read\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/write\",\n \"Microsoft.SecretSyncController/operations/read\",\n \"Microsoft.SecretSyncController/secretSyncs/read\",\n \"Microsoft.SecretSyncController/secretSyncs/write\",\n \"Microsoft.SecretSyncController/secretSyncs/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"updatedOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c227a58-cff3-4b51-9fa3-51bdafb6ca55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c227a58-cff3-4b51-9fa3-51bdafb6ca55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants reader access to AI projects, reader access to AI accounts, and data actions for an AI project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"updatedOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53ca6127-db72-4b80-b1b0-d745d6d5456d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53ca6127-db72-4b80-b1b0-d745d6d5456d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Control Plane Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables the control plane operator to read resources necessary for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.113071Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.113071Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0ff367d-66d8-445e-917c-583feb0ef0d4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0ff367d-66d8-445e-917c-583feb0ef0d4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Azure resources needed by Azure Kubernetes Fleet Manager hub agents.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/trafficManagerProfiles/read\",\n \"Microsoft.Network/trafficManagerProfiles/write\",\n \"Microsoft.Network/trafficManagerProfiles/delete\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/read\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/write\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-05T15:00:30.7938727Z\",\n \"updatedOn\": \"2025-05-23T17:06:06.3537994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de2b316d-7a2c-4143-b4cd-c148f6a355a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de2b316d-7a2c-4143-b4cd-c148f6a355a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration IT Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to manage the IT Admin operations for Workload Orchestration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/eventGridFilters/delete\",\n \"Microsoft.Edge/contexts/eventGridFilters/read\",\n \"Microsoft.Edge/contexts/eventGridFilters/write\",\n \"Microsoft.Edge/contexts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"updatedOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63304235-eaf4-4c15-8e93-46c483611231\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63304235-eaf4-4c15-8e93-46c483611231\"\n },\n {\n \"properties\": {\n \"roleName\": \"Arc Gateway Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Arc Gateway Resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-08T18:19:27.614475Z\",\n \"updatedOn\": \"2025-05-08T18:19:27.614475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6e92014-8af2-414d-9948-9b1abf559285\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6e92014-8af2-414d-9948-9b1abf559285\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Machine Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for machine related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/deleteMachines/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"updatedOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e253927-1f29-4d89-baa2-c3a549eff423\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e253927-1f29-4d89-baa2-c3a549eff423\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/DevicePools/read\",\n \"Microsoft.AzureStackHCI/DevicePools/ClaimDevices/action\",\n \"Microsoft.AzureStackHCI/DevicePools/ReleaseDevices/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:48.828656Z\",\n \"updatedOn\": \"2025-05-15T08:48:48.828656Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adc3c795-c41e-4a89-a478-0b321783324c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adc3c795-c41e-4a89-a478-0b321783324c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/Read/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/Jobs/Read/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"updatedOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5f569efd-4da5-4123-99cd-d42fbb2a836e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5f569efd-4da5-4123-99cd-d42fbb2a836e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all monitoring data, update permissions for monitoring settings and permissions to deploy and remediate Azure Monitor alert policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PolicyInsights/remediations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"updatedOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47be4a87-7950-4631-9daf-b664a405f074\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47be4a87-7950-4631-9daf-b664a405f074\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for a file or Azure file share that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"updatedOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage table that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"updatedOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/965033a5-c8eb-4f35-b82f-fef460a3606d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"965033a5-c8eb-4f35-b82f-fef460a3606d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage queue that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"updatedOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ee386e9-84f0-448e-80a6-f185f6533131\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ee386e9-84f0-448e-80a6-f185f6533131\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteCreate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDelete/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-23T15:34:55.7571301Z\",\n \"updatedOn\": \"2025-06-06T16:43:20.1338695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6fbca9a8-3561-41fd-8b20-6576043c1076\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6fbca9a8-3561-41fd-8b20-6576043c1076\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Machine Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Machine Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/delete\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/delete\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\",\n \"Microsoft.HybridCompute/machines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-28T15:24:16.9803048Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.7881209Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"AI Model Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for AI access to AI services and resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/versions/read\",\n \"Microsoft.MachineLearningServices/workspaces/datastores/read\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/artifacts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-11T15:26:11.6009304Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9beb50-e28c-4879-8472-24c9d328085f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9beb50-e28c-4879-8472-24c9d328085f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to read Azure Kubernetes Service namespace resources. In-cluster namespace access further requires assignment of Azure Kubernetes Service RBAC roles to the namespace resource for an Entra ID enabled cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/listCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"updatedOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9f76ca8-b262-4b10-8ed2-09cf0948aa35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9f76ca8-b262-4b10-8ed2-09cf0948aa35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Azure Kubernetes Service namespace resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"updatedOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/289d8817-ee69-43f1-a0af-43a45505b488\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"289d8817-ee69-43f1-a0af-43a45505b488\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))\"\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4834641Z\",\n \"updatedOn\": \"2025-07-03T17:24:32.4630198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c6569b6-f23e-4295-9b90-bd4cc4ff3292\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevOps Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on Managed DevOps Pools\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevOpsInfrastructure/register/action\",\n \"Microsoft.DevOpsInfrastructure/unregister/action\",\n \"Microsoft.DevOpsInfrastructure/*/read\",\n \"Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write\",\n \"Microsoft.DevOpsInfrastructure/pools/write\",\n \"Microsoft.DevOpsInfrastructure/pools/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4784655Z\",\n \"updatedOn\": \"2025-07-17T00:34:35.8546315Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76153a9e-0edb-49bc-8e01-93c47e6b5180\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view billing information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"updatedOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/32c34659-0f83-4a4c-80f2-63a244f8ae0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"32c34659-0f83-4a4c-80f2-63a244f8ae0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view sensitive security information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"updatedOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Edge Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role for managing operations in azure stack edge\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/downloadUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/generateCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/getExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/installUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/listDCAccessCode/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/scanForUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/update/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/uploadCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"updatedOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12b8206a-0216-4469-908d-a3e2025fe085\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12b8206a-0216-4469-908d-a3e2025fe085\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grounding with Bing User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enable Approved Microsoft Applications to connect to Bing to retrieve and ground responses using real-time data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Bing/accounts/useGrounding/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T15:16:52.842097Z\",\n \"updatedOn\": \"2025-06-25T15:16:52.842097Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2016c9ed-c18d-4120-93d7-178e583efe92\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2016c9ed-c18d-4120-93d7-178e583efe92\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Advisor Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission to delete and write access for suppressions, configurations and assmessments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/suppressions/write\",\n \"Microsoft.Advisor/suppressions/delete\",\n \"Microsoft.Advisor/recommendations/suppressions/write\",\n \"Microsoft.Advisor/recommendations/suppressions/delete\",\n \"Microsoft.Advisor/assessments/write\",\n \"Microsoft.Advisor/configurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T19:21:21.1733164Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.2108089Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a41f41-6dce-4ea7-8a34-8e095ddba55c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a41f41-6dce-4ea7-8a34-8e095ddba55c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Resource Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Resource Admin\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"updatedOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/548d7e7c-65ee-412b-ae37-2dbb419d4207\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"548d7e7c-65ee-412b-ae37-2dbb419d4207\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Bulk Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to perform bulk operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/bulkOperator/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/bulkOperator/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"updatedOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Administrator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/checkNameAvailability/action\",\n \"Microsoft.Discovery/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830}))\"\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-23T16:53:36.843759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a2b6e6c-472e-4b39-8878-a26eb63d75c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a2b6e6c-472e-4b39-8878-a26eb63d75c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants readonly permissions to view Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bb7c424-af4e-436b-bfcc-8779c8934c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bb7c424-af4e-436b-bfcc-8779c8934c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view and operate on most Discovery platform resources, including workspaces, supercomputers, storages, agents, bookshelves, data containers, models, tools, workflows, and investigations, as well as perform data plane actions, but does not allow creating, updating, or deleting core resources such as workspaces, supercomputers, storages, bookshelves, node pools, or projects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Discovery/workspaces/read\",\n \"Microsoft.Discovery/supercomputers/read\",\n \"Microsoft.Discovery/storages/read\",\n \"Microsoft.Discovery/agents/*\",\n \"Microsoft.Discovery/bookshelves/read\",\n \"Microsoft.Discovery/dataContainers/*\",\n \"Microsoft.Discovery/dataContainers/dataAssets/*\",\n \"Microsoft.Discovery/models/*\",\n \"Microsoft.Discovery/supercomputers/nodePools/read\",\n \"Microsoft.Discovery/tools/*\",\n \"Microsoft.Discovery/workflows/*\",\n \"Microsoft.Discovery/workspaces/projects/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.Discovery/workspaces/write\",\n \"Microsoft.Discovery/workspaces/delete\",\n \"Microsoft.Discovery/supercomputers/write\",\n \"Microsoft.Discovery/supercomputers/delete\",\n \"Microsoft.Discovery/storages/write\",\n \"Microsoft.Discovery/storages/delete\",\n \"Microsoft.Discovery/bookshelves/write\",\n \"Microsoft.Discovery/bookshelves/delete\",\n \"Microsoft.Discovery/supercomputers/nodePools/write\",\n \"Microsoft.Discovery/supercomputers/nodePools/delete\",\n \"Microsoft.Discovery/workspaces/projects/write\",\n \"Microsoft.Discovery/workspaces/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2814036Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/01288891-85ee-45a7-b367-9db3b752fc65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"01288891-85ee-45a7-b367-9db3b752fc65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, edit and delete AIO resources. Manage all resources, including instance and its downstream resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DeviceRegistry/Assets/*\",\n \"Microsoft.DeviceRegistry/AssetEndpointProfiles/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Assets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Devices/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredAssets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredDevices/*\",\n \"Microsoft.DeviceRegistry/SchemaRegistries/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T19:55:14.5761643Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"User can Azure arc connect and deploy Azure IoT Operations securely.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.DeviceRegistry/register/action\",\n \"Microsoft.DeviceRegistry/schemaRegistries/read\",\n \"Microsoft.DeviceRegistry/schemaRegistries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/*/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T20:10:17.4373209Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write connectors and have basic customer permissions like reading authorizations, alert rules and resourceGroups\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"updatedOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c459b115-f629-486b-b359-35feb5568b83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c459b115-f629-486b-b359-35feb5568b83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Virtual Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"updatedOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1abf4029-2200-4343-800c-e4c4c01eddbd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1abf4029-2200-4343-800c-e4c4c01eddbd\"\n },\n {\n \"properties\": {\n \"roleName\": \"NginxPlus Contributor service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Nginx.NginxPlus Control Plane operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NGINX.NGINXPLUS/register/action\",\n \"NGINX.NGINXPLUS/unregister/action\",\n \"NGINX.NGINXPLUS/locations/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Delete\",\n \"NGINX.NGINXPLUS/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-11T15:44:56.6598995Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.5007488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61aed14c-6c9a-4ed5-aa44-49fc5e96a167\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61aed14c-6c9a-4ed5-aa44-49fc5e96a167\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure CosmosDB Fleets and related child resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/fleets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/35ffec73-9cb8-4593-8718-40d5bc4b7f6f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"35ffec73-9cb8-4593-8718-40d5bc4b7f6f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Apis contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows all actions on healthcareapis provider resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HealthcareApis/services/*\",\n \"Microsoft.HealthcareApis/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29f61507-bdfb-4987-b629-20033be2d6c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29f61507-bdfb-4987-b629-20033be2d6c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Datadog Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Datadog Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Datadog/register/action\",\n \"Microsoft.Datadog/unregister/action\",\n \"Microsoft.Datadog/agreements/read\",\n \"Microsoft.Datadog/agreements/write\",\n \"Microsoft.Datadog/locations/read\",\n \"Microsoft.Datadog/locations/operationStatuses/read\",\n \"Microsoft.Datadog/locations/operationStatuses/write\",\n \"Microsoft.Datadog/monitors/read\",\n \"Microsoft.Datadog/monitors/write\",\n \"Microsoft.Datadog/monitors/delete\",\n \"Microsoft.Datadog/monitors/listApiKeys/action\",\n \"Microsoft.Datadog/monitors/getDefaultKey/action\",\n \"Microsoft.Datadog/monitors/setDefaultKey/action\",\n \"Microsoft.Datadog/monitors/refreshSetPasswordLink/action\",\n \"Microsoft.Datadog/monitors/listLinkedResources/action\",\n \"Microsoft.Datadog/monitors/listHosts/read\",\n \"Microsoft.Datadog/monitors/listLinkedResources/read\",\n \"Microsoft.Datadog/monitors/listMonitoredResources/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/read\",\n \"Microsoft.Datadog/monitors/tagRules/read\",\n \"Microsoft.Datadog/monitors/tagRules/write\",\n \"Microsoft.Datadog/registeredSubscriptions/read\",\n \"Microsoft.Datadog/subscriptionStatuses/read\",\n \"Microsoft.Datadog/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3027767Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81b67e46-ef5b-4404-bddd-090985bb4a28\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81b67e46-ef5b-4404-bddd-090985bb4a28\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Elastic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Elastic/getOrganizationApiKey/action\",\n \"Microsoft.Elastic/checkNameAvailability/action\",\n \"Microsoft.Elastic/register/action\",\n \"Microsoft.Elastic/locations/read\",\n \"Microsoft.Elastic/locations/operationStatuses/read\",\n \"Microsoft.Elastic/locations/operationStatuses/write\",\n \"Microsoft.Elastic/monitors/read\",\n \"Microsoft.Elastic/monitors/write\",\n \"Microsoft.Elastic/monitors/delete\",\n \"Microsoft.Elastic/monitors/listMonitoredResources/action\",\n \"Microsoft.Elastic/monitors/listVMHost/action\",\n \"Microsoft.Elastic/monitors/createOrUpdateExternalUser/action\",\n \"Microsoft.Elastic/monitors/listAllTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/listAssociatedTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/createAndAssociateIPFilter/action\",\n \"Microsoft.Elastic/monitors/createAndAssociatePLFilter/action\",\n \"Microsoft.Elastic/monitors/associateTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachAndDeleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/deleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/listUpgradableVersions/action\",\n \"Microsoft.Elastic/monitors/getBillingInfo/action\",\n \"Microsoft.Elastic/monitors/listConnectedPartnerResources/action\",\n \"Microsoft.Elastic/monitors/upgrade/action\",\n \"Microsoft.Elastic/monitors/vmIngestionDetails/action\",\n \"Microsoft.Elastic/monitors/vmCollectionUpdate/action\",\n \"Microsoft.Elastic/monitors/listDeploymentInfo/action\",\n \"Microsoft.Elastic/monitors/resubscribe/action\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/read\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/getStatus/action\",\n \"Microsoft.Elastic/monitors/tagRules/read\",\n \"Microsoft.Elastic/monitors/tagRules/write\",\n \"Microsoft.Elastic/registeredSubscriptions/read\",\n \"Microsoft.Elastic/elasticVersions/read\",\n \"Microsoft.Elastic/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3017765Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.4997487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d68eeb8d-afae-4932-a331-203b7957e509\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d68eeb8d-afae-4932-a331-203b7957e509\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Elastic resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Elastic/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/225efd4d-4ca0-42a1-ae53-5f233ba23c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"225efd4d-4ca0-42a1-ae53-5f233ba23c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Newrelic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Newrelic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NewRelic.Observability/register/action\",\n \"NewRelic.Observability/unregister/action\",\n \"NewRelic.Observability/accounts/read\",\n \"NewRelic.Observability/plans/read\",\n \"NewRelic.Observability/organizations/read\",\n \"NewRelic.Observability/locations/read\",\n \"NewRelic.Observability/locations/operationStatuses/read\",\n \"NewRelic.Observability/locations/operationStatuses/write\",\n \"NewRelic.Observability/monitors/read\",\n \"NewRelic.Observability/monitors/write\",\n \"NewRelic.Observability/monitors/delete\",\n \"NewRelic.Observability/monitors/monitoredResources/action\",\n \"NewRelic.Observability/monitors/vmHostPayloads/action\",\n \"NewRelic.Observability/monitors/listAppServices/action\",\n \"NewRelic.Observability/monitors/listHosts/action\",\n \"NewRelic.Observability/monitors/refreshIngestionKey/action\",\n \"NewRelic.Observability/monitors/getMetricRules/action\",\n \"NewRelic.Observability/monitors/getMetricStatus/action\",\n \"NewRelic.Observability/monitors/switchBilling/action\",\n \"NewRelic.Observability/monitors/latestLinkedSaaS/action\",\n \"NewRelic.Observability/monitors/linkSaaS/action\",\n \"NewRelic.Observability/monitors/resubscribe/action\",\n \"NewRelic.Observability/monitors/getBillingInfo/action\",\n \"NewRelic.Observability/monitors/listConnectedPartnerResources/action\",\n \"NewRelic.Observability/monitors/listLinkedResources/action\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/read\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/write\",\n \"NewRelic.Observability/monitors/tagRules/read\",\n \"NewRelic.Observability/monitors/tagRules/write\",\n \"NewRelic.Observability/registeredSubscriptions/read\",\n \"NewRelic.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a60da355-bdec-443f-8d42-a03f0422f04d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a60da355-bdec-443f-8d42-a03f0422f04d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Enrollments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the creation and modification of policy enrollments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T16:55:07.415008Z\",\n \"updatedOn\": \"2025-07-16T16:55:07.415008Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/285ce6d6-fa11-43bd-94ef-42a9b3740bfd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"285ce6d6-fa11-43bd-94ef-42a9b3740bfd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dynatrace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dynatrace Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Dynatrace.Observability/checkNameAvailability/action\",\n \"Dynatrace.Observability/register/action\",\n \"Dynatrace.Observability/unregister/action\",\n \"Dynatrace.Observability/getMarketplaceSaaSResourceDetails/action\",\n \"Dynatrace.Observability/locations/read\",\n \"Dynatrace.Observability/locations/operationStatuses/read\",\n \"Dynatrace.Observability/locations/operationStatuses/write\",\n \"Dynatrace.Observability/monitors/read\",\n \"Dynatrace.Observability/monitors/write\",\n \"Dynatrace.Observability/monitors/delete\",\n \"Dynatrace.Observability/monitors/listMonitoredResources/action\",\n \"Dynatrace.Observability/monitors/getVMHostPayload/action\",\n \"Dynatrace.Observability/monitors/listHosts/action\",\n \"Dynatrace.Observability/monitors/listAppServices/action\",\n \"Dynatrace.Observability/monitors/getSSODetails/action\",\n \"Dynatrace.Observability/monitors/listLinkableEnvironments/action\",\n \"Dynatrace.Observability/monitors/getMetricStatus/action\",\n \"Dynatrace.Observability/monitors/manageAgentInstallation/action\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/read\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/read\",\n \"Dynatrace.Observability/monitors/tagRules/read\",\n \"Dynatrace.Observability/monitors/tagRules/write\",\n \"Dynatrace.Observability/registeredSubscriptions/read\",\n \"Dynatrace.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-17T04:54:12.9049103Z\",\n \"updatedOn\": \"2025-08-01T11:55:53.7346372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa96a588-3fac-4adb-bfb2-f8404ece07e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa96a588-3fac-4adb-bfb2-f8404ece07e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.OffAzureSpringBoot Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Microsoft.OffAzureSpringBoot Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OffAzureSpringBoot/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-18T10:13:03.6807059Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79732128-7761-4733-aebf-35590da9f29b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79732128-7761-4733-aebf-35590da9f29b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexus network fabric resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.ManagedNetworkFabric/*/action\",\n \"Microsoft.ManagedNetworkFabric/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/46c70067-0f50-457f-8137-2449c90de518\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"46c70067-0f50-457f-8137-2449c90de518\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Identity Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexusidentity resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NexusIdentity/*/read\",\n \"Microsoft.NexusIdentity/*/write\",\n \"Microsoft.NexusIdentity/*/action\",\n \"Microsoft.NexusIdentity/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/374a1cc6-96cb-4946-8d8b-a41054c8ae97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"374a1cc6-96cb-4946-8d8b-a41054c8ae97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Conversation Session User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows sending a message to the agent and receive a response, using the conversation session API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ConversationSession/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"updatedOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b3eb788f-5426-48bd-821d-561701ede368\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b3eb788f-5426-48bd-821d-561701ede368\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Analytics Storage Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write telemetry data from the Fleet Analytics Synapse workspace to customer-provided storage accounts or Fabric Lakehouses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T01:43:25.8457961Z\",\n \"updatedOn\": \"2025-08-28T01:46:02.2595107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf41e52e-617f-4981-8b7a-47431bd4e011\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf41e52e-617f-4981-8b7a-47431bd4e011\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Data Transfer Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete pipelines, connections, and flows in Azure Data Transfer. Also perform any appropriate control plane operations for managing Azure Data Transfer resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureDataTransfer/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"updatedOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eded264d-1796-4e25-8500-a78427f8a316\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eded264d-1796-4e25-8500-a78427f8a316\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Video Indexer Account resources and generate access tokens for data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/checknameavailability/action\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/read\",\n \"Microsoft.VideoIndexer/accounts/write\",\n \"Microsoft.VideoIndexer/accounts/delete\",\n \"Microsoft.VideoIndexer/accounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/read\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/write\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/delete\",\n \"Microsoft.VideoIndexer/accounts/privateLinkResources/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/write\",\n \"Microsoft.VideoIndexer/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-07-28T15:04:33.545254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f99eaab-6f59-4877-adf5-1cacd22e20b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f99eaab-6f59-4877-adf5-1cacd22e20b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity DUPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Deleted Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/deletedUnifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-08-21T13:32:13.8007194Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4eb044f-76b9-47af-92f9-1d95c4c14ab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4eb044f-76b9-47af-92f9-1d95c4c14ab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all Sites related resources but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurationReferences/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59f98be6-0817-488b-831e-36a353c8000b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59f98be6-0817-488b-831e-36a353c8000b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Edge Sites Owner role - Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/sites/write\",\n \"Microsoft.Edge/sites/delete\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/write\",\n \"Microsoft.Edge/configurations/delete\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/write\",\n \"Microsoft.Edge/configurations/networkConfigurations/delete\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/write\",\n \"Microsoft.Edge/configurations/securityConfigurations/delete\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/write\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/delete\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/write\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/delete\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/write\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/delete\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/write\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/delete\",\n \"Microsoft.Edge/configurationReferences/read\",\n \"Microsoft.Edge/configurationReferences/write\",\n \"Microsoft.Edge/configurationReferences/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1cd7e4da-2789-457f-adbe-3e9e84037a93\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1cd7e4da-2789-457f-adbe-3e9e84037a93\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr PureStorage Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all PureStorage related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"PureStorage.Block/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85546f1f-f28b-4cb3-b852-73e422a96897\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85546f1f-f28b-4cb3-b852-73e422a96897\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dell Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Dell related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Dell.Storage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d683b71b-2b91-4fc1-a43e-b53b3d85bed9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d683b71b-2b91-4fc1-a43e-b53b3d85bed9\"\n },\n {\n \"properties\": {\n \"roleName\": \"SupportPlan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor role for Enterprise Support Resource Provider\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EnterpriseSupport/services/delete\",\n \"Microsoft.EnterpriseSupport/services/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T21:45:45.323115Z\",\n \"updatedOn\": \"2025-07-30T21:45:45.323115Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d6f52ba-a7de-4c56-a58f-522154514fba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d6f52ba-a7de-4c56-a58f-522154514fba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Spring Apps Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-31T11:03:44.7831528Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4037dd68-1cc7-4a64-8765-3a79963a9940\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4037dd68-1cc7-4a64-8765-3a79963a9940\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Networking Outbound Rules Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-in role that can authorize users to access and update the managed network settings of a machine learning workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/delete\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/batchOutboundRules/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25cabde7-1a6c-4350-8877-cb6fe59f1399\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25cabde7-1a6c-4350-8877-cb6fe59f1399\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity UPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/unifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5108882Z\",\n \"updatedOn\": \"2025-08-21T13:32:14.8037229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"LambdaTest.HyperExecute Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all LambdaTest.HyperExecute related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"LambdaTest.HyperExecute/checkNameAvailability/action\",\n \"LambdaTest.HyperExecute/register/action\",\n \"LambdaTest.HyperExecute/unregister/action\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/read\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/write\",\n \"LambdaTest.HyperExecute/operations/read\",\n \"LambdaTest.HyperExecute/organizations/read\",\n \"LambdaTest.HyperExecute/organizations/write\",\n \"LambdaTest.HyperExecute/organizations/delete\",\n \"LambdaTest.HyperExecute/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44a00263-b2a0-45d5-a618-5d8d11709349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44a00263-b2a0-45d5-a618-5d8d11709349\"\n },\n {\n \"properties\": {\n \"roleName\": \"ArizeAi.ObservabilityEval Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all ArizeAi.ObservabilityEval related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"ArizeAi.ObservabilityEval/checkNameAvailability/action\",\n \"ArizeAi.ObservabilityEval/register/action\",\n \"ArizeAi.ObservabilityEval/unregister/action\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/read\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/write\",\n \"ArizeAi.ObservabilityEval/operations/read\",\n \"ArizeAi.ObservabilityEval/organizations/read\",\n \"ArizeAi.ObservabilityEval/organizations/write\",\n \"ArizeAi.ObservabilityEval/organizations/delete\",\n \"ArizeAi.ObservabilityEval/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dca88c6f-5090-44cd-a0ff-a88f337b12a5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dca88c6f-5090-44cd-a0ff-a88f337b12a5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Pinecone.VectorDb Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Pinecone.VectorDb related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Pinecone.VectorDb/checkNameAvailability/action\",\n \"Pinecone.VectorDb/register/action\",\n \"Pinecone.VectorDb/unregister/action\",\n \"Pinecone.VectorDb/locations/operationStatuses/read\",\n \"Pinecone.VectorDb/locations/operationStatuses/write\",\n \"Pinecone.VectorDb/operations/read\",\n \"Pinecone.VectorDb/organizations/read\",\n \"Pinecone.VectorDb/organizations/write\",\n \"Pinecone.VectorDb/organizations/delete\",\n \"Pinecone.VectorDb/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd799a69-ffc8-4aa8-9701-b51f686857d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd799a69-ffc8-4aa8-9701-b51f686857d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.WeightsAndBiases Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Microsoft.WeightsAndBiases related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WeightsAndBiases/checkNameAvailability/action\",\n \"Microsoft.WeightsAndBiases/register/action\",\n \"Microsoft.WeightsAndBiases/unregister/action\",\n \"Microsoft.WeightsAndBiases/instances/read\",\n \"Microsoft.WeightsAndBiases/instances/write\",\n \"Microsoft.WeightsAndBiases/instances/delete\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/read\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/write\",\n \"Microsoft.WeightsAndBiases/operations/read\",\n \"Microsoft.WeightsAndBiases/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:57.794372Z\",\n \"updatedOn\": \"2025-08-06T15:22:57.794372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/246fffca-69ee-4945-bbf1-2a867dce4fda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"246fffca-69ee-4945-bbf1-2a867dce4fda\"\n },\n {\n \"properties\": {\n \"roleName\": \"Recurring Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Recurring Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"updatedOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/376d0802-aca8-4c2d-83a5-c88630f396fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"376d0802-aca8-4c2d-83a5-c88630f396fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\",\n \"/providers/Microsoft.Management/serviceGroups\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-09-18T10:30:29.9987541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d2e8fe82-9212-490f-af3e-34bb52d87d3d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d2e8fe82-9212-490f-af3e-34bb52d87d3d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff09793b-be48-49f6-ad96-70d32039c0b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff09793b-be48-49f6-ad96-70d32039c0b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c914561b-1575-4601-af9c-a1356bf59818\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c914561b-1575-4601-af9c-a1356bf59818\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"updatedOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e131102b-11a5-4ff4-8508-ed922132b74c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e131102b-11a5-4ff4-8508-ed922132b74c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Order Partner Inventory Manager Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage inventory metadata and inventory links associated with Edge Order Partner scenarios. Enables configuration and control of inventory resources for tracking and fulfillment purposes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageLink/action\",\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageInventoryMetadata/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-12T15:18:36.5429246Z\",\n \"updatedOn\": \"2025-09-05T06:37:32.5466384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f24a559b-c2fc-4409-b96e-9af4b0c28ad6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f24a559b-c2fc-4409-b96e-9af4b0c28ad6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender For Container Registries Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registries\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T15:27:47.0452902Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5c82243-e78e-43f9-8428-793bba85b28e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5c82243-e78e-43f9-8428-793bba85b28e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Change Safety Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage all Microsoft.ChangeSafety resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ChangeSafety/changeStates/read\",\n \"Microsoft.ChangeSafety/changeStates/write\",\n \"Microsoft.ChangeSafety/changeStates/delete\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/read\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/write\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/delete\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/read\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/write\",\n \"Microsoft.ChangeSafety/safeRollouts/read\",\n \"Microsoft.ChangeSafety/safeRollouts/write\",\n \"Microsoft.ChangeSafety/safeRollouts/delete\",\n \"Microsoft.ChangeSafety/safeRollouts/steps/read\",\n \"Microsoft.ChangeSafety/stageMaps/read\",\n \"Microsoft.ChangeSafety/stageMaps/write\",\n \"Microsoft.ChangeSafety/stageMaps/delete\",\n \"Microsoft.ChangeSafety/validations/read\",\n \"Microsoft.ChangeSafety/validations/write\",\n \"Microsoft.ChangeSafety/validations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"updatedOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Clinical Coder Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in Clinical Coder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/AIActions/ClinicalCoder/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"updatedOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0a94e7a-d791-4571-b2e0-8bdd8f867544\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0a94e7a-d791-4571-b2e0-8bdd8f867544\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Data Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Data Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.operationalinsights/workspaces/read\",\n \"Microsoft.operationalinsights/workspaces/write\",\n \"Microsoft.operationalinsights/workspaces/query/read\",\n \"Microsoft.operationalinsights/workspaces/tables/write\",\n \"Microsoft.operationalinsights/workspaces/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-22T09:09:13.51896Z\",\n \"updatedOn\": \"2025-08-22T09:09:13.51896Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40ead2a5-466e-4039-8a80-325542d9d2dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40ead2a5-466e-4039-8a80-325542d9d2dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Local Disconnected Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Local Disconnected Operations Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/disconnectedOperations/*/read\",\n \"Microsoft.Edge/disconnectedOperations/*/write\",\n \"Microsoft.Edge/disconnectedOperations/*/delete\",\n \"Microsoft.Edge/winfields/*/read\",\n \"Microsoft.Edge/winfields/*/write\",\n \"Microsoft.Edge/winfields/*/delete\",\n \"Microsoft.Edge/winfields/*/action\",\n \"Microsoft.Edge/disconnectedOperations/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/478d20ba-a53e-4946-b33c-8078a92f2d0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"478d20ba-a53e-4946-b33c-8078a92f2d0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Workload Orchestration Administrator Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/*\",\n \"Microsoft.Edge/configTemplates/*\",\n \"Microsoft.Edge/solutionTemplates/*\",\n \"Microsoft.Edge/configurations/*\",\n \"Microsoft.Edge/configurationreferences/*\",\n \"Microsoft.Edge/schemas/*\",\n \"Microsoft.Edge/schemaReferences/*\",\n \"Microsoft.Edge/targets/*\",\n \"Microsoft.Edge/jobs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"updatedOn\": \"2025-09-04T04:15:37.014131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cbb820e9-e561-45bb-84c2-ef45d0a13f7d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cbb820e9-e561-45bb-84c2-ef45d0a13f7d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View firmware images but not upload them or perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*/read\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"updatedOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a94a2fd-3c4f-45d1-847d-6585ba88af94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a94a2fd-3c4f-45d1-847d-6585ba88af94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read, write, destructive and scripting actions on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"updatedOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04f6c337-ffae-414c-b00f-3e80c9ab8a2c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04f6c337-ffae-414c-b00f-3e80c9ab8a2c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Script Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows execution and management of scripts on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scripteval/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptevalsha/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptexists/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptflush/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptload/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:39:28.929238Z\",\n \"updatedOn\": \"2025-08-27T17:39:28.929238Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7021ea36-e168-4bc0-af53-88de51d20665\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7021ea36-e168-4bc0-af53-88de51d20665\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d9cd91b9-dada-4fa9-9406-454c4659c137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d9cd91b9-dada-4fa9-9406-454c4659c137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/append/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/del/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/expire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpersist/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hsetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/msetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psetex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readwrite/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/set/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setrange/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smove/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/spop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunionstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unlink/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangestore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebylex/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyrank/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyscore/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunionstore/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1694e55a-2496-4d07-b005-7259aa3fcbe8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1694e55a-2496-4d07-b005-7259aa3fcbe8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"updatedOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca62263b-07d5-4b48-b437-088803f5c2ff\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca62263b-07d5-4b48-b437-088803f5c2ff\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"updatedOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1fd5d8bf-9037-4ede-89bf-680f798e2765\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1fd5d8bf-9037-4ede-89bf-680f798e2765\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:38:33.2080873Z\",\n \"updatedOn\": \"2025-09-11T12:26:00.2449399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Contributor and Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Contributor and Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:53:37.3243745Z\",\n \"updatedOn\": \"2025-09-18T08:00:00.7910377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/625a1cea-653b-4a19-bd3a-df1d66ab6637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"625a1cea-653b-4a19-bd3a-df1d66ab6637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T15:23:46.8702579Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78b7345a-1e1b-483a-ac62-62228c6ea89d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78b7345a-1e1b-483a-ac62-62228c6ea89d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Azure Monitor Pipeline resources, providing full read and write access to pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/679dc20a-52e8-4ac0-a23c-3b557dfb1e24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"679dc20a-52e8-4ac0-a23c-3b557dfb1e24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Azure Monitor Pipeline resources, including pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to all SRE Agent data, including chats, incidents, logs, and configurations. Does not permit interaction with the agent.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.0394523Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b156ac-253f-4a1a-9851-96d62b71b047\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b156ac-253f-4a1a-9851-96d62b71b047\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Connectivity contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.HybridConnectivity contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/listIngressGatewayCredentials/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/delete\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/testPermissions/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/write\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/delete\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/syncNow/action\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.251471Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.251471Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0f57965-de58-41bc-ba76-2aaab4d09f30\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0f57965-de58-41bc-ba76-2aaab4d09f30\"\n },\n {\n \"properties\": {\n \"roleName\": \"Aws Connector contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AwsConnector contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/delete\",\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/write\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/delete\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/write\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/delete\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/write\",\n \"Microsoft.AwsConnector/apiGatewayStages/delete\",\n \"Microsoft.AwsConnector/apiGatewayStages/write\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/delete\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/write\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/delete\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/write\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/delete\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/write\",\n \"Microsoft.AwsConnector/cloudFormationStacks/delete\",\n \"Microsoft.AwsConnector/cloudFormationStacks/write\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/delete\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/write\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/delete\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/write\",\n \"Microsoft.AwsConnector/cloudTrailTrails/delete\",\n \"Microsoft.AwsConnector/cloudTrailTrails/write\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/delete\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/write\",\n \"Microsoft.AwsConnector/codeBuildProjects/delete\",\n \"Microsoft.AwsConnector/codeBuildProjects/write\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/delete\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/write\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/delete\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/write\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/delete\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/write\",\n \"Microsoft.AwsConnector/daxClusters/delete\",\n \"Microsoft.AwsConnector/daxClusters/write\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/delete\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/write\",\n \"Microsoft.AwsConnector/dynamoDBTables/delete\",\n \"Microsoft.AwsConnector/dynamoDBTables/write\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/delete\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/write\",\n \"Microsoft.AwsConnector/ec2Addresses/delete\",\n \"Microsoft.AwsConnector/ec2Addresses/write\",\n \"Microsoft.AwsConnector/ec2FlowLogs/delete\",\n \"Microsoft.AwsConnector/ec2FlowLogs/write\",\n \"Microsoft.AwsConnector/ec2Images/delete\",\n \"Microsoft.AwsConnector/ec2Images/write\",\n \"Microsoft.AwsConnector/ec2Instances/delete\",\n \"Microsoft.AwsConnector/ec2Instances/start/action\",\n \"Microsoft.AwsConnector/ec2Instances/stop/action\",\n \"Microsoft.AwsConnector/ec2Instances/write\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/delete\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/write\",\n \"Microsoft.AwsConnector/ec2Ipams/delete\",\n \"Microsoft.AwsConnector/ec2Ipams/write\",\n \"Microsoft.AwsConnector/ec2KeyPairs/delete\",\n \"Microsoft.AwsConnector/ec2KeyPairs/write\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/delete\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/write\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/delete\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/write\",\n \"Microsoft.AwsConnector/ec2RouteTables/delete\",\n \"Microsoft.AwsConnector/ec2RouteTables/write\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/delete\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/write\",\n \"Microsoft.AwsConnector/ec2Snapshots/delete\",\n \"Microsoft.AwsConnector/ec2Snapshots/write\",\n \"Microsoft.AwsConnector/ec2Subnets/delete\",\n \"Microsoft.AwsConnector/ec2Subnets/write\",\n \"Microsoft.AwsConnector/ec2Volumes/delete\",\n \"Microsoft.AwsConnector/ec2Volumes/write\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/delete\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/write\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/delete\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/write\",\n \"Microsoft.AwsConnector/ec2Vpcs/delete\",\n \"Microsoft.AwsConnector/ec2Vpcs/write\",\n \"Microsoft.AwsConnector/ecrImageDetails/delete\",\n \"Microsoft.AwsConnector/ecrImageDetails/write\",\n \"Microsoft.AwsConnector/ecrRepositories/delete\",\n \"Microsoft.AwsConnector/ecrRepositories/write\",\n \"Microsoft.AwsConnector/ecsClusters/delete\",\n \"Microsoft.AwsConnector/ecsClusters/write\",\n \"Microsoft.AwsConnector/ecsServices/delete\",\n \"Microsoft.AwsConnector/ecsServices/write\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/delete\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/write\",\n \"Microsoft.AwsConnector/efsFileSystems/delete\",\n \"Microsoft.AwsConnector/efsFileSystems/write\",\n \"Microsoft.AwsConnector/efsMountTargets/delete\",\n \"Microsoft.AwsConnector/efsMountTargets/write\",\n \"Microsoft.AwsConnector/eksClusters/delete\",\n \"Microsoft.AwsConnector/eksClusters/write\",\n \"Microsoft.AwsConnector/eksNodegroups/delete\",\n \"Microsoft.AwsConnector/eksNodegroups/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/write\",\n \"Microsoft.AwsConnector/elasticsearchDomains/delete\",\n \"Microsoft.AwsConnector/elasticsearchDomains/write\",\n \"Microsoft.AwsConnector/emrClusters/delete\",\n \"Microsoft.AwsConnector/emrClusters/write\",\n \"Microsoft.AwsConnector/guardDutyDetectors/delete\",\n \"Microsoft.AwsConnector/guardDutyDetectors/write\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/write\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/write\",\n \"Microsoft.AwsConnector/iamGroups/delete\",\n \"Microsoft.AwsConnector/iamGroups/write\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/delete\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/write\",\n \"Microsoft.AwsConnector/iamManagedPolicies/delete\",\n \"Microsoft.AwsConnector/iamManagedPolicies/write\",\n \"Microsoft.AwsConnector/iamMFADevices/delete\",\n \"Microsoft.AwsConnector/iamMFADevices/write\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/delete\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/write\",\n \"Microsoft.AwsConnector/iamPolicyVersions/delete\",\n \"Microsoft.AwsConnector/iamPolicyVersions/write\",\n \"Microsoft.AwsConnector/iamRoles/delete\",\n \"Microsoft.AwsConnector/iamRoles/write\",\n \"Microsoft.AwsConnector/iamServerCertificates/delete\",\n \"Microsoft.AwsConnector/iamServerCertificates/write\",\n \"Microsoft.AwsConnector/iamUserPolicies/delete\",\n \"Microsoft.AwsConnector/iamUserPolicies/write\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/delete\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/write\",\n \"Microsoft.AwsConnector/kmsAliases/delete\",\n \"Microsoft.AwsConnector/kmsAliases/write\",\n \"Microsoft.AwsConnector/kmsKeys/delete\",\n \"Microsoft.AwsConnector/kmsKeys/write\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/write\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/write\",\n \"Microsoft.AwsConnector/lambdaFunctions/delete\",\n \"Microsoft.AwsConnector/lambdaFunctions/write\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/delete\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/write\",\n \"Microsoft.AwsConnector/lightsailBuckets/delete\",\n \"Microsoft.AwsConnector/lightsailBuckets/write\",\n \"Microsoft.AwsConnector/lightsailInstances/delete\",\n \"Microsoft.AwsConnector/lightsailInstances/write\",\n \"Microsoft.AwsConnector/Locations/OperationStatuses/write\",\n \"Microsoft.AwsConnector/logsLogGroups/delete\",\n \"Microsoft.AwsConnector/logsLogGroups/write\",\n \"Microsoft.AwsConnector/logsLogStreams/delete\",\n \"Microsoft.AwsConnector/logsLogStreams/write\",\n \"Microsoft.AwsConnector/logsMetricFilters/delete\",\n \"Microsoft.AwsConnector/logsMetricFilters/write\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/delete\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/write\",\n \"Microsoft.AwsConnector/macie2JobSummaries/delete\",\n \"Microsoft.AwsConnector/macie2JobSummaries/write\",\n \"Microsoft.AwsConnector/macieAllowLists/delete\",\n \"Microsoft.AwsConnector/macieAllowLists/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/write\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/delete\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/write\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/delete\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/write\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/delete\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/write\",\n \"Microsoft.AwsConnector/organizationsAccounts/delete\",\n \"Microsoft.AwsConnector/organizationsAccounts/write\",\n \"Microsoft.AwsConnector/organizationsOrganizations/delete\",\n \"Microsoft.AwsConnector/organizationsOrganizations/write\",\n \"Microsoft.AwsConnector/rdsDBClusters/delete\",\n \"Microsoft.AwsConnector/rdsDBClusters/write\",\n \"Microsoft.AwsConnector/rdsDBInstances/delete\",\n \"Microsoft.AwsConnector/rdsDBInstances/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/write\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/delete\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/write\",\n \"Microsoft.AwsConnector/rdsExportTasks/delete\",\n \"Microsoft.AwsConnector/rdsExportTasks/write\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/delete\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/write\",\n \"Microsoft.AwsConnector/redshiftClusters/delete\",\n \"Microsoft.AwsConnector/redshiftClusters/write\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/delete\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/write\",\n \"Microsoft.AwsConnector/route53HostedZones/delete\",\n \"Microsoft.AwsConnector/route53HostedZones/write\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/delete\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/write\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/delete\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/write\",\n \"Microsoft.AwsConnector/s3AccessPoints/delete\",\n \"Microsoft.AwsConnector/s3AccessPoints/write\",\n \"Microsoft.AwsConnector/s3BucketPolicies/delete\",\n \"Microsoft.AwsConnector/s3BucketPolicies/write\",\n \"Microsoft.AwsConnector/s3Buckets/delete\",\n \"Microsoft.AwsConnector/s3Buckets/write\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/delete\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/write\",\n \"Microsoft.AwsConnector/sageMakerApps/delete\",\n \"Microsoft.AwsConnector/sageMakerApps/write\",\n \"Microsoft.AwsConnector/sageMakerDevices/delete\",\n \"Microsoft.AwsConnector/sageMakerDevices/write\",\n \"Microsoft.AwsConnector/sageMakerImages/delete\",\n \"Microsoft.AwsConnector/sageMakerImages/write\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/delete\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/write\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/delete\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/write\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/delete\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/write\",\n \"Microsoft.AwsConnector/snsSubscriptions/delete\",\n \"Microsoft.AwsConnector/snsSubscriptions/write\",\n \"Microsoft.AwsConnector/snsTopics/delete\",\n \"Microsoft.AwsConnector/snsTopics/write\",\n \"Microsoft.AwsConnector/sqsQueues/delete\",\n \"Microsoft.AwsConnector/sqsQueues/write\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/delete\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/write\",\n \"Microsoft.AwsConnector/ssmParameters/delete\",\n \"Microsoft.AwsConnector/ssmParameters/write\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/delete\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/write\",\n \"Microsoft.AwsConnector/wafv2IPSets/delete\",\n \"Microsoft.AwsConnector/wafv2IPSets/write\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/delete\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/write\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/delete\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/write\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/delete\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/98c206fe-ea1b-4578-93f8-83a99a5628fc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"98c206fe-ea1b-4578-93f8-83a99a5628fc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB MI Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin-level access for managed identities on files/directories in Azure file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a235d3ee-5935-4cfb-8cc5-a3303ad5995e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Common Edge Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Common Edge Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/connectivityStatuses/delete\",\n \"Microsoft.Edge/connectivityStatuses/write\",\n \"Microsoft.Edge/locations/operationStatuses/write\",\n \"Microsoft.Edge/updates/delete\",\n \"Microsoft.Edge/updates/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b256d512-9a3a-4a96-9366-9f54f900e58b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b256d512-9a3a-4a96-9366-9f54f900e58b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Upload and analyze firmware images but not perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/register/action\",\n \"Microsoft.IoTFirmwareDefense/unregister/action\",\n \"Microsoft.IoTFirmwareDefense/workspaces/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53b2724d-1e51-44fa-b586-bcace0c82609\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53b2724d-1e51-44fa-b586-bcace0c82609\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Standard User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to interact with the SRE Agent to triage incidents and run diagnostics.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\",\n \"Microsoft.App/agents/threads/write\",\n \"Microsoft.App/agents/graph/write\",\n \"Microsoft.App/agents/memory/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8379721Z\",\n \"updatedOn\": \"2025-09-16T15:14:52.3167343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d84a65a-63b2-4343-bbb6-31105d857bc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d84a65a-63b2-4343-bbb6-31105d857bc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full control of the agent—manage chats, incident response plans, and agent run modes; approve and execute commands.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/*/read\",\n \"Microsoft.App/agents/*/write\",\n \"Microsoft.App/agents/*/delete\",\n \"Microsoft.App/agents/threads/approve/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8389733Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e79298df-d852-4c6d-84f9-5d13249d1e55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e79298df-d852-4c6d-84f9-5d13249d1e55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Kubernetes Fleet Manager as well as the Kubernetes config file to connect to the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/listCredentials/action\",\n \"Microsoft.ContainerService/fleets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"updatedOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/850c5848-fc51-4a9a-8823-f220370626e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"850c5848-fc51-4a9a-8823-f220370626e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Data Reader can query and search the logs it is allowed to view over Log Analytics workspaces and tables\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"updatedOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b03c2da-16b3-4a49-8834-0f8130efdd3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b03c2da-16b3-4a49-8834-0f8130efdd3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dynamics 365 Customer Insights Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables Diagnostic Logging setup for Customer Insights instances.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.D365CustomerInsights/instances/write\",\n \"Microsoft.D365CustomerInsights/instances/providers/Microsoft.Insights/diagnosticSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"updatedOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Blob Data Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions - Storage Task to list & perform operations on the Storage Account blobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/runAsSuperUser/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/immutableStorage/runAsSuperUser/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4bad4d9e-2a13-4888-94bb-c8432f6f3040\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4bad4d9e-2a13-4888-94bb-c8432f6f3040\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Task Assignment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions assigner to create a Task Assignment on their target Storage Account, with RBAC privileges for Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/reports/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/write\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/delete\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/reports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040}))\"\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77789c21-1643-48a2-8f27-47f858540b51\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77789c21-1643-48a2-8f27-47f858540b51\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Native Dynatrace Agent Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage Dynatrace Agent on compute resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/55077723-1b30-4603-a70b-68de134cfa20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"55077723-1b30-4603-a70b-68de134cfa20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions author to create, read, update, and delete Storage Actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StorageActions/storageTasks/read\",\n \"Microsoft.StorageActions/storageTasks/write\",\n \"Microsoft.StorageActions/storageTasks/delete\",\n \"Microsoft.StorageActions/storageTasks/storageTaskAssignments/read\",\n \"Microsoft.StorageActions/storageTasks/reports/read\",\n \"Microsoft.StorageActions/locations/previewActions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Essential Machine Management Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can managed Essential Machine Management resources for subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/dataCollectionRules/read\",\n \"Microsoft.Insights/dataCollectionRules/write\",\n \"Microsoft.Monitor/accounts/write\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.ManagedOps/managedOps/read\",\n \"Microsoft.ManagedOps/managedOps/write\",\n \"Microsoft.ManagedOps/managedOps/delete\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationsManagement/solutions/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/metricAlerts/write\",\n \"Microsoft.Insights/metricAlerts/read\",\n \"Microsoft.Security/pricings/write\",\n \"Microsoft.Security/pricings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"updatedOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34013b0a-565b-43aa-8755-1b7c286f6cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34013b0a-565b-43aa-8755-1b7c286f6cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/da9adf61-39cd-41d5-87a0-30b21f7270d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"da9adf61-39cd-41d5-87a0-30b21f7270d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numsub/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numpat/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/publish/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56e95fdc-3337-468d-b964-30d07f2a2018\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56e95fdc-3337-468d-b964-30d07f2a2018\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tenant Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Entra ID Tenants.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [],\n \"createdOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"updatedOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a7c2fa1-6f28-41a4-86b8-e74937c63222\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a7c2fa1-6f28-41a4-86b8-e74937c63222\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin access equivalent to storage account key for end users over SMB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-30T15:23:51.084353Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Supercomputer Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Supercomputer Infrastructure resources, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SupercomputerInfrastructure/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"updatedOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68899692-f960-4247-af28-82f55b357997\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68899692-f960-4247-af28-82f55b357997\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions?api-version=2022-05-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZURlZmluaXRpb25zP2FwaS12ZXJzaW9uPTIwMjItMDUtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "79788081-98b6-43a5-bb33-c1083a5d354f" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "b423b684-b0fd-4321-85e2-dc748dfe7868" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/04dc3b26-ccc9-4545-97ab-bdeefdf97253" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "d7b92187-28cb-4ad4-8747-0c0c2ab038d8" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101953Z:d7b92187-28cb-4ad4-8747-0c0c2ab038d8" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: 3A968CFDD9F14920A5992C04292E46FE Ref B: DUB241062307029 Ref C: 2025-10-04T10:19:53Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:52 GMT" + ], + "Content-Length": [ + "993823" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleName\": \"AcrPush\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr push\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-29T17:52:32.5201177Z\",\n \"updatedOn\": \"2021-11-11T20:13:07.4993029Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8311e382-0749-4cb8-b61a-304f252e45ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service and the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8650193Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.3179618Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"312a565d-c81f-4fd8-895a-4e21e48d571c\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrPull\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr pull\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-22T19:01:56.8227182Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.8779328Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f951dda-4ed3-4680-a7ca-43fe172d538d\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrImageSigner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Planned DEPRECATION on March 31, 2028. Grant the signing permission for content trust. As content trust is being deprecated and will be completely removed on March 31, 2028, this role will also be removed. Refer to https://aka.ms/acr/dctdeprecation for details and transition guidance.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/sign/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/trustedCollections/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-15T23:23:08.4038322Z\",\n \"updatedOn\": \"2025-10-03T10:06:29.6549664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cef56e8-d556-48e5-a04f-b8e64114680f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cef56e8-d556-48e5-a04f-b8e64114680f\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrDelete\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr delete\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-11T20:19:31.6682804Z\",\n \"updatedOn\": \"2021-11-11T20:13:09.9631744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2f4ef07-c644-48eb-af81-4b1b4947fb11\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:27:39.9596835Z\",\n \"updatedOn\": \"2021-11-11T20:13:10.3188052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cdda3590-29a3-44f6-95f2-9f980659eb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cdda3590-29a3-44f6-95f2-9f980659eb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineWriter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data writer\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\",\n \"Microsoft.ContainerRegistry/registries/quarantine/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\",\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:26:37.587182Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.3488079Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d4ff99-41c3-41a8-9f60-21dfdad59608\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service but not the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/backup/action\",\n \"Microsoft.ApiManagement/service/delete\",\n \"Microsoft.ApiManagement/service/managedeployments/action\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/restore/action\",\n \"Microsoft.ApiManagement/service/updatecertificate/action\",\n \"Microsoft.ApiManagement/service/updatehostname/action\",\n \"Microsoft.ApiManagement/service/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:03:42.1194019Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.5244023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e022efe7-f5ba-4159-bbe4-b44f577e9b61\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to service and APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:26:45.1540473Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.8704466Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"71522526-b88f-4d52-b57f-d31fc3546d0d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Component Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Application Insights components\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:12.6428401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae349356-3a1b-4a5e-921d-050484c6347e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae349356-3a1b-4a5e-921d-050484c6347e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Snapshot Debugger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives user permission to use Application Insights Snapshot Debugger features\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T21:25:12.3728747Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.0034435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08954f03-6346-4c2e-81c0-ec3a5cfae23b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08954f03-6346-4c2e-81c0-ec3a5cfae23b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read the attestation provider properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-25T19:42:59.157671Z\",\n \"updatedOn\": \"2024-07-11T17:43:35.9489411Z\",\n \"createdBy\": null,\n \"updatedBy\": \"SYSTEM\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd1bd22b-8476-40bc-a0bc-69b95687b9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd1bd22b-8476-40bc-a0bc-69b95687b9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Job Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Manage Jobs using Automation Runbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:52:41.0020018Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.706566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fe576fe-1146-4730-92eb-48519fa6bf9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fe576fe-1146-4730-92eb-48519fa6bf9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Runbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Runbook properties - to be able to create Jobs of the runbook.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:47:49.5640674Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.8815461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Automation Operators are able to start, stop, suspend, and resume jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/read\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/write\",\n \"Microsoft.Automation/automationAccounts/linkedWorkspace/read\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/schedules/read\",\n \"Microsoft.Automation/automationAccounts/schedules/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-08-18T01:05:03.391613Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.0515408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d3881f73-407a-4167-8283-e981cbba0404\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d3881f73-407a-4167-8283-e981cbba0404\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create and manage an Avere vFXT cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/proximityPlacementGroups/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/disks/*\",\n \"Microsoft.Network/*/read\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/*/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:00:58.9207889Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.2265665Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f8fab4f-1852-4a58-a46a-8eaf358af14a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f8fab4f-1852-4a58-a46a-8eaf358af14a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Avere vFXT cluster to manage the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:02:38.3399857Z\",\n \"updatedOn\": \"2021-11-11T20:13:15.1065886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action\",\n \"Microsoft.ContainerService/managedClusters/accessProfiles/listCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/runcommand/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T21:38:18.5953853Z\",\n \"updatedOn\": \"2022-05-17T01:51:12.0390652Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T22:04:53.4037241Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.4351976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4abbcc35-e782-43d8-92c5-2d3f1bd2253f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4abbcc35-e782-43d8-92c5-2d3f1bd2253f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-05T19:47:03.472307Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.9582685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Registration Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Stack registrations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStack/edgeSubscriptions/read\",\n \"Microsoft.AzureStack/registrations/products/*/action\",\n \"Microsoft.AzureStack/registrations/products/read\",\n \"Microsoft.AzureStack/registrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-11-13T23:42:06.2161827Z\",\n \"updatedOn\": \"2021-11-11T20:13:23.295782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f12a6df-dd06-4f3e-bcb1-ce8be600526a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f12a6df-dd06-4f3e-bcb1-ce8be600526a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backups, but can't delete vaults and give access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/*\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/Vaults/usages/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/vaults/operationStatus/read\",\n \"Microsoft.RecoveryServices/vaults/operationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/delete\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/write\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/write\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/locations/checkNameAvailability/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/SuspendBackups/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:12:15.7321344Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2904248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e467623-bb1f-42f4-a55d-6e525e11384b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e467623-bb1f-42f4-a55d-6e525e11384b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to billing data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Billing/*/read\",\n \"Microsoft.Commerce/*/read\",\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T02:13:38.9054151Z\",\n \"updatedOn\": \"2021-11-11T20:13:24.5342563Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view backup services, but can't make changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:18:41.3893065Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.9723749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a795c7a0-d4a2-40c1-ae25-d81f01202912\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a795c7a0-d4a2-40c1-ae25-d81f01202912\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blockchain Member Node Access (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Blockchain Member nodes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T10:33:01.9604839Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.055892Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31a002a1-acaf-453e-8a5b-297c9ca1ea24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31a002a1-acaf-453e-8a5b-297c9ca1ea24\"\n },\n {\n \"properties\": {\n \"roleName\": \"BizTalk Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage BizTalk services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BizTalkServices/BizTalk/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.2359269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e3c6656-6cfa-4708-81fe-0de47ac73342\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T08:06:49.788929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"426e0c7f-0c7e-4658-b36f-ff54d6c29b45\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-06T16:25:55.5514166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ec156ff8-a8d1-4d15-830c-5b80698ca432\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Cdn/profiles/CheckResourceUsage/action\",\n \"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f96442b-4075-438f-813d-ad51ab4019af\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicNetwork/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.4433301Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b34d265f-36f7-4a0d-a4d4-e158ca92e90f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic storage accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.6183566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86e8f5dc-a6e9-4c67-9d15-de283e8eac25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86e8f5dc-a6e9-4c67-9d15-de283e8eac25\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicStorage/storageAccounts/listkeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:22:52.14611Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.9796021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/985d6b00-f706-48f5-a6fe-d0ca12fb668d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"985d6b00-f706-48f5-a6fe-d0ca12fb668d\"\n },\n {\n \"properties\": {\n \"roleName\": \"ClearDB MySQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage ClearDB MySQL databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"successbricks.cleardb/databases/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.1646373Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9106cda0-8a86-4e81-b686-29a22c54effe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9106cda0-8a86-4e81-b686-29a22c54effe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/domainNames/*\",\n \"Microsoft.ClassicCompute/virtualMachines/*\",\n \"Microsoft.ClassicNetwork/networkSecurityGroups/join/action\",\n \"Microsoft.ClassicNetwork/reservedIps/link/action\",\n \"Microsoft.ClassicNetwork/reservedIps/read\",\n \"Microsoft.ClassicNetwork/virtualNetworks/join/action\",\n \"Microsoft.ClassicNetwork/virtualNetworks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/disks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/images/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-04-25T00:37:56.5416086Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.3446332Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d73bb868-a0df-4d4d-bd69-98a00b01fccb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d73bb868-a0df-4d4d-bd69-98a00b01fccb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and list keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:23:43.7701274Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.5316443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a97b65f3-24c7-4388-baec-2e87135dc908\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read Cognitive Services data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-13T20:02:12.6849986Z\",\n \"updatedOn\": \"2024-10-10T18:41:31.3351912Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b59867f0-fa02-499b-be73-45a86b5b3e1c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create, read, update, delete and manage keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:18:39.2257848Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.911623Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosBackupOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can submit restore request for a Cosmos DB database or a container for an account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/databaseAccounts/backup/action\",\n \"Microsoft.DocumentDB/databaseAccounts/restore/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-07T19:47:14.965156Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.4333692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7b14f2-5adf-42da-9f96-f2ee17bab5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7b14f2-5adf-42da-9f96-f2ee17bab5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [\n \"Microsoft.Authorization/*/Delete\",\n \"Microsoft.Authorization/*/Write\",\n \"Microsoft.Authorization/elevateAccess/Action\",\n \"Microsoft.Blueprint/blueprintAssignments/write\",\n \"Microsoft.Blueprint/blueprintAssignments/delete\",\n \"Microsoft.Compute/galleries/share/action\",\n \"Microsoft.Purview/consents/write\",\n \"Microsoft.Purview/consents/delete\",\n \"Microsoft.Resources/deploymentStacks/manageDenySetting/action\",\n \"Microsoft.Subscription/cancel/action\",\n \"Microsoft.Subscription/enable/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2024-11-19T20:03:30.321264Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b24988ac-6180-42a0-ab88-20f7382dd24c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Account Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read Azure Cosmos DB Accounts data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDB/*/read\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlykeys/action\",\n \"Microsoft.Insights/MetricDefinitions/read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-10-30T17:53:54.6005577Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.7911765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbdf93bf-df7d-467e-a4d2-9458aa1360c8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbdf93bf-df7d-467e-a4d2-9458aa1360c8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view costs and manage cost configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*\",\n \"Microsoft.CostManagement/*\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.4851851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434105ed-43f6-45c7-a02f-909b2ba83430\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434105ed-43f6-45c7-a02f-909b2ba83430\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view cost data and configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.66018Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/72fafb9e-0641-4937-9268-a91bfd8191a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"72fafb9e-0641-4937-9268-a91bfd8191a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage everything under Data Box Service except giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Databox/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:28:42.714021Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.3737856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/add466c9-e687-43fc-8d98-dfcf8d720be5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"add466c9-e687-43fc-8d98-dfcf8d720be5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Data Box Service except creating order or editing order details and giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Databox/*/read\",\n \"Microsoft.Databox/jobs/listsecrets/action\",\n \"Microsoft.Databox/jobs/listcredentials/action\",\n \"Microsoft.Databox/locations/availableSkus/action\",\n \"Microsoft.Databox/locations/validateInputs/action\",\n \"Microsoft.Databox/locations/regionConfiguration/action\",\n \"Microsoft.Databox/locations/validateAddress/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:26:21.9284772Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.5546117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Factory Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage data factories, as well as child resources within them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DataFactory/dataFactories/*\",\n \"Microsoft.DataFactory/factories/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.EventGrid/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.7420174Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"673868aa-7521-48a0-acc6-0f60742d39f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Purger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can purge analytics data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Insights/components/purge/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/purge/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-04-30T22:39:49.61677Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.2788395Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"150f5e0c-0603-4f03-8c7f-cf70034c4e90\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Lake Analytics Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BigAnalytics/accounts/*\",\n \"Microsoft.DataLakeAnalytics/accounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.BigAnalytics/accounts/Delete\",\n \"Microsoft.BigAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.BigAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.DataLakeAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-20T00:33:29.3115234Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.4688491Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47b7735b-770e-4598-a7da-8b91488b4c88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47b7735b-770e-4598-a7da-8b91488b4c88\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevTest Labs User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.DevTestLab/*/read\",\n \"Microsoft.DevTestLab/labs/claimAnyVm/action\",\n \"Microsoft.DevTestLab/labs/createEnvironment/action\",\n \"Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action\",\n \"Microsoft.DevTestLab/labs/formulas/delete\",\n \"Microsoft.DevTestLab/labs/formulas/read\",\n \"Microsoft.DevTestLab/labs/formulas/write\",\n \"Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/claim/action\",\n \"Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkInterfaces/*/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/publicIPAddresses/*/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/virtualMachines/vmSizes/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-08T21:52:45.0657582Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.1746507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76283e04-6283-4c54-8f91-bcf1374a3c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76283e04-6283-4c54-8f91-bcf1374a3c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"DocumentDB Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DocumentDB accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.3496502Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bd9cd88-fe45-4216-938b-f97437e15450\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bd9cd88-fe45-4216-938b-f97437e15450\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/dnsZones/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.5233957Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"befefa01-2a29-4197-83a8-272ff33ce314\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid event subscription operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/*\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-08T23:27:28.3130743Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.4166738Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"428e0ff0-5e57-4d9c-a221-2c70d0e0a443\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read EventGrid event subscriptions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-09T17:29:28.1417894Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.7846748Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2414bbcf-6497-4faf-8c65-045460748405\"\n },\n {\n \"properties\": {\n \"roleName\": \"Graph Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage all aspects of the Enterprise Graph - Ontology, Schema mapping, Conflation and Conversational AI and Ingestions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/delete\",\n \"Microsoft.EnterpriseKnowledgeGraph/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:07:22.5844236Z\",\n \"updatedOn\": \"2021-11-11T20:13:34.6707886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b60367af-1334-4454-b71e-769d9a4f83d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b60367af-1334-4454-b71e-769d9a4f83d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AAD/*/read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.AAD/domainServices/oucontainer/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-12T22:42:51.7451109Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.3921342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d8d5a11-05d3-4bda-a417-a08778121c7c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Intelligent Systems Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Intelligent Systems accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.IntelligentSystems/accounts/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.9371582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"03a6d094-3444-4b3d-88af-7477090a9e5e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage key vaults, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/hsmPools/*\",\n \"Microsoft.KeyVault/managedHsms/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-02-25T17:08:28.5184971Z\",\n \"updatedOn\": \"2021-11-11T20:13:36.1170988Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f25e0fa2-a7c8-4377-a976-54943a77a395\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f25e0fa2-a7c8-4377-a976-54943a77a395\"\n },\n {\n \"properties\": {\n \"roleName\": \"Knowledge Consumer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Knowledge Read permission to consume Enterprise Graph Knowledge using entity search and graph query\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:23:31.4037552Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.0021342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ee361c5d-f7b5-4119-b4b6-892157c8f64c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ee361c5d-f7b5-4119-b4b6-892157c8f64c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Creator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create new labs under your Azure Lab Accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.LabServices/labAccounts/*/read\",\n \"Microsoft.LabServices/labAccounts/createLab/action\",\n \"Microsoft.LabServices/labAccounts/getPricingAndAvailability/action\",\n \"Microsoft.LabServices/labAccounts/getRestrictionsAndUsage/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-01-18T23:38:58.1036141Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.1821588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-02T00:20:28.1449012Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c42c96-874c-492b-b04d-ab87d138a893\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/extensions/*\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.Compute/virtualMachines/extensions/*\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/*\",\n \"Microsoft.OperationsManagement/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T21:51:45.3174711Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92aaf0da-9dab-42b6-94a3-d43ce8d16293\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, enable and disable logic app.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*/read\",\n \"Microsoft.Insights/metricAlerts/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.Insights/metricDefinitions/*/read\",\n \"Microsoft.Logic/*/read\",\n \"Microsoft.Logic/workflows/disable/action\",\n \"Microsoft.Logic/workflows/enable/action\",\n \"Microsoft.Logic/workflows/validate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*/read\",\n \"Microsoft.Web/connections/*/read\",\n \"Microsoft.Web/customApis/*/read\",\n \"Microsoft.Web/serverFarms/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.0573444Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage logic app, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logdefinitions/*\",\n \"Microsoft.Insights/metricDefinitions/*\",\n \"Microsoft.Logic/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/functions/listSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.2523833Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"87a39d53-fc1b-424a-814c-f7e04687dc9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and perform actions on Managed Application resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/read\",\n \"Microsoft.Solutions/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T00:59:33.7988813Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.5973763Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7393b34-138c-406f-901b-d8cf2b17e6ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7393b34-138c-406f-901b-d8cf2b17e6ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Publisher Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the publisher to read resources in the managed resource group for Managed Application and request JIT access for additional operations. This role is only used by the Managed Application service to provide access to publishers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Solutions/jitRequests/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-06T00:33:58.3651522Z\",\n \"updatedOn\": \"2025-05-01T17:14:44.1844267Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9331d33-8a36-4f8c-b097-4f54124fdb44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9331d33-8a36-4f8c-b097-4f54124fdb44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and Assign User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/assign/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:52:04.3924594Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.9523759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1a07417-d97a-45cb-824c-7a7467783830\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1a07417-d97a-45cb-824c-7a7467783830\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/revokeTokens/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:53:42.8804692Z\",\n \"updatedOn\": \"2024-03-29T00:22:59.7937695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/delete\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/delete\",\n \"Microsoft.Management/managementGroups/subscriptions/write\",\n \"Microsoft.Management/managementGroups/write\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:28:29.0523964Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:31:03.4295347Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ac63b705-f282-497d-ac71-919bf39d939d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ac63b705-f282-497d-ac71-919bf39d939d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:19:52.4939376Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/43d0d8ad-25c7-4714-9337-8ba259a9fe05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"43d0d8ad-25c7-4714-9337-8ba259a9fe05\"\n },\n {\n \"properties\": {\n \"roleName\": \"Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:44.6328966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d97b98b-1d4f-4787-a291-c67834d212e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"New Relic APM Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"NewRelic.APM/accounts/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.7178576Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d28c62d-5b37-4476-8438-e587778df237\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d28c62d-5b37-4476-8438-e587778df237\"\n },\n {\n \"properties\": {\n \"roleName\": \"Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.8978856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e3af657-a8ff-443c-a75c-2fe8c4bcb635\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:47.8628684Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"acdd72a7-3385-48ef-bd42-f606fba81ae7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Redis Cache Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Redis caches, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cache/register/action\",\n \"Microsoft.Cache/redis/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.0528671Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e0f68234-74aa-48ed-b826-c38b57376e17\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader and Data Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/ListAccountSas/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-27T23:20:46.1498906Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.2278951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c12c1c16-33a1-487b-954d-41c89c60f349\"\n },\n {\n \"properties\": {\n \"roleName\": \"Resource Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/policyassignments/*\",\n \"Microsoft.Authorization/policydefinitions/*\",\n \"Microsoft.Authorization/policyexemptions/*\",\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/policysetdefinitions/*\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-08-25T19:08:01.3861639Z\",\n \"updatedOn\": \"2025-03-25T15:25:05.1731507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36243c78-bf99-498c-9df9-86d9f8d28608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36243c78-bf99-498c-9df9-86d9f8d28608\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduler Job Collections Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Scheduler job collections, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Scheduler/jobcollections/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:49.8429293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"188a0f2f-5c9e-469b-ae67-2aa5ce574b94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Search services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Search/searchServices/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.0229309Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ca78c08-252a-4471-8644-bb5ff32d4ba0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Manager (Legacy)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is a legacy role. Please use Security Administrator instead\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/*/write\",\n \"Microsoft.ClassicNetwork/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-22T17:45:15.8986455Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.5729549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e3d13bf0-dd5a-482e-ba6b-9b8433878d10\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e3d13bf0-dd5a-482e-ba6b-9b8433878d10\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*/read\",\n \"Microsoft.IoTSecurity/*/read\",\n \"Microsoft.Support/*/read\",\n \"Microsoft.Security/iotDefenderSettings/packageDownloads/action\",\n \"Microsoft.Security/iotDefenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Security/iotSensors/downloadResetPassword/action\",\n \"Microsoft.IoTSecurity/defenderSettings/packageDownloads/action\",\n \"Microsoft.IoTSecurity/defenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Management/managementGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:48:49.0516559Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.7479015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39bc4728-0917-49c7-9d2c-d95423bc2eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39bc4728-0917-49c7-9d2c-d95423bc2eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, but not delete them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:41.1420864Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.28294Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Site Recovery service except vault creation and role assignment\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/*\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/*\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/*\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/*\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/*\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/*\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/vaults/replicationOperationStatus/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:46:17.4592776Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.4579503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6670b86e-a3f7-4917-ac9b-5d6ab1be4567\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6670b86e-a3f7-4917-ac9b-5d6ab1be4567\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you failover and failback but not perform other Site Recovery management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:47:50.1341148Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.6263418Z\",\n \"createdBy\": null,\n \"updatedBy\": \"\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494ae006-db33-4328-bf46-533a6560a3ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494ae006-db33-4328-bf46-533a6560a3ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you locate and read properties of spatial anchors in your account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:42.9271004Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.8013467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d51204f-eb77-4b1c-b86a-2ec626c49413\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d51204f-eb77-4b1c-b86a-2ec626c49413\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Site Recovery status but not perform other management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/read\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:35:40.0093634Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.9763366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dbaa88c4-0c30-4179-9fb3-46319faa6149\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dbaa88c4-0c30-4179-9fb3-46319faa6149\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/delete\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:43.5489832Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.166325Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/70bbe301-9835-447d-afdd-19eb3167307c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"70bbe301-9835-447d-afdd-19eb3167307c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Managed Instance Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/*\",\n \"Microsoft.Network/routeTables/*\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/locations/instanceFailoverGroups/*\",\n \"Microsoft.Sql/managedInstances/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/*\",\n \"Microsoft.Network/virtualNetworks/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-10T22:57:14.2937983Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.3513507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/databases/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/write\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/action\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.5363219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Security Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the security-related policies of SQL servers and databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/administratorAzureAsyncOperation/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/read\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/write\",\n \"Microsoft.Sql/locations/serverConfigurationOptionAzureAsyncOperation/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/read\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/servers/databases/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/firewallRules/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/*\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*\",\n \"Microsoft.Security/sqlVulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/administrators/read\",\n \"Microsoft.Sql/servers/administrators/read\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/*\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsAzureAsyncOperation/read\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsOperationResults/read\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-16T18:44:40.4607572Z\",\n \"updatedOn\": \"2025-10-01T18:55:10.630521Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"056cd41c-7e88-42e1-933e-88ba6a50c9c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.2363539Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"17d1049b-9a84-46fb-8f53-869881c3d3ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/write\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/delete\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-04-28T23:10:45.2206234Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:26:11.577057Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.7697481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81a9662b-bebf-436f-a333-f67b29880f12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81a9662b-bebf-436f-a333-f67b29880f12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.9397456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba92f5b4-2d11-453d-a403-e96b0029c9fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-04T07:02:58.2775257Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.1225062Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7e6dc6d-f1e8-4753-8033-0f276bb0955b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.2975076Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.4725469Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/974c5e8b-45b9-4653-ba55-5f855dd0fb88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"974c5e8b-45b9-4653-ba55-5f855dd0fb88\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Processor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for peek, receive, and delete access to Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:27:04.8947111Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.6575408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a0f0c08-91a1-4084-bc3d-661d67233fed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a0f0c08-91a1-4084-bc3d-661d67233fed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for sending of Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:28:34.7459724Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.8325508Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.0178497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19e7f393-937e-4f77-808e-94535e297925\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19e7f393-937e-4f77-808e-94535e297925\"\n },\n {\n \"properties\": {\n \"roleName\": \"Support Request Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create and manage Support requests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-06-22T22:25:37.8053068Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.7444481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Traffic Manager Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Traffic Manager profiles, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/trafficManagerProfiles/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.2744497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"User Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage user access to Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.7932023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/virtualMachineScaleSets/*\",\n \"Microsoft.Compute/cloudServices/*\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/hostgroups/write\",\n \"Microsoft.Compute/hostgroups/hosts/write\",\n \"Microsoft.DevTestLab/schedules/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/applicationGateways/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/loadBalancers/probes/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/locations/*\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/write\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SerialConsole/serialPorts/connect/action\",\n \"Microsoft.SqlVirtualMachine/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2025-02-06T01:34:42.8731411Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9980e02c-c2be-4d73-94e8-173b1dc7cf3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web Plan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the web plans for websites, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/hostingEnvironments/Join/Action\",\n \"Microsoft.Insights/autoscalesettings/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-09-05T15:10:54.6819807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Website Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage websites (not web plans), but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/listSitesAssignedToHostName/read\",\n \"Microsoft.Web/register/action\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-05-12T23:10:23.6193952Z\",\n \"updatedOn\": \"2024-08-05T15:09:29.7130534Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de139f84-1756-47ae-9be6-808fbbe84772\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:33:36.7445745Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.2005807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"090c5cfd-751d-490a-894a-3ce6f1109419\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:34:29.8656362Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.3721538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f526a384-b230-433a-b45c-95f59c4a2dec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read write or delete the attestation provider instance\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-19T00:24:09.3354177Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.7271218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and modify HDInsight cluster configurations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/*/read\",\n \"Microsoft.HDInsight/clusters/getGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/updateGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/configurations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-20T00:03:01.7110732Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.905218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61ed4efc-fab3-44fd-b111-e24485cc132a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [\n \"Microsoft.DocumentDB/databaseAccounts/copyJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/dataTransferJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/regenerateKey/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-26T17:01:17.0169383Z\",\n \"updatedOn\": \"2025-06-06T07:02:41.174245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/230815da-be43-4aae-9cb4-875f7bd000aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"230815da-be43-4aae-9cb4-875f7bd000aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete, and re-onboard Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T21:39:32.3132923Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.2548257Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48b40c6e-82e0-4eb3-90d5-19e40f49b624\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48b40c6e-82e0-4eb3-90d5-19e40f49b624\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard new Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T22:36:28.1873756Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.4308999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/consumergroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:25:21.1056666Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.3225169Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a638d3c7-ab3a-418d-83e6-5f17a39d4fde\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:26:12.4673714Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.4925583Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2b629674-e913-4c01-ae53-ef4638d8f975\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for receive access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:01.6343849Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.6629685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:46.7046934Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.8479199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure File Share over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:19:31.8620471Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.3642909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aba4ae5f-2193-4029-9191-0cb91df5e314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aba4ae5f-2193-4029-9191-0cb91df5e314\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:54:35.483431Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.5443323Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Private DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage private DNS zone resources, but not the virtual networks they are linked to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/privateDnsZones/*\",\n \"Microsoft.Network/privateDnsOperationResults/*\",\n \"Microsoft.Network/privateDnsOperationStatuses/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-10T19:31:15.5645518Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.7342851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b12aa53e-6015-4669-85d0-8515ebb3ae7f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key which can be used to sign SAS tokens\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-23T00:51:16.3376761Z\",\n \"updatedOn\": \"2021-11-11T20:14:05.4321714Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db58b8e5-c6ad-4a2a-8342-4190687cbf4a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db58b8e5-c6ad-4a2a-8342-4190687cbf4a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to use the applications in an application group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DesktopVirtualization/applicationGroups/useApplications/action\",\n \"Microsoft.DesktopVirtualization/appAttachPackages/useApplications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T00:29:03.8727621Z\",\n \"updatedOn\": \"2023-06-15T23:55:51.3849931Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Elevated Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T01:35:36.9935457Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.1571744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7264617-510b-434b-a828-9731dc254ea7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7264617-510b-434b-a828-9731dc254ea7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage blueprint definitions, but not assign them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprints/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:55:16.9683949Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.5171828Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41077137-e803-4205-871c-5a86e6a753b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41077137-e803-4205-871c-5a86e6a753b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can assign existing published blueprints, but cannot create new blueprints. NOTE: this only works if the assignment is done with a user-assigned managed identity.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprintAssignments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:56:48.7897875Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.6971401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/437d2ced-4a38-4302-8479-ed2bcb43d090\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"437d2ced-4a38-4302-8479-ed2bcb43d090\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:39:03.8725173Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ab8e14d6-4a74-4a29-9ba8-549422addade\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ab8e14d6-4a74-4a29-9ba8-549422addade\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Responder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:54:07.6467264Z\",\n \"updatedOn\": \"2024-04-03T15:49:45.0145489Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e150937-b8fe-4cfb-8069-0eaf05ecd056\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e150937-b8fe-4cfb-8069-0eaf05ecd056\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/templateSpecs/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:58:50.1132117Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d289c81-5878-46d4-8554-54e1e3d8b5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d289c81-5878-46d4-8554-54e1e3d8b5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Insights Data Writer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to resource policies and write access to resource component policy events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyassignments/read\",\n \"Microsoft.Authorization/policydefinitions/read\",\n \"Microsoft.Authorization/policyexemptions/read\",\n \"Microsoft.Authorization/policysetdefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.PolicyInsights/checkDataPolicyCompliance/action\",\n \"Microsoft.PolicyInsights/policyEvents/logDataEvents/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-19T19:35:20.9504127Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.4235132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66bb4e9e-b016-4a94-8249-4c0511c2be84\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66bb4e9e-b016-4a94-8249-4c0511c2be84\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR AccessKey Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read SignalR Service Access Keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*/read\",\n \"Microsoft.SignalRService/SignalR/listkeys/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:33:19.6236874Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.613486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04165923-9d83-45d5-8227-78b77b0a687e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04165923-9d83-45d5-8227-78b77b0a687e\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR/Web PubSub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete SignalR service resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:58:09.0009662Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.7884765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/write\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/delete\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.HybridCompute/machines/addExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:15:07.137287Z\",\n \"updatedOn\": \"2025-04-24T23:16:22.0803758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Services Registration assignment Delete Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedServices/registrationAssignments/read\",\n \"Microsoft.ManagedServices/registrationAssignments/delete\",\n \"Microsoft.ManagedServices/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T22:33:33.1183469Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.23364Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91c1777a-f3dc-4fae-b103-61d183457e46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91c1777a-f3dc-4fae-b103-61d183457e46\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\",\n \"Microsoft.AppConfiguration/configurationStores/*/write\",\n \"Microsoft.AppConfiguration/configurationStores/*/delete\",\n \"Microsoft.AppConfiguration/configurationStores/*/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/useSasAuth/action\"\n ]\n }\n ],\n \"createdOn\": \"2019-10-25T18:41:40.1185063Z\",\n \"updatedOn\": \"2024-10-25T19:38:13.5062377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-25T18:45:33.7975332Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.5885341Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"516239f1-63e1-4d78-a4de-a74fb236a071\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Cluster - Azure Arc Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role definition to authorize any user/service to create connectedClusters resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-11-18T17:00:02.2087147Z\",\n \"updatedOn\": \"2024-10-31T01:30:51.0732973Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34e09817-6cbe-4d01-b1a2-e0eac5743d41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34e09817-6cbe-4d01-b1a2-e0eac5743d41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-13T00:08:08.6679591Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.6454147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a22b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a22b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you read and test a KB only.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:26:12.3329439Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.8254033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"466ccd10-b268-4a11-b098-b4849f024126\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you create, edit, import and export a KB. You cannot publish or delete a KB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:27:30.6434556Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.9961559Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4cc2bf9-21be-47a1-bdf1-5c5804381025\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experimentadmin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-18T22:46:33.1116612Z\",\n \"updatedOn\": \"2021-11-11T20:14:15.1811577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a33b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a33b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:15:31.3450348Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.7621737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3df8b902-2a6f-47c7-8cc5-360e9b272a7e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3df8b902-2a6f-47c7-8cc5-360e9b272a7e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Client\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:32:52.7069824Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.9421512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d39065c4-c120-43c9-ab0a-63eed9795f0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d39065c4-c120-43c9-ab0a-63eed9795f0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating managed application resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/*\",\n \"Microsoft.Solutions/register/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-08T03:39:11.8933879Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.1271536Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/641177b8-a67a-45b9-a033-47bc880bb21e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"641177b8-a67a-45b9-a033-47bc880bb21e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Assessment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you push assessments to Security Center\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-13T08:23:47.7656161Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.3021974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/612c2aa1-cb24-443b-ac28-3ab7272de6f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"612c2aa1-cb24-443b-ac28-3ab7272de6f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tag Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage tags on entities, without providing access to the entities themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/tags/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-18T23:19:19.2977644Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.0172041Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a9ae827-6dc8-4573-8ac7-8239d42aa03f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows developers to create and update workflows, integration accounts and API connections in integration service environments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/read\",\n \"Microsoft.Logic/integrationServiceEnvironments/*/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:09:00.5627875Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.1871986Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage integration service environments, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:10:44.4008319Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.3622058Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a41e2c5b-bd99-4a07-88f4-9bf657a760b8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerService/locations/*\",\n \"Microsoft.ContainerService/managedClusters/*\",\n \"Microsoft.ContainerService/managedclustersnapshots/*\",\n \"Microsoft.ContainerService/snapshots/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/deploymentSafeguards/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-27T19:27:15.073997Z\",\n \"updatedOn\": \"2025-07-22T15:11:45.9409312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only role for Digital Twins data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/read\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/read\",\n \"Microsoft.DigitalTwins/eventroutes/read\",\n \"Microsoft.DigitalTwins/jobs/import/read\",\n \"Microsoft.DigitalTwins/jobs/imports/read\",\n \"Microsoft.DigitalTwins/jobs/deletions/read\",\n \"Microsoft.DigitalTwins/models/read\",\n \"Microsoft.DigitalTwins/query/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:48:14.7057381Z\",\n \"updatedOn\": \"2024-01-10T19:29:11.1291888Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d57506d4-4c8d-48b1-8587-93c323f6a5a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d57506d4-4c8d-48b1-8587-93c323f6a5a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access role for Digital Twins data-plane\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/*\",\n \"Microsoft.DigitalTwins/digitaltwins/commands/*\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/*\",\n \"Microsoft.DigitalTwins/eventroutes/*\",\n \"Microsoft.DigitalTwins/jobs/*\",\n \"Microsoft.DigitalTwins/models/*\",\n \"Microsoft.DigitalTwins/query/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:49:33.782193Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcd981a7-7f74-457b-83e1-cceb9e632ffe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hierarchy Settings Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to edit and delete Hierarchy Settings\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/settings/write\",\n \"Microsoft.Management/managementGroups/settings/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-13T23:55:11.0212387Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.0882347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/350f8d15-c687-4448-8ae1-157740a3936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"350f8d15-c687-4448-8ae1-157740a3936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal full access to FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/*\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-03-17T18:35:04.4949547Z\",\n \"updatedOn\": \"2023-08-18T22:59:42.5066274Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a1fc7df-4bf1-4951-a576-89034ee01acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and export FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:45:01.9764073Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.7992557Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3db33094-8700-4567-8da5-1501d4e7e843\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:49:04.8353499Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.9692275Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c8d0bbc-75d3-4935-991f-5f3c56d81508\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and write FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:55:35.2413335Z\",\n \"updatedOn\": \"2023-07-25T15:17:34.7618105Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f88fce4-5892-4214-ae73-ba5294559913\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-25T18:05:14.8375678Z\",\n \"updatedOn\": \"2021-11-11T20:14:24.504239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for Azure Object Understanding.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-04-22T19:15:09.0697923Z\",\n \"updatedOn\": \"2021-11-11T20:14:26.8743132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dd61c23-6743-42fe-a388-d8bdd41cb745\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dd61c23-6743-42fe-a388-d8bdd41cb745\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read, write, and delete access to map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\",\n \"Microsoft.Maps/accounts/*/write\",\n \"Microsoft.Maps/accounts/*/delete\",\n \"Microsoft.Maps/accounts/*/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-07T20:55:05.064541Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.3092598Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the ability to view, create, edit, or delete projects.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-08T23:47:07.0779345Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.8342655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Publish, unpublish or export models. Deployment can view the project but can’t update.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/classify/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/detect/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:31:05.952862Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.0142669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c4089e1-6d96-4d2f-b296-c1bc7137275f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can’t update anything other than training images and tags.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:33:20.8278896Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.1892871Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88424f51-ebe7-446f-bc41-7fa16989e96c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only actions in the project. Readers can’t create or update the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:34:18.5328818Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.3642707Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"93586559-c37d-4a6b-ba08-b9f0940c2d73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Trainer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can’t create or delete the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:35:13.8147804Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.5442713Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. Cannot manage key vault resources or manage role assignments. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:46.2349235Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.2542755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00482a5a-887f-4fb3-b363-3b7fe8e74483\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00482a5a-887f-4fb3-b363-3b7fe8e74483\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform cryptographic operations using keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/update/action\",\n \"Microsoft.KeyVault/vaults/keys/backup/action\",\n \"Microsoft.KeyVault/vaults/keys/encrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/decrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\",\n \"Microsoft.KeyVault/vaults/keys/sign/action\",\n \"Microsoft.KeyVault/vaults/keys/verify/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0699268Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.6042921Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12338af0-0e69-4776-bea7-57ae8d297424\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12338af0-0e69-4776-bea7-57ae8d297424\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the secrets of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.1449242Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.779347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b86a8fe4-44ce-4948-aee5-eccb2c155cd7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b86a8fe4-44ce-4948-aee5-eccb2c155cd7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read secret contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2049241Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.9542829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4633458b-17de-408a-b874-0445c86b69e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4633458b-17de-408a-b874-0445c86b69e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificates Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the certificates of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificatecas/*\",\n \"Microsoft.KeyVault/vaults/certificates/*\",\n \"Microsoft.KeyVault/vaults/certificatecontacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2499247Z\",\n \"updatedOn\": \"2023-06-09T18:51:51.8587772Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4417e6f-fecd-4de8-b567-7b0420556985\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4417e6f-fecd-4de8-b567-7b0420556985\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of key vaults and its certificates, keys, and secrets. Cannot read sensitive values such as secret contents or key material. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2949294Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.3043292Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21090545-7ca7-4776-b22c-e363652d74d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21090545-7ca7-4776-b22c-e363652d74d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Encryption User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-20T20:55:19.239847Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.8443056Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e147488a-f6f5-4113-8e2d-b22465e65bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e147488a-f6f5-4113-8e2d-b22465e65bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources in cluster/namespace, except secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/read\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/read\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/read\",\n \"Microsoft.Kubernetes/connectedClusters/pods/read\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/read\",\n \"Microsoft.Kubernetes/connectedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:51:12.8801199Z\",\n \"updatedOn\": \"2021-11-11T20:14:33.8193353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63f0a09d-1495-4db4-a681-037d84835eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63f0a09d-1495-4db4-a681-037d84835eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:53:50.6749823Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.0043462Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b999177-9696-4545-85c7-50de3797e5a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b999177-9696-4545-85c7-50de3797e5a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:55:30.9910462Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.1743694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8393591c-06b9-48a2-a542-1bd6b377f6a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8393591c-06b9-48a2-a542-1bd6b377f6a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:57:06.0391177Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.3593384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dffb1e0c-446f-4dde-a09f-99eb5cc68b96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dffb1e0c-446f-4dde-a09f-99eb5cc68b96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:47:24.4071415Z\",\n \"updatedOn\": \"2022-10-13T01:31:35.5535817Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.ContainerService/managedClusters/resourcequotas/write\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/delete\",\n \"Microsoft.ContainerService/managedClusters/namespaces/write\",\n \"Microsoft.ContainerService/managedClusters/namespaces/delete\"\n ]\n }\n ],\n \"createdOn\": \"2020-07-02T17:50:30.4020311Z\",\n \"updatedOn\": \"2023-05-09T19:55:25.9025082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3498e952-d568-435e-9b2c-8d77e338d7f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3498e952-d568-435e-9b2c-8d77e338d7f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/read\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/read\",\n \"Microsoft.ContainerService/managedClusters/configmaps/read\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/endpoints/read\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/managedClusters/pods/read\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/read\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/read\",\n \"Microsoft.ContainerService/managedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:53:05.5728294Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.286456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f6c6a51-bcf8-42ba-9220-52d62157d7db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f6c6a51-bcf8-42ba-9220-52d62157d7db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/*\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/*\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/read\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/write\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/delete\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/*\",\n \"Microsoft.ContainerService/managedClusters/configmaps/*\",\n \"Microsoft.ContainerService/managedClusters/endpoints/*\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/managedClusters/pods/*\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/*\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/secrets/*\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/*\",\n \"Microsoft.ContainerService/managedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:54:51.9644983Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.2854555Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Services Hub Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.ServicesHub/connectors/write\",\n \"Microsoft.ServicesHub/connectors/read\",\n \"Microsoft.ServicesHub/connectors/delete\",\n \"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action\",\n \"Microsoft.ServicesHub/supportOfferingEntitlement/read\",\n \"Microsoft.ServicesHub/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-20T17:57:22.0644902Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.5544021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"82200a5b-e217-47a5-b665-6d8765ee745b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object understanding account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-23T19:16:31.9929119Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.9070085Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18777c0-1514-4662-8490-608db7d334b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18777c0-1514-4662-8490-608db7d334b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/clientToken/action\",\n \"Microsoft.SignalRService/SignalR/hub/*\",\n \"Microsoft.SignalRService/SignalR/group/*\",\n \"Microsoft.SignalRService/SignalR/clientConnection/*\",\n \"Microsoft.SignalRService/SignalR/user/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T09:35:32.2764751Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd53cd77-2268-407a-8f46-7e7863d0f521\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd53cd77-2268-407a-8f46-7e7863d0f521\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage data packages of a collaborative.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/locations/dataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/receivedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/rejectDataPackage/action\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/sharedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/dataModels/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/auditLogs/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-14T11:58:31.8973556Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.2428145Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/daa9e50b-21df-454c-94a6-a8050adab352\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"daa9e50b-21df-454c-94a6-a8050adab352\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management and content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:40:19.237361Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.7922672Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management and content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:56:22.352051Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.9672678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/02ca0879-e8e4-47a5-a61e-5c618b76e64a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"02ca0879-e8e4-47a5-a61e-5c618b76e64a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:58:18.42555Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.1433368Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0378884a-3af5-44ab-8323-f5b22f9f3c98\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0378884a-3af5-44ab-8323-f5b22f9f3c98\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:02:43.3299181Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.6754856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the system level configuration.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-10T07:46:47.5804491Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.6930781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cb43c632-a144-4ec5-977c-e80c4affc34a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-10T07:47:59.6195639Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.8780761Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b20f47b-3825-43cb-8114-4bd2201156a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and list Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:31:38.027274Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:48:26.6032931Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5dffeca3-4936-4216-b2bc-10343a5abb25\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/list/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/search/action\",\n \"Microsoft.AgFoodPlatform/*/download/action\",\n \"Microsoft.AgFoodPlatform/*/overlap/action\",\n \"Microsoft.AgFoodPlatform/*/checkConsent/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:08.913882Z\",\n \"updatedOn\": \"2022-12-13T16:08:52.9655626Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/write\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/farmers/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.7239169Z\",\n \"updatedOn\": \"2023-12-01T07:52:03.4961232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8508508a-4469-4e45-963b-2518ee0bb728\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides admin access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.8039209Z\",\n \"updatedOn\": \"2021-11-11T20:14:45.3613128Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f8da80de-1ff9-4747-ad80-a19b7f6079e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed HSM contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage managed HSM pools, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/managedHSMs/*\",\n \"Microsoft.KeyVault/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/purge/action\",\n \"Microsoft.KeyVault/locations/managedHsmOperationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-16T21:47:01.1291104Z\",\n \"updatedOn\": \"2022-03-08T00:35:44.4196909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18500a29-7fe2-46b2-a342-b16a415e101d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-01T08:55:21.3980274Z\",\n \"updatedOn\": \"2021-11-11T20:14:47.547135Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b555d9b-b4a7-4f43-b330-627f0e5be8f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b555d9b-b4a7-4f43-b330-627f0e5be8f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/group/read\",\n \"Microsoft.SignalRService/SignalR/clientConnection/read\",\n \"Microsoft.SignalRService/SignalR/user/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:19:05.6463616Z\",\n \"updatedOn\": \"2021-11-11T20:14:48.790297Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddde6b66-c0df-4114-a159-3618637b3035\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddde6b66-c0df-4114-a159-3618637b3035\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:20:32.150141Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e4f1700-ea5a-4f59-8f37-079cfe29dce3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e4f1700-ea5a-4f59-8f37-079cfe29dce3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reservation Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase reservations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Compute/register/action\",\n \"Microsoft.Consumption/register/action\",\n \"Microsoft.Consumption/reservationRecommendationDetails/read\",\n \"Microsoft.Consumption/reservationRecommendations/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SQL/register/action\",\n \"Microsoft.Support/supporttickets/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-23T20:22:48.9217751Z\",\n \"updatedOn\": \"2022-04-14T02:20:54.5414624Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7b75c60-3036-4b75-91c3-6b41c27c1689\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7b75c60-3036-4b75-91c3-6b41c27c1689\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Metrics Writer (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you write metrics to AzureML workspace\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/metrics/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-27T16:55:19.566495Z\",\n \"updatedOn\": \"2021-11-11T20:14:49.8655015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"635dd51f-9968-44d3-b7fb-6d9a6bd613ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform backup and restore operations using Azure Backup on the storage account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/operations/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/delete\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/write\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/restorePointMarkers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/restoreBlobRanges/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-02T23:32:50.4203469Z\",\n \"updatedOn\": \"2022-04-20T05:50:13.0184092Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Metric Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creation, writes and reads to the metric set via the metrics service APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-10T20:07:53.7535885Z\",\n \"updatedOn\": \"2021-11-11T20:14:50.9524177Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6188b7c9-7d01-4f99-a59f-c88b630326c0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6188b7c9-7d01-4f99-a59f-c88b630326c0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Curator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\",\n \"Microsoft.ProjectBabylon/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:31:33.7988825Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.4929515Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9ef4ef9c-a049-46b0-82ab-dd8ac094c889\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9ef4ef9c-a049-46b0-82ab-dd8ac094c889\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:33:13.5342351Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.6729667Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d896ba-346d-4f50-bc1d-7d1c84130446\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d896ba-346d-4f50-bc1d-7d1c84130446\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Source Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/scan/read\",\n \"Microsoft.ProjectBabylon/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:34:01.8401954Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.8529643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05b7651b-dc44-475e-b74d-df3db49fae0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05b7651b-dc44-475e-b74d-df3db49fae0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-03T23:26:00.2784962Z\",\n \"updatedOn\": \"2021-11-11T20:14:52.9432015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca6382a4-1721-4bcf-a114-ff0c70227b6b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca6382a4-1721-4bcf-a114-ff0c70227b6b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:36:19.0140629Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.0407838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49a72310-ab8d-41df-bbb0-79b649203868\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49a72310-ab8d-41df-bbb0-79b649203868\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:37:16.2910337Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.2107872Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/082f0a83-3be5-4ba1-904c-961cca79b387\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"082f0a83-3be5-4ba1-904c-961cca79b387\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/*\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:38:29.6089216Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.3907854Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21efdde3-836f-432b-bf3d-3e8e734d4b2b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21efdde3-836f-432b-bf3d-3e8e734d4b2b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User Session Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization User Session.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:16.9100273Z\",\n \"updatedOn\": \"2024-10-31T14:20:50.9460757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Session Host Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization Session Host.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:53.2569741Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.7508042Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ad6aaab-ead9-4eaa-8ac5-da422f562408\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ad6aaab-ead9-4eaa-8ac5-da422f562408\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:33.1430834Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.9257967Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ceadfde2-b300-400a-ab7b-6143895aa822\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ceadfde2-b300-400a-ab7b-6143895aa822\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:57.2976187Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.1057701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e307426c-f9b6-4e81-87de-d99efb3c32bc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e307426c-f9b6-4e81-87de-d99efb3c32bc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:18.0287398Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.2858006Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:38.6205531Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.4677136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86240b0e-9422-4c43-887b-b61143f32ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86240b0e-9422-4c43-887b-b61143f32ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:58.1892707Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.6577168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T07:39:03.8394514Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.0178737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk restore.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:31.8481619Z\",\n \"updatedOn\": \"2025-08-21T09:27:36.8531131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b50d9833-a0cb-478e-945f-707fcc997c13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b50d9833-a0cb-478e-945f-707fcc997c13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to manage disk snapshots.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:51.4471411Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.9158814Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7efff54f-a5b4-42b5-a1c5-5411624893ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7efff54f-a5b4-42b5-a1c5-5411624893ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Kubernetes connected cluster role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Kubernetes connected cluster role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.Kubernetes/connectedClusters/write\",\n \"Microsoft.Kubernetes/connectedClusters/delete\",\n \"Microsoft.Kubernetes/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-07T23:57:10.9923232Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.2039838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5548b2cf-c94c-4228-90ba-30851930a12f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5548b2cf-c94c-4228-90ba-30851930a12f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submission Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create and manage submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/adminview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/analystview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/publicview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T09:35:36.5739297Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.3939604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a37b566d-3efa-4beb-a2f2-698963fa42ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a37b566d-3efa-4beb-a2f2-698963fa42ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/platforms/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/write\",\n \"Microsoft.SecurityDetonation/chambers/platforms/delete\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/write\",\n \"Microsoft.SecurityDetonation/chambers/workflows/delete\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/write\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/delete\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/cancel/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T11:43:14.0858184Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.5639749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/352470b3-6a9c-4686-b503-35deb827e500\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"352470b3-6a9c-4686-b503-35deb827e500\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Runtime Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage resources created by AICS at runtime\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/derivedModels/*\",\n \"Microsoft.IndustryDataLifecycle/pipelineSets/*\",\n \"Microsoft.IndustryDataLifecycle/modelMappings/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-19T10:00:27.3464971Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.7442136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a6f0e70-c033-4fb1-828c-08514e5f4102\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a6f0e70-c033-4fb1-828c-08514e5f4102\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosRestoreOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform restore action for Cosmos DB database account with continuous backup mode\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/restore/action\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/*/read\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-21T19:51:35.3884884Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.4892686Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5432c526-bc82-444a-b7ba-57c5b0b5b34f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5432c526-bc82-444a-b7ba-57c5b0b5b34f\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Converter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to convert data from legacy format to FHIR\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-22T19:39:01.1601069Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.8605937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1705bd2-3a8f-45a5-8683-466fcfd5cc24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create quota requests, get quota request status, and create support tickets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/read\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/write\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimitsRequests/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Quota/usages/read\",\n \"Microsoft.Quota/quotas/read\",\n \"Microsoft.Quota/quotas/write\",\n \"Microsoft.Quota/quotaRequests/read\",\n \"Microsoft.Quota/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-03T00:06:35.8404575Z\",\n \"updatedOn\": \"2022-12-07T21:46:59.0116853Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e5f05e5-9ab9-446b-b98d-1e2157c94125\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e5f05e5-9ab9-446b-b98d-1e2157c94125\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-08T18:46:18.8999557Z\",\n \"updatedOn\": \"2021-11-11T20:15:01.6867802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e241071-0855-49ea-94dc-649edcd759de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to query submission info and files from Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-01T14:06:46.2814905Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.327409Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28241645-39f8-410b-ad48-87863e2951d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28241645-39f8-410b-ad48-87863e2951d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:20:47.0279813Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.5006082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a167cdf-cb95-4554-9203-2347fe489bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a167cdf-cb95-4554-9203-2347fe489bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:42:02.0014737Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.6855873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\"\n },\n {\n \"properties\": {\n \"roleName\": \"WorkloadBuilder Migration Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"WorkloadBuilder Migration Agent Role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WorkloadBuilder/migrationAgents/Read\",\n \"Microsoft.WorkloadBuilder/migrationAgents/Write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-11T17:07:20.0828003Z\",\n \"updatedOn\": \"2021-11-11T20:15:04.2456706Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d17ce0a2-0697-43bc-aac5-9113337ab61c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d17ce0a2-0697-43bc-aac5-9113337ab61c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-25T11:12:12.678601Z\",\n \"updatedOn\": \"2021-11-11T20:15:05.3368606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5537268-8956-4941-a8f0-646150406f0c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5537268-8956-4941-a8f0-646150406f0c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:49.7826633Z\",\n \"updatedOn\": \"2024-04-12T06:28:35.0285254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e75ca1e-0464-4b4d-8b93-68208a576181\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Recognizer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/detect/action\",\n \"Microsoft.CognitiveServices/accounts/Face/verify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/identify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/group/action\",\n \"Microsoft.CognitiveServices/accounts/Face/findsimilars/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/read\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-31T01:51:41.3557295Z\",\n \"updatedOn\": \"2023-11-10T00:42:33.8288289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9894cab4-e18a-44aa-828b-cb588cd6f2d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Query Tester\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform query testing without creating a stream analytics job first\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/locations/TestQuery/action\",\n \"Microsoft.StreamAnalytics/locations/OperationResults/read\",\n \"Microsoft.StreamAnalytics/locations/SampleInput/action\",\n \"Microsoft.StreamAnalytics/locations/CompileQuery/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T17:33:24.572787Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.0481551Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\"\n },\n {\n \"properties\": {\n \"roleName\": \"AnyBuild Builder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AnyBuild/clusters/build/write\",\n \"Microsoft.AnyBuild/clusters/build/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T22:07:00.4963853Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.4254134Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2138dac-4907-4679-a376-736901ed8ad8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2138dac-4907-4679-a376-736901ed8ad8\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to IoT Hub data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*/read\",\n \"Microsoft.Devices/IotHubs/fileUpload/notifications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T18:03:29.8843192Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.6054154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b447c946-2db7-41ec-983d-d8bf3b1c77e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b447c946-2db7-41ec-983d-d8bf3b1c77e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Twin Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to all IoT Hub device and module twins.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/twins/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:10.1136903Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.7855063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494bdba2-168f-4f31-a0a1-191d2f7c028c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494bdba2-168f-4f31-a0a1-191d2f7c028c\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub device registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/devices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:47.5532704Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.9804295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ea46cd5-c1b2-4a8e-910b-273211f9ce47\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ea46cd5-c1b2-4a8e-910b-273211f9ce47\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:37:16.9927761Z\",\n \"updatedOn\": \"2021-11-11T20:15:09.1754206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fc6c259-987e-4a07-842e-c321cc9d413f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fc6c259-987e-4a07-842e-c321cc9d413f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Test Base Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let you view and download packages and test results.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getVideoDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/getDownloadUrl/action\",\n \"Microsoft.TestBase/*/read\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/write\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-05-11T23:41:33.1038367Z\",\n \"updatedOn\": \"2021-11-11T20:15:10.8004347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/15e0f5a1-3450-4248-8e25-e2afe88a9e85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"15e0f5a1-3450-4248-8e25-e2afe88a9e85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T20:26:13.4850461Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.3604371Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1407120a-92aa-4202-b7e9-c0e197c71c8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T22:15:16.5388472Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.5504385Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ebe5a00-799e-43f5-93ac-243d3dce84a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:40:54.9150717Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.1005298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76199698-9eea-4c19-bc75-cec21354c6b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76199698-9eea-4c19-bc75-cec21354c6b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:51:59.820761Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.2854966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and search DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:58:30.1630494Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.0154948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:59:30.8659515Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.1904985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58a3b984-7adf-4c20-983a-32417c86fbc8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58a3b984-7adf-4c20-983a-32417c86fbc8\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-02T21:55:40.4847495Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6111233Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a91429-5739-47e2-a06b-3470a27159e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Pool Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-08T17:26:05.1079972Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.9154612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60fc6e62-5479-42d4-8bf4-67625fcc2840\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60fc6e62-5479-42d4-8bf4-67625fcc2840\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Data Scientist\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-14T21:51:06.0361218Z\",\n \"updatedOn\": \"2023-05-30T15:09:08.4457249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6c7c914-8db3-469d-8ca1-694a8f32e121\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage server-wide settings and manage access to resources such as organizations, users, and licenses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-15T21:32:35.380234Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/22926164-76b3-42b3-bc55-97df8dab3e41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"22926164-76b3-42b3-bc55-97df8dab3e41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected SQL Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/sqlServerInstances/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-19T23:52:15.8885739Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.1754742Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8113dce-c529-4d33-91fa-e9b972617508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8113dce-c529-4d33-91fa-e9b972617508\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:37:20.7558643Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.5454755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26baccc8-eea7-41f1-98f4-1762cc7f685d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:44:26.3023126Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.7154782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2787bf04-f1f5-4bfe-8383-c8a24483ee38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Listener\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listen access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/listen/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T18:38:03.1437496Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.9005232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26e0b698-aa6d-4085-9386-aadae190014d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View dashboards, playlists, and query data sources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:36:18.7737511Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60921a7e-fef1-4a43-9b16-a26c52ad4769\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60921a7e-fef1-4a43-9b16-a26c52ad4769\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, edit, delete, or view dashboards; create, edit, or delete folders; and edit or view playlists.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:37:32.5299593Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a79a5197-3a5c-4973-a920-486035ffd60f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a79a5197-3a5c-4973-a920-486035ffd60f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage azure automation resources and other resources using azure automation.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automation/automationAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/ActionGroups/*\",\n \"Microsoft.Insights/ActivityLogAlerts/*\",\n \"Microsoft.Insights/MetricAlerts/*\",\n \"Microsoft.Insights/ScheduledQueryRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T10:18:19.1054699Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.7304954Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f353d9bd-d4a6-484e-a77a-8050b599b867\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f353d9bd-d4a6-484e-a77a-8050b599b867\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Extension Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:47:50.6828896Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.9155393Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85cb6faf-e071-4c9b-8136-154b5a04f717\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85cb6faf-e071-4c9b-8136-154b5a04f717\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to Device Provisioning Service data-plane properties.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:53:12.1374732Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.0905503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/10745317-c249-44a1-a5ce-3a4353c0bbd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"10745317-c249-44a1-a5ce-3a4353c0bbd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Device Provisioning Service data-plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:54:03.2783227Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.2605302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce44e4-17b7-4bd1-a6d1-04996ec95633\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce44e4-17b7-4bd1-a6d1-04996ec95633\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Certificate Profile Signer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Sign files with a certificate profile. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/certificateProfiles/Sign/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-16T23:17:53.0002693Z\",\n \"updatedOn\": \"2024-04-05T05:34:02.8330268Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2837e146-70d7-4cfd-ad55-7efa6464f958\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2837e146-70d7-4cfd-ad55-7efa6464f958\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:40:17.9785063Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.9655101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cff1b556-2399-4e7e-856d-a8f754be7b65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cff1b556-2399-4e7e-856d-a8f754be7b65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\",\n \"Microsoft.AppPlatform/Spring/eurekaService/write\",\n \"Microsoft.AppPlatform/Spring/eurekaService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:42:38.9153779Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.1405497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5880b48-c26d-48be-b172-7927bfa1c8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5880b48-c26d-48be-b172-7927bfa1c8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-26T01:50:51.5123701Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.3155517Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d04c6db6-4947-4782-9e91-30a88feb7be7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d04c6db6-4947-4782-9e91-30a88feb7be7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\",\n \"Microsoft.AppPlatform/Spring/configService/write\",\n \"Microsoft.AppPlatform/Spring/configService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-06T02:30:47.861158Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.0405208Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure VM Managed identities restore Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-13T05:27:59.2180214Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.5805266Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6ae96244-5829-4925-a7d3-5975537d91dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6ae96244-5829-4925-a7d3-5975537d91dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Search and Render Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/render/read\",\n \"Microsoft.Maps/accounts/services/search/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:17:50.5178931Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.045541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6be48352-4f82-47c9-ad5e-0acacefdb005\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6be48352-4f82-47c9-ad5e-0acacefdb005\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access all Azure Maps resource management.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maps/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:19:13.1357904Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.2455414Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dba33070-676a-4fb0-87fa-064dc56ff7fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dba33070-676a-4fb0-87fa-064dc56ff7fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/*\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachineinstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:19:53.0087024Z\",\n \"updatedOn\": \"2023-08-31T13:23:35.2639121Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b748a06d-6150-4f8a-aaa9-ce3940cd96cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b748a06d-6150-4f8a-aaa9-ce3940cd96cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/join/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/Read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/clone/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/Read\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/Read\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/Read\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/allocateSpace/action\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:20:46.5105444Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Administrator role \",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all connected VMwarevSphere actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T17:12:42.6172725Z\",\n \"updatedOn\": \"2024-05-21T15:16:30.6838061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddc140ed-e463-4246-9145-7c664192013f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddc140ed-e463-4246-9145-7c664192013f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, Write, Deploy and Delete functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:28:02.96118Z\",\n \"updatedOn\": \"2021-11-11T20:15:25.4884913Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f72c8140-2111-481c-87ff-72b910f6e3f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/*/read\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action\",\n \"Microsoft.CognitiveServices/accounts/Language/generate/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:14.7643336Z\",\n \"updatedOn\": \"2023-02-28T16:09:04.1394585Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7628b7b8-a8b2-4cdc-b46f-e9b35248918e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, and Write functions under Language Portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:39.5761019Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2904465Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, Write, Deploy and Delete functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:07.6173528Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2749033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f07febfe-79bc-46b1-8b37-790e26e6e498\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under LUIS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*/read\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:31.2704834Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.2134821Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e81cdc-4e98-4e29-a639-e7d10c5a6226\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, and Write functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/delete\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:31:12.1580052Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.3934523Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6322a993-d5c9-4bed-b113-e49bbea25b27\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PlayFab/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T23:26:57.2248605Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.5784834Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9a19cc5-31f4-447c-901f-56c0bb18fcaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9a19cc5-31f4-447c-901f-56c0bb18fcaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, update, delete and execute load tests. View and list load test resources but can not make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/*\",\n \"Microsoft.LoadTestService/testProfiles/*\",\n \"Microsoft.LoadTestService/testProfileRuns/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:11:21.0936461Z\",\n \"updatedOn\": \"2025-09-29T15:12:02.8710803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749a398d-560b-491b-bb21-08924219302e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749a398d-560b-491b-bb21-08924219302e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute all operations on load test resources and load tests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:12:24.5500195Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45bb0b16-2f0c-4e78-afaa-a07599b003f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45bb0b16-2f0c-4e78-afaa-a07599b003f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contributor access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PlayFab/*/read\",\n \"Microsoft.PlayFab/*/write\",\n \"Microsoft.PlayFab/*/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T00:55:37.3326276Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.0547167Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c8b84dc-067c-4039-9615-fa1a4b77c726\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c8b84dc-067c-4039-9615-fa1a4b77c726\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View and list all load tests and load test resources but can not make any changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/readTest/action\",\n \"Microsoft.LoadTestService/testProfiles/read\",\n \"Microsoft.LoadTestService/testProfileRuns/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T06:14:08.3903105Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3ae3fb29-0000-4ccd-bf80-542e7b26e081\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3ae3fb29-0000-4ccd-bf80-542e7b26e081\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Immersive Reader User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create Immersive Reader sessions and call APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T19:52:14.4487503Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.4146975Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b2de6794-95db-4659-8781-7e080d3f2b9d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:51:03.3308981Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.7792013Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f69b8690-cc87-41d6-b77a-a4bc3c0a966f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f69b8690-cc87-41d6-b77a-a4bc3c0a966f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services reader role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:55:30.4208618Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.9592032Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Assistant\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab assistant role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:10.4295443Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.144253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce40b423-cede-4313-a93f-9b28290b72e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce40b423-cede-4313-a93f-9b28290b72e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab operator role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:41.9942935Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.3242664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a36e6959-b6be-4b12-8e9f-ef4b474d304d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a36e6959-b6be-4b12-8e9f-ef4b474d304d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/write\",\n \"Microsoft.LabServices/labs/delete\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/syncGroup/action\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:57:05.9018065Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.4992096Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5daaa2af-1fe8-407c-9122-bba179798270\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5daaa2af-1fe8-407c-9122-bba179798270\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/policyAssignments/*\",\n \"Microsoft.Authorization/policyDefinitions/*\",\n \"Microsoft.Authorization/policyExemptions/*\",\n \"Microsoft.Authorization/policySetDefinitions/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.IoTSecurity/*\",\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:51:23.0917487Z\",\n \"updatedOn\": \"2023-06-27T15:20:21.4401023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb1c8493-542b-48eb-b624-b4c8fea62acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:10:11.833518Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12cf5a90-567b-43ae-8102-96cf46c7d9b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12cf5a90-567b-43ae-8102-96cf46c7d9b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:11:12.6235436Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR App Server\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets your app server access SignalR Service with AAD auth options.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/accessKey/action\",\n \"Microsoft.SignalRService/SignalR/serverConnection/write\",\n \"Microsoft.SignalRService/SignalR/clientConnection/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T06:54:40.1201435Z\",\n \"updatedOn\": \"2021-11-16T05:19:04.8579948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/420fcaa2-552c-430f-98ca-3264be4806c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"420fcaa2-552c-430f-98ca-3264be4806c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a regular user.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.HybridCompute/machines/login/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:55:50.6185845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb879df8-f326-4884-b1cf-06f3ad86be52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb879df8-f326-4884-b1cf-06f3ad86be52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.Compute/virtualMachines/loginAsAdmin/action\",\n \"Microsoft.HybridCompute/machines/login/action\",\n \"Microsoft.HybridCompute/machines/loginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:56:53.8134295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c0163c0-47e6-4577-8991-ea5c82e286e4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c0163c0-47e6-4577-8991-ea5c82e286e4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete and re-onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/*\",\n \"Microsoft.HybridCompute/machines/runCommands/*\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/settings/*\",\n \"Microsoft.HybridCompute/gateways/*\",\n \"Microsoft.HybridCompute/privateLinkScopes/*\",\n \"Microsoft.HybridCompute/licenses/*\",\n \"Microsoft.HybridCompute/locations/*\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:24:59.1474607Z\",\n \"updatedOn\": \"2025-01-31T22:43:26.2952467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd570a14-e51a-42ad-bac8-bafd67325302\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd570a14-e51a-42ad-bac8-bafd67325302\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backup services, except removal of backup, vault creation and giving access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/accessToken/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/write\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/write\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupTriggerValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationsStatuses/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupAadProperties/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrossRegionRestore/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:21:11.894764Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2914246Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00c29273-979b-4161-815c-10b084fb9324\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00c29273-979b-4161-815c-10b084fb9324\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can save shared workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/workbooks/write\",\n \"Microsoft.Insights/workbooks/delete\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/workbooks/revisions/read\",\n \"Microsoft.Insights/workbooktemplates/write\",\n \"Microsoft.Insights/workbooktemplates/delete\",\n \"Microsoft.Insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:59:42.4820277Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8ddcd69-c73f-4f9f-9844-4100522f16ad\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8ddcd69-c73f-4f9f-9844-4100522f16ad\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.insights/workbooks/read\",\n \"microsoft.insights/workbooks/revisions/read\",\n \"microsoft.insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:56:17.680814Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b279062a-9be3-42a0-92ae-8b3cf002ec4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b279062a-9be3-42a0-92ae-8b3cf002ec4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data and update monitoring settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.Monitor/settings/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:21:08.4345976Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749f88d5-cbae-40b8-bcfc-e573ddc772fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Metrics Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables publishing metrics against Azure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Insights/Metrics/Write\",\n \"Microsoft.Insights/Telemetry/Write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-14T00:36:16.5610279Z\",\n \"updatedOn\": \"2022-01-04T00:38:04.0289073Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3913510d-42f4-4e42-8a64-420c390055eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3913510d-42f4-4e42-8a64-420c390055eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 1 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\",\n \"Microsoft.Purview/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:37:15.0123345Z\",\n \"updatedOn\": \"2022-01-04T00:43:15.6924286Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a3c2885-9b38-4fd2-9d99-91af537c1347\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a3c2885-9b38-4fd2-9d99-91af537c1347\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 2 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/scan/read\",\n \"Microsoft.Purview/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:40:05.0975648Z\",\n \"updatedOn\": \"2022-01-04T00:47:22.9678219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/200bba9e-f0c8-430f-892b-6f0794863803\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"200bba9e-f0c8-430f-892b-6f0794863803\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 3 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:39:22.234474Z\",\n \"updatedOn\": \"2022-01-04T00:48:08.2844802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff100721-1b9d-43d8-af52-42b69c1272db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff100721-1b9d-43d8-af52-42b69c1272db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to upload and manage new Autonomous Development Platform measurements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/read\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/dataStreams/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurementCollections/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/changeState/action\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/changeState/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-12-15T11:30:01.7459379Z\",\n \"updatedOn\": \"2022-09-15T17:13:47.5365709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8b15564-4fa6-4a59-ab12-03e1d9594795\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8b15564-4fa6-4a59-ab12-03e1d9594795\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:13:59.9702378Z\",\n \"updatedOn\": \"2022-01-04T13:20:26.2040404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/27f8b550-c507-4db9-86f2-f4b8e816d59d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"27f8b550-c507-4db9-86f2-f4b8e816d59d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:11:31.9843256Z\",\n \"updatedOn\": \"2022-01-04T13:21:04.3207709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d63b75f7-47ea-4f27-92ac-e0d173aaf093\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d63b75f7-47ea-4f27-92ac-e0d173aaf093\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the keys of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/*\",\n \"Microsoft.KeyVault/vaults/keyrotationpolicies/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0099249Z\",\n \"updatedOn\": \"2022-01-06T23:21:17.9760884Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/14b46e9e-c2b7-41b4-b07b-48a6ebf60603\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"14b46e9e-c2b7-41b4-b07b-48a6ebf60603\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:01:34.705363Z\",\n \"updatedOn\": \"2022-01-13T01:35:51.6463216Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49e2f5d2-7741-4835-8efa-19e1fe35e47f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49e2f5d2-7741-4835-8efa-19e1fe35e47f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:59:52.1001666Z\",\n \"updatedOn\": \"2022-01-13T01:59:19.4616366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e4237640-0e3d-4a46-8fda-70bc94856432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e4237640-0e3d-4a46-8fda-70bc94856432\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Write\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.KubernetesConfiguration/extensions/Write\",\n \"Microsoft.KubernetesConfiguration/extensions/Read\",\n \"Microsoft.KubernetesConfiguration/extensions/Delete\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Write\",\n \"Microsoft.ExtendedLocation/customLocations/Delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ResourceConnector/appliances/Read\",\n \"Microsoft.ResourceConnector/appliances/Write\",\n \"Microsoft.ResourceConnector/appliances/Delete\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.BackupSolutions/vmwareapplications/write\",\n \"Microsoft.BackupSolutions/vmwareapplications/delete\",\n \"Microsoft.BackupSolutions/vmwareapplications/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T22:18:08.4480747Z\",\n \"updatedOn\": \"2023-08-18T17:54:09.8815166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/67d33e57-3129-45e6-bb0b-7cc522f762fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"67d33e57-3129-45e6-bb0b-7cc522f762fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Automation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Logic/workflows/triggers/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Logic/workflows/runs/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/runs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-24T08:50:52.0382991Z\",\n \"updatedOn\": \"2022-01-26T09:25:00.4699337Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4c81013-99ee-4d62-a7ee-b3f1f648599a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4c81013-99ee-4d62-a7ee-b3f1f648599a\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*/read\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.097708Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"871e35f6-b5c1-49cc-a043-bde969a0f2cd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can’t create, delete or modify the data/test/model/endpoint for custom models.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read\"\n ]\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:27.4339032Z\",\n \"updatedOn\": \"2024-10-18T20:00:21.397467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2dc8367-1007-4938-bd23-fe263f013447\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows Admin Center Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let's you manage the OS of your resource via Windows Admin Center as an administrator.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/upgradeExtensions/action\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkWatchers/securityGroupView/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/listManagedProxyDetails/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/versions/read\",\n \"Microsoft.Compute/diskAccesses/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete\",\n \"Microsoft.AzureStackHCI/Operations/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Write\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HybridCompute/machines/WACLoginAsAdmin/action\",\n \"Microsoft.Compute/virtualMachines/WACloginAsAdmin/action\",\n \"Microsoft.AzureStackHCI/Clusters/WACloginAsAdmin/Action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/WACloginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-12T00:51:19.5581155Z\",\n \"updatedOn\": \"2024-01-24T16:28:56.8362682Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a6333a3e-0164-44c3-b281-7a577aff287f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a6333a3e-0164-44c3-b281-7a577aff287f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Policy Add-on Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy the Azure Policy add-on on Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/proximityPlacementGroups/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-07T20:51:48.5662807Z\",\n \"updatedOn\": \"2022-03-15T23:34:13.5188193Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ed5180-3e48-46fd-8541-4ea054d57064\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ed5180-3e48-46fd-8541-4ea054d57064\"\n },\n {\n \"properties\": {\n \"roleName\": \"Guest Configuration Resource Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, write Guest Configuration Resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-13T21:31:41.9626667Z\",\n \"updatedOn\": \"2022-02-10T19:22:44.9057916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/088ab73d-1256-47ae-bea9-9de8e7131f31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"088ab73d-1256-47ae-bea9-9de8e7131f31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Insights/DiagnosticSettings/read\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/routes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:38:46.904317Z\",\n \"updatedOn\": \"2022-06-27T17:28:30.2892869Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/361898ef-9ed1-48c2-849c-a832951106bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"361898ef-9ed1-48c2-849c-a832951106bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/Read\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/register/action\",\n \"Microsoft.AAD/unregister/action\",\n \"Microsoft.AAD/domainServices/*\",\n \"Microsoft.Network/register/action\",\n \"Microsoft.Network/unregister/action\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/delete\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:40:22.3943189Z\",\n \"updatedOn\": \"2022-06-27T17:28:31.1017906Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eeaeda52-9324-47f6-8069-5d5bade478b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eeaeda52-9324-47f6-8069-5d5bade478b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Resolver Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS resolver resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsResolvers/read\",\n \"Microsoft.Network/dnsResolvers/write\",\n \"Microsoft.Network/dnsResolvers/delete\",\n \"Microsoft.Network/dnsResolvers/join/action\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/join/action\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/read\",\n \"Microsoft.Network/dnsForwardingRulesets/write\",\n \"Microsoft.Network/dnsForwardingRulesets/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/read\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/write\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/read\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/write\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/delete\",\n \"Microsoft.Network/locations/dnsResolverOperationResults/read\",\n \"Microsoft.Network/locations/dnsResolverOperationStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-16T23:25:04.4308795Z\",\n \"updatedOn\": \"2022-03-12T01:08:44.4650132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Enabled Kubernetes Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credentials action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredentials/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-28T17:37:00.7637445Z\",\n \"updatedOn\": \"2022-02-17T02:29:05.1000798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00493d72-78f6-4148-b6c5-d3ce8e4799dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00493d72-78f6-4148-b6c5-d3ce8e4799dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to upload data to empty managed disks, read, or export data of managed disks (not attached to running VMs) and snapshots using SAS URIs and Azure AD authentication.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/disks/download/action\",\n \"Microsoft.Compute/disks/upload/action\",\n \"Microsoft.Compute/snapshots/download/action\",\n \"Microsoft.Compute/snapshots/upload/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"updatedOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/959f8984-c045-4866-89c7-12bf9737be2e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"959f8984-c045-4866-89c7-12bf9737be2e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Sensor Partner Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to manage sensor related entities in AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete\"\n ]\n }\n ],\n \"createdOn\": \"2022-03-09T09:03:53.490279Z\",\n \"updatedOn\": \"2022-10-27T07:34:00.932807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b77f0a0-0d89-41cc-acd1-579c22c17a67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Sharing Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role allows user to share gallery to another subscription/tenant or share it to the public.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-10T04:36:08.9040323Z\",\n \"updatedOn\": \"2022-03-26T00:40:55.2620635Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ef6a3be-d0ac-425d-8c01-acb62866290b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ef6a3be-d0ac-425d-8c01-acb62866290b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Patching Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/maintenanceConfigurations/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/delete\",\n \"Microsoft.Maintenance/configurationAssignments/read\",\n \"Microsoft.Maintenance/configurationAssignments/write\",\n \"Microsoft.Maintenance/configurationAssignments/delete\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/applyUpdates/read\",\n \"Microsoft.Maintenance/updates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-21T14:34:05.5308153Z\",\n \"updatedOn\": \"2025-02-27T13:35:19.3626961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd08ab90-6b14-449c-ad9a-8f8e549482c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd08ab90-6b14-449c-ad9a-8f8e549482c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Dev Box User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create and manage dev boxes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T22:42:03.2894277Z\",\n \"updatedOn\": \"2023-10-18T19:06:15.1790546Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45d50f46-0b78-4001-a660-4198cbe8cd05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45d50f46-0b78-4001-a660-4198cbe8cd05\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Project Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage project resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/write\",\n \"Microsoft.DevCenter/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/adminStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminAlign/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminAction/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T23:57:37.3708041Z\",\n \"updatedOn\": \"2025-07-23T23:00:43.7994094Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/331c37c6-af14-46d9-b9f4-e1909e1b95a0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"331c37c6-af14-46d9-b9f4-e1909e1b95a0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Local User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a local user configured on the arc server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-07T04:12:11.0327385Z\",\n \"updatedOn\": \"2022-04-16T23:03:02.5542069Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/602da2ba-a5c2-41da-b01d-5360126ab525\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"602da2ba-a5c2-41da-b01d-5360126ab525\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/virtualmachines/*\",\n \"microsoft.scvmm/virtualMachineInstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.9085842Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e582369a-e17b-42a5-b10c-874c387c530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e582369a-e17b-42a5-b10c-874c387c530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Administrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ScVmm/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a92dfd61-77f9-4aec-a531-19858b406c87\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a92dfd61-77f9-4aec-a531-19858b406c87\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/vmmservers/Read\",\n \"microsoft.scvmm/vmmservers/Write\",\n \"microsoft.scvmm/vmmservers/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-05-19T07:39:31.0563245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"microsoft.scvmm/virtualnetworks/join/action\",\n \"microsoft.scvmm/virtualnetworks/Read\",\n \"microsoft.scvmm/virtualmachinetemplates/clone/action\",\n \"microsoft.scvmm/virtualmachinetemplates/Read\",\n \"microsoft.scvmm/clouds/deploy/action\",\n \"microsoft.scvmm/clouds/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0781e91-8102-4553-8951-97c6d4243cda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0781e91-8102-4553-8951-97c6d4243cda\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Pool Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/delete\",\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.HDInsight/clusterPools/write\",\n \"Microsoft.HDInsight/clusterpools/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterpools/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/upgradehistories/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:43.7126562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7656b436-37d4-490a-a4ab-d39f838f0042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7656b436-37d4-490a-a4ab-d39f838f0042\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/clusters/delete\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/rollback/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd036e6b-1266-47a0-b0bb-a05d04831731\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd036e6b-1266-47a0-b0bb-a05d04831731\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and import FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-19T12:03:07.1913541Z\",\n \"updatedOn\": \"2022-04-21T13:19:49.7566662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4465e953-8ced-4406-a58e-0f6e3f3b530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to read cluster configurations, resize clusters and run jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.Hdinsight/clusterpools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\",\n \"Microsoft.Insights/diagnosticSettings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-26T14:14:33.8566334Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcf28286-af25-4c81-bb6f-351fcab5dbe9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcf28286-af25-4c81-bb6f-351fcab5dbe9\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Developer Portal Content Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can customize the developer portal, edit its content, and publish it.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/portalRevisions/read\",\n \"Microsoft.ApiManagement/service/portalRevisions/write\",\n \"Microsoft.ApiManagement/service/contentTypes/read\",\n \"Microsoft.ApiManagement/service/contentTypes/delete\",\n \"Microsoft.ApiManagement/service/contentTypes/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/read\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-06T21:46:28.7501982Z\",\n \"updatedOn\": \"2022-05-11T01:48:03.0899467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c031e6a8-4391-4de0-8d69-4706a7ed3729\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c031e6a8-4391-4de0-8d69-4706a7ed3729\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role that provides access to disk snapshot for security analysis.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/instanceView/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/instanceView/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-15T19:19:38.5462809Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7808068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to all resources under Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-26T12:41:01.1833837Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80dcbedb-47ef-405d-95bd-188a1b4ac406\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80dcbedb-47ef-405d-95bd-188a1b4ac406\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for control path read access to Azure Elastic SAN\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-01T07:05:04.5639037Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af6a70f8-3c9f-4105-acf1-d719e9fca4ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af6a70f8-3c9f-4105-acf1-d719e9fca4ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read\",\n \"Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/availabilitySets/vmSizes/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.Compute/locations/usages/read\",\n \"Microsoft.Compute/locations/vmSizes/read\",\n \"Microsoft.Compute/operations/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/runCommand/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/write\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read\",\n \"Microsoft.KeyVault/vaults/deploy/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.2575005Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5340758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a959dbd1-f747-45e3-8ba6-dd80f235f97c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Off Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureStackHCI/operations/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/restart/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/stop/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/eventtypes/values/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-08-15T18:24:59.2883823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40c5ff49-9181-41f8-ae61-143b0e78555e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40c5ff49-9181-41f8-ae61-143b0e78555e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-02-12T16:11:25.5904731Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/489581de-a3bd-480d-9518-53dea7416b33\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"489581de-a3bd-480d-9518-53dea7416b33\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Group Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to a volume group in Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8281131-f312-4f34-8d98-ae12be9f0d23\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8281131-f312-4f34-8d98-ae12be9f0d23\"\n },\n {\n \"properties\": {\n \"roleName\": \"Access Review Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Management/getEntities/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76cc9ee4-d5d3-4a45-a930-26add3d73475\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76cc9ee4-d5d3-4a45-a930-26add3d73475\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Identity Verifier\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage identity or business verification requests. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/IdentityVerification/Read\",\n \"Microsoft.CodeSigning/IdentityVerification/Write\",\n \"Microsoft.CodeSigning/IdentityVerification/Delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-29T07:36:35.8877235Z\",\n \"updatedOn\": \"2024-10-24T14:08:43.6479343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4339b7cf-9826-4e41-b4ed-c7f4505dac08\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4339b7cf-9826-4e41-b4ed-c7f4505dac08\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Restricted Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to view and search through all video's insights and transcription in the Video Indexer portal. No access to model customization, embedding of widget, downloading videos, or sharing the account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/*/read\",\n \"Microsoft.VideoIndexer/accounts/*/action\"\n ],\n \"notActions\": [\n \"Microsoft.VideoIndexer/*/write\",\n \"Microsoft.VideoIndexer/*/delete\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"updatedOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2c4a527-7dc0-4ee3-897b-403ade70fafb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2c4a527-7dc0-4ee3-897b-403ade70fafb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access the data in an Azure Monitor Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Monitor/accounts/data/metrics/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T15:27:32.9926129Z\",\n \"updatedOn\": \"2022-10-07T20:52:48.6545841Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b0d8363b-8ddd-447d-831f-62ca05bff136\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b0d8363b-8ddd-447d-831f-62ca05bff136\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7837694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5af6afb3-c06c-4fa4-8848-71a8aee05683\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5af6afb3-c06c-4fa4-8848-71a8aee05683\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/apps/deployments/*\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/*\",\n \"Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/*\",\n \"Microsoft.ContainerService/fleets/batch/jobs/*\",\n \"Microsoft.ContainerService/fleets/configmaps/*\",\n \"Microsoft.ContainerService/fleets/endpoints/*\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/*\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/*\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/*\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/*\",\n \"Microsoft.ContainerService/fleets/services/*\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/*\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434fb43a-c01c-447e-9f67-c3ad923cfaba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434fb43a-c01c-447e-9f67-c3ad923cfaba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63bb64ad-9799-4770-b5c3-24ed299a07bf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63bb64ad-9799-4770-b5c3-24ed299a07bf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-23T18:34:36.152431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/30b27cfc-9c84-438e-b0ce-70e35255df80\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"30b27cfc-9c84-438e-b0ce-70e35255df80\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ab4d3d-a1bf-4477-8ad9-8359bc988f69\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ab4d3d-a1bf-4477-8ad9-8359bc988f69\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to read namespace resources and retrieve kubeconfig for the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/listUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"updatedOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba79058c-0414-4a34-9e42-c3399d80cd5a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba79058c-0414-4a34-9e42-c3399d80cd5a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Labeling - Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can label data in Labeling.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/experiments/runs/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/summary/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-02T20:34:03.6536098Z\",\n \"updatedOn\": \"2022-09-08T21:01:04.9492408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6decf44-fd0a-444c-a844-d653c394e7ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6decf44-fd0a-444c-a844-d653c394e7ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Role Based Access Control Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T00:28:32.1779656Z\",\n \"updatedOn\": \"2023-11-08T20:50:17.2103449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f58310d9-a9f6-439a-9e8d-f62e7b41a168\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f58310d9-a9f6-439a-9e8d-f62e7b41a168\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Template Spec operations at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c9b6475-caf0-4164-b5a1-2142a7116f4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c9b6475-caf0-4164-b5a1-2142a7116f4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Template Specs at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/392ae280-861d-42bd-9ea5-08ee6d83b80e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"392ae280-861d-42bd-9ea5-08ee6d83b80e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Playbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Playbook Operator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Logic/workflows/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-20T17:17:53.1732035Z\",\n \"updatedOn\": \"2022-12-07T18:28:46.3977543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/51d6186e-6489-4900-b93f-92e23144cca5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"51d6186e-6489-4900-b93f-92e23144cca5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/userRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/userOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-21T23:02:10.9267534Z\",\n \"updatedOn\": \"2023-11-11T02:44:04.8360299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e40d4e-8d2e-438d-97e1-9528336e149c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e40d4e-8d2e-438d-97e1-9528336e149c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Connect Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Connect Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"updatedOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80558df3-64f9-4c0f-b32d-e5094b036b0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80558df3-64f9-4c0f-b32d-e5094b036b0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Remote Debugging Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Remote Debugging Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"updatedOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a99b0159-1064-4c22-a57b-c9b3caa1c054\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a99b0159-1064-4c22-a57b-c9b3caa1c054\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Registry User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/registries/assets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1823dd4f-9b8c-4ab6-ab4e-7397a3684615\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Compute Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/computes/*\",\n \"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/write\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/virtualNetworks/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/join/action\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aabbc5dd-1af0-458b-a942-81af88f9c138\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aabbc5dd-1af0-458b-a942-81af88f9c138\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/Operations/read\",\n \"Microsoft.Workloads/Locations/OperationStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2024-01-12T10:58:11.4343824Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05352d14-a920-4328-a0de-4cbe7430e26b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05352d14-a920-4328-a0de-4cbe7430e26b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read and write access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/write\",\n \"Microsoft.Workloads/sapVirtualInstances/*/delete\",\n \"Microsoft.Workloads/Locations/*/action\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/start/action\",\n \"Microsoft.Workloads/sapVirtualInstances/*/stop/action\",\n \"Microsoft.Workloads/connectors/*/read\",\n \"Microsoft.Workloads/connectors/*/write\",\n \"Microsoft.Workloads/connectors/*/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/*/generateKeyPair/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-04T17:14:14.5212968Z\",\n \"updatedOn\": \"2023-06-21T15:30:31.2294248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"AppGw for Containers Configuration Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access and configuration updates to Application Gateway for Containers resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/delete\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-06T03:15:51.8980834Z\",\n \"updatedOn\": \"2024-10-29T15:24:36.1024666Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbc52c3f-28ad-4303-a892-8a056630b8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbc52c3f-28ad-4303-a892-8a056630b8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR SMART User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user to access FHIR Service according to SMART on FHIR specification\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T17:20:25.4418773Z\",\n \"updatedOn\": \"2022-12-07T20:30:43.3899302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ba50f17-9666-485c-a643-ff00808643f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ba50f17-9666-485c-a643-ff00808643f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access including the ability to fine-tune, deploy and generate text\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/read\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/write\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/delete\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/read\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/write\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/delete\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2023-08-25T21:51:58.6134163Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a001fd3d-188f-4b5d-821b-7da978bf7442\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Ability to view files, models, deployments. Readers can't make any changes They can inference and create images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*/read\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/delete\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/assistants/*\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/responses/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read\"\n ]\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2025-04-28T15:13:50.0338628Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact Reporter role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact write access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*\",\n \"Microsoft.Impact/ImpactCategories/read\",\n \"Microsoft.Impact/TopologyImpacts/*\",\n \"Microsoft.Impact/getUploadToken/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:34:10.0140145Z\",\n \"updatedOn\": \"2025-09-26T15:39:14.9829777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Impact Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to reported impacts and impact categories\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/read\",\n \"Microsoft.Impact/ImpactCategories/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:49:23.8706555Z\",\n \"updatedOn\": \"2022-11-14T16:02:29.4536312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Monitoring User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster monitoring user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-02-06T16:01:22.3399796Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1afdec4b-e479-420e-99e7-f82237c7c5e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1afdec4b-e479-420e-99e7-f82237c7c5e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"ContainerApp Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all containerapp resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-01-02T16:08:35.1119461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EdgeMarketplace/locations/operationStatuses/read\",\n \"Microsoft.EdgeMarketPlace/offers/getAccessToken/action\",\n \"Microsoft.EdgeMarketPlace/offers/generateAccessToken/action\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Attestation/attestationProviders/write\",\n \"Microsoft.Attestation/attestationProviders/read\",\n \"Microsoft.Attestation/attestationProviders/delete\",\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-15T16:12:10.4398106Z\",\n \"updatedOn\": \"2024-08-26T15:01:40.009798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5819b54-e033-4d82-ac66-4fec3cbf3f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5819b54-e033-4d82-ac66-4fec3cbf3f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlDb Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlDb migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/write\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/write\",\n \"Microsoft.Sql/servers/databases/delete\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-12-07T23:03:17.2201214Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6344876Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/189207d4-bb67-4208-a635-b06afe8b2c57\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"189207d4-bb67-4208-a635-b06afe8b2c57\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services GDU Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to GDU Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.7508137Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c4bc862a-3b64-4a35-a021-a380c159b042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c4bc862a-3b64-4a35-a021-a380c159b042\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Imagery Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.2220222Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef29765d-0d37-4119-a4f8-f9f9902c9588\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef29765d-0d37-4119-a4f8-f9f9902c9588\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Service role for management\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions that the user assigned managed identity must have to enable registration for the existing systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0105a6b0-4bb9-43d2-982a-12806f9faddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0105a6b0-4bb9-43d2-982a-12806f9faddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Management role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions which allow users to register existing systems, view and manage systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d949e1d-41e2-46e3-8920-c6e4f31a8310\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d949e1d-41e2-46e3-8920-c6e4f31a8310\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes API Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Security/pricings/securityoperators/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T13:11:09.1105477Z\",\n \"updatedOn\": \"2025-09-12T08:03:06.9409916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a2ae44-610b-4500-93be-660a0c5f5ca6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a2ae44-610b-4500-93be-660a0c5f5ca6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Usage Billing Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Usage Billing shared BuiltIn role to be used for all Customer Account Authentication\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.UsageBilling/accounts/inputs/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T20:45:56.3071212Z\",\n \"updatedOn\": \"2023-01-26T19:26:37.6422441Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Registry secure supply chain operator service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\",\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-19T15:58:15.6513344Z\",\n \"updatedOn\": \"2024-06-12T15:19:54.7471937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96062cf7-95ca-4f89-9b9d-2a2aa47356af\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlMI Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlMI migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/write\",\n \"Microsoft.Sql/managedInstances/databases/read\",\n \"Microsoft.Sql/managedInstances/databases/write\",\n \"Microsoft.Sql/managedInstances/databases/delete\",\n \"Microsoft.Sql/managedInstances/metrics/read\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.2824316Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3295951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d335eef-eee1-47fe-a9e0-53214eba8872\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d335eef-eee1-47fe-a9e0-53214eba8872\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services CWUM Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to CWUM Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3570667Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9b99099-ead7-47db-8fcf-072597a61dfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9b99099-ead7-47db-8fcf-072597a61dfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlVM Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlVM migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3580681Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6444899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae8036db-e102-405b-a1b9-bae082ea436d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae8036db-e102-405b-a1b9-bae082ea436d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Cdn/profiles/customdomains/write\",\n \"Microsoft.Cdn/profiles/customdomains/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.0560669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab34830-df19-4f8c-b84e-aa85b8afa6e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7541192Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0db238c4-885e-4c4f-a933-aa2cef684fca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Cdn/profiles/secrets/write\",\n \"Microsoft.Cdn/profiles/secrets/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f2eb865-5811-4578-b90a-6fc6fa0df8e5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door domains, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7551197Z\",\n \"updatedOn\": \"2023-12-07T09:22:52.9393362Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f99d363-226e-4dca-9920-b807cf8e1a5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/register/action\",\n \"Microsoft.AzureStackHCI/Unregister/Action\",\n \"Microsoft.AzureStackHCI/clusters/*\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action\",\n \"Microsoft.HybridCompute/register/action\",\n \"Microsoft.GuestConfiguration/register/action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.AzureStackHCI/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068}))\"\n }\n ],\n \"createdOn\": \"2023-02-03T05:08:48.3968454Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bda0d508-adf1-4af0-9c28-88919fc3ae06\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bda0d508-adf1-4af0-9c28-88919fc3ae06\"\n },\n {\n \"properties\": {\n \"roleName\": \"MySQL Backup And Export Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage backup and export resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforMySQL/flexibleServers/validateBackup/action\",\n \"Microsoft.DBforMySQL/flexibleServers/backupAndExport/action\",\n \"Microsoft.DBforMySQL/locations/operationResults/read\",\n \"Microsoft.DBforMySQL/locations/azureAsyncOperation/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T06:09:26.5657063Z\",\n \"updatedOn\": \"2023-05-12T10:55:29.6654289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18ad5f3-1baf-4119-b49b-d944edb1f9d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18ad5f3-1baf-4119-b49b-d944edb1f9d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalNGFirewallAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to create, modify, describe, or delete NGFirewalls.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/firewalls/*\",\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/globalRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/networkVirtualAppliances/read\",\n \"Microsoft.Network/networkVirtualAppliances/write\",\n \"Microsoft.Network/networkVirtualAppliances/delete\",\n \"Microsoft.Network/virtualHubs/read\",\n \"Microsoft.Network/virtualWans/read\",\n \"Microsoft.Network/virtualWans/virtualHubs/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4098652Z\",\n \"updatedOn\": \"2023-03-13T15:13:22.9170402Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalRulestacksAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create, modify, describe, or delete Rulestacks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4108678Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3315958Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfc3b73d-c6ff-45eb-9a5f-40298295bf20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfc3b73d-c6ff-45eb-9a5f-40298295bf20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Extension for SQL Server Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to enable deployment of Azure Extension for SQL Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.HybridCompute/machines/extensions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-09T19:23:30.8734404Z\",\n \"updatedOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7392c568-9289-4bde-aaaa-b7131215889d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7392c568-9289-4bde-aaaa-b7131215889d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Read and Batch Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can be used to assign read and batch actions on Azure Maps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/*/read\",\n \"Microsoft.Maps/accounts/services/batch/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"updatedOn\": \"2023-05-16T15:12:18.5723729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6470a16-71bd-43ab-86b3-6f3a73f4e787\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6470a16-71bd-43ab-86b3-6f3a73f4e787\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/users/read\",\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/groups/read\",\n \"Microsoft.ApiManagement/service/groups/users/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/apis/*\",\n \"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*\",\n \"Microsoft.ApiManagement/service/workspaces/policies/*\",\n \"Microsoft.ApiManagement/service/workspaces/schemas/*\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/policyFragments/*\",\n \"Microsoft.ApiManagement/service/workspaces/namedValues/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/backends/*\",\n \"Microsoft.ApiManagement/service/workspaces/certificates/*\",\n \"Microsoft.ApiManagement/service/workspaces/diagnostics/*\",\n \"Microsoft.ApiManagement/service/workspaces/loggers/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56328988-075d-4c6a-8766-d93edd6725b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/subscriptions/*\",\n \"Microsoft.ApiManagement/service/workspaces/groups/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/notifications/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c2c328-d004-4c5e-938c-35c6f5679a1f\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9565a273-41b9-4368-97d2-aeb0c976a9b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:33:57.1067324Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8eda974-7b85-4f76-af95-65846b26df6d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8eda974-7b85-4f76-af95-65846b26df6d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:49:03.5905581Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69566ab7-960f-475b-8e7c-b3118f30c6bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to read virtual networks and join the designated virtual networks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7eabc9a4-85f7-4f71-b8ab-75daaccc1033\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7eabc9a4-85f7-4f71-b8ab-75daaccc1033\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows365SubscriptionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d55a8f6-4133-418d-8051-facdb1735758\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d55a8f6-4133-418d-8051-facdb1735758\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network Interface Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action\",\n \"Microsoft.Network/networkInterfaces/effectiveRouteTable/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1f135831-5bbe-4924-9016-264044c00788\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1f135831-5bbe-4924-9016-264044c00788\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1250456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppComplianceAutomation/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/fileservices/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.PolicyInsights/policyStates/queryResults/action\",\n \"Microsoft.PolicyInsights/policyStates/triggerEvaluation/action\",\n \"Microsoft.Resources/resources/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/tags/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Security/automations/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Security/automations/delete\",\n \"Microsoft.Security/automations/write\",\n \"Microsoft.Security/register/action\",\n \"Microsoft.Security/unregister/action\",\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1240456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f37683f-2463-46b6-9ce7-9b788b988ba2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f37683f-2463-46b6-9ce7-9b788b988ba2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-01T15:11:52.6370946Z\",\n \"updatedOn\": \"2023-05-05T22:39:42.6328063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9dfcab-4b77-4632-a6df-94bd07820648\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9dfcab-4b77-4632-a6df-94bd07820648\"\n },\n {\n \"properties\": {\n \"roleName\": \"SaaS Hub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"SaaS Hub contributor can manage SaaS Hub resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-02T15:22:12.2506952Z\",\n \"updatedOn\": \"2023-05-11T22:10:29.48093Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeployments/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.1951056Z\",\n \"updatedOn\": \"2023-05-11T22:10:28.3488114Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read and download Azure Sphere resources and upload images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.AzureSphere/catalogs/images/write\",\n \"Microsoft.AzureSphere/catalogs/uploadImage/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.8007514Z\",\n \"updatedOn\": \"2024-01-26T23:01:00.4162781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d994134-994b-4a59-9974-f479f0b227fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d994134-994b-4a59-9974-f479f0b227fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Machine Learning Workspace Connection Secrets Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can list workspace connection secrets\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/secrets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2023-10-13T16:37:23.7956902Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea01e6af-a1c1-4350-9563-ad00f8c72ec5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea01e6af-a1c1-4350-9563-ad00f8c72ec5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Procurement Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the procurement of products and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\",\n \"Microsoft.SaaSHub/register/action\",\n \"Microsoft.SaaS/resources/read\",\n \"Microsoft.SaaS/resources/write\",\n \"Microsoft.SaaS/resources/delete\",\n \"Microsoft.SaaS/register/action\",\n \"Microsoft.ProfessionalService/resources/read\",\n \"Microsoft.ProfessionalService/resources/write\",\n \"Microsoft.ProfessionalService/resources/delete\",\n \"Microsoft.ProfessionalService/register/action\",\n \"Microsoft.BillingBenefits/register/action\",\n \"Microsoft.BillingBenefits/maccs/read\",\n \"Microsoft.BillingBenefits/maccs/write\",\n \"Microsoft.BillingBenefits/maccs/delete\",\n \"Microsoft.BillingBenefits/maccs/cancel/action\",\n \"Microsoft.BillingBenefits/maccs/chargeShortfall/action\",\n \"Microsoft.BillingBenefits/maccs/contributors/read\",\n \"Microsoft.BillingBenefits/credits/read\",\n \"Microsoft.BillingBenefits/credits/write\",\n \"Microsoft.BillingBenefits/credits/cancel/action\",\n \"Microsoft.BillingBenefits/credits/sources/read\",\n \"Microsoft.BillingBenefits/credits/sources/write\",\n \"Microsoft.BillingBenefits/credits/sources/delete\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/read\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/write\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/delete\",\n \"Microsoft.EnterpriseSupport/register/action\",\n \"Microsoft.SoftwarePlan/register/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/read\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/write\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/delete\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/cancel/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/listKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2025-06-17T15:17:30.9745788Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be1a1ac2-09d3-4261-9e57-a73a6e227f53\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be1a1ac2-09d3-4261-9e57-a73a6e227f53\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Contributor (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/*\",\n \"Microsoft.CognitiveSearch/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:21.2869168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Reader (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/read\",\n \"Microsoft.CognitiveSearch/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:20.8732351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79b01272-bf9f-4f4c-9517-5506269cf524\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79b01272-bf9f-4f4c-9517-5506269cf524\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/communities/delete\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/communityEndpoints/delete\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/communities/transitHubs/delete\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-25T20:51:16.2041501Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e28a61e-8040-49db-b175-bb5b88af6239\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e28a61e-8040-49db-b175-bb5b88af6239\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrative user that can upload/view firmwares & configure firmware workspaces\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-12T15:03:22.1277659Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4423915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9c1607d1-791d-4c68-885d-c7b7aaff7c8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9c1607d1-791d-4c68-885d-c7b7aaff7c8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Data Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure Key Vault by adding or removing role assignments for the Key Vault Administrator, Key Vault Certificates Officer, Key Vault Crypto Officer, Key Vault Crypto Service Encryption User, Key Vault Crypto User, Key Vault Reader, Key Vault Secrets Officer, or Key Vault Secrets User roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/vaults/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6}))\"\n }\n ],\n \"createdOn\": \"2023-06-20T22:26:01.661921Z\",\n \"updatedOn\": \"2023-12-07T01:33:05.5970688Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b54135c-b56d-4d72-a534-26097cfdc8d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b54135c-b56d-4d72-a534-26097cfdc8d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and update index tags. This role is used by the data scanner of Defender for Storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-21T15:30:31.2244258Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Diagnostics Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to execute diagnostics provided by Compute Diagnostic Service for Compute Resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/virtualmachinescalesets/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-03T15:01:36.9754614Z\",\n \"updatedOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df2711a6-406d-41cf-b366-b0250bff9ad1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df2711a6-406d-41cf-b366-b0250bff9ad1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Network Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to create Private Endpoints on SAN resources, and to read SAN resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/write\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/delete\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-11T15:16:02.2537915Z\",\n \"updatedOn\": \"2023-07-24T15:07:43.2245803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa6cecf6-5db3-4c43-8470-c540bcb4eafa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa6cecf6-5db3-4c43-8470-c540bcb4eafa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Usages Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Minimal permission to view Cognitive Services usages.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/locations/usages/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"updatedOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bba48692-92b0-4667-a9ad-c31c7b334ac2\"\n },\n {\n \"properties\": {\n \"roleName\": \"PostgreSQL Flexible Server Long Term Retention Backup Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role to allow backup vault to access PostgreSQL Flexible Server Resource APIs for Long Term Retention Backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrBackupOperations/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrPreBackup/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/startLtrBackup/action\",\n \"Microsoft.DBforPostgreSQL/locations/azureAsyncOperation/read\",\n \"Microsoft.DBforPostgreSQL/locations/operationResults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-19T15:33:56.5176195Z\",\n \"updatedOn\": \"2023-08-02T22:48:06.4502162Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c088a766-074b-43ba-90d4-1fb21feae531\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c088a766-074b-43ba-90d4-1fb21feae531\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Parameter Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal access to $status and $reindex to update search parameters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/searchparameter/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"updatedOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a02f7c31-354d-4106-865a-deedf37fa038\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a02f7c31-354d-4106-865a-deedf37fa038\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Data Access Administrator (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Virtual Machines by adding or removing role assignments for the Virtual Machine Administrator Login and Virtual Machine User Login roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52}))\"\n }\n ],\n \"createdOn\": \"2023-08-07T15:25:15.1179899Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Developer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/sites/config/list/Action\",\n \"microsoft.web/sites/config/Write\",\n \"microsoft.web/sites/config/web/appsettings/delete\",\n \"microsoft.web/sites/config/web/appsettings/write\",\n \"microsoft.web/sites/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"microsoft.web/sites/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/publish/Action\",\n \"microsoft.web/sites/slots/config/appsettings/write\",\n \"Microsoft.Web/sites/slots/config/list/Action\",\n \"microsoft.web/sites/slots/config/web/appsettings/delete\",\n \"microsoft.web/sites/slots/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/slots/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/slots/publish/Action\",\n \"microsoft.web/sites/workflows/*\",\n \"microsoft.web/sites/workflowsconfiguration/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:10.0284774Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"523776ba-4eb2-4600-a3c8-f2dc93da4bdb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.2307952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad710c24-b039-4e85-a019-deb4a06e8570\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Operator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/sites/applySlotConfig/Action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"Microsoft.Web/sites/restart/Action\",\n \"Microsoft.Web/sites/slots/restart/Action\",\n \"Microsoft.Web/sites/slots/slotsswap/Action\",\n \"Microsoft.Web/sites/slots/start/Action\",\n \"Microsoft.Web/sites/slots/stop/Action\",\n \"Microsoft.Web/sites/slotsdiffs/Action\",\n \"Microsoft.Web/sites/slotsswap/Action\",\n \"Microsoft.Web/sites/start/Action\",\n \"Microsoft.Web/sites/stop/Action\",\n \"Microsoft.Web/sites/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.616246Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.0327572Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b70c96e9-66fe-4c09-b6e7-c98e69c98555\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:52.9359215Z\",\n \"updatedOn\": \"2024-04-03T21:08:11.472321Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4accf36b-2c05-432f-91c8-5c532dff4c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"IPAM Pool User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read IPAM Pools and child resources. Create and remove associations. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkManagers/ipamPools/*/read\",\n \"Microsoft.Network/networkManagers/ipamPools/*/action\",\n \"Microsoft.Network/networkManagers/ipamPools/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"updatedOn\": \"2024-10-14T15:14:50.4699933Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\"\n },\n {\n \"properties\": {\n \"roleName\": \"SpatialMapsAccounts Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage data in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/spatialMapsAccounts/read\",\n \"Microsoft.MixedReality/spatialMapsAccounts/delete\",\n \"Microsoft.MixedReality/spatialMapsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-24T22:24:26.823752Z\",\n \"updatedOn\": \"2023-08-24T22:24:26.823752Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Notifications System Topics Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create system topics and event subscriptions on all system topics exposed currently and in the future by Azure Resource Notifications\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToImpactReportingResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToAksResources/action\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/systemTopics/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-31T17:58:41.4180876Z\",\n \"updatedOn\": \"2025-10-01T20:11:41.338522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b962ed2-6d56-471c-bd5f-3477d83a7ba4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b962ed2-6d56-471c-bd5f-3477d83a7ba4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for Importing Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preRestore/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/90e8b822-3e73-47b5-868a-787dc80c008f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"90e8b822-3e73-47b5-868a-787dc80c008f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Snapshot Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating and exporting Snapshot of Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preBackup/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c4770c0-34f7-4110-a1ea-a5855cc7a939\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c4770c0-34f7-4110-a1ea-a5855cc7a939\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-14T21:20:02.9426432Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49435da6-99fe-48a5-a235-fc668b9dc04a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49435da6-99fe-48a5-a235-fc668b9dc04a\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you subscribe messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/subscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b0f2fd7-60b4-4eca-896f-4435034f8bf5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b0f2fd7-60b4-4eca-896f-4435034f8bf5\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you publish messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/publish/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a12b0b94-b317-4dcd-84a8-502ce99884c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a12b0b94-b317-4dcd-84a8-502ce99884c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Boundary Tenant Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows tenant level administration for data boundaries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/dataBoundaries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"updatedOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1a38570-4b05-4d70-b8e4-1100bcf76d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1a38570-4b05-4d70-b8e4-1100bcf76d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Realtime Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute requests against DeID realtime endpoint. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Realtime/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"updatedOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\"\n ]\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b73a14ee-91f5-41b7-bd81-920e12466be9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b73a14ee-91f5-41b7-bd81-920e12466be9\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a90fa6b-6997-4a07-8a95-30633a7c97b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a90fa6b-6997-4a07-8a95-30633a7c97b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Carbon Optimization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Carbon Optimization data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Carbon/carbonEmissionReports/action\",\n \"Microsoft.Carbon/carbonEmissionReports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-29T19:24:38.5828579Z\",\n \"updatedOn\": \"2025-02-17T16:06:32.7430565Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa0d39e6-28e5-40cf-8521-1eb320653a4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa0d39e6-28e5-40cf-8521-1eb320653a4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Owner allowing to review and modify Landing Zone Configurations as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/*\",\n \"Microsoft.Sovereign/landingZoneRegistrations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"updatedOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/38863829-c2a4-4f8d-b1d2-2e325973ebc7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"38863829-c2a4-4f8d-b1d2-2e325973ebc7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Reader allowing to review Landing Zone Configurations and corresponding Registrations without the ability to modify. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/read\",\n \"Microsoft.Sovereign/landingZoneRegistrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"updatedOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8fe6e843-6d9e-417b-9073-106b048f50bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8fe6e843-6d9e-417b-9073-106b048f50bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Device Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Management Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/Clusters/*\",\n \"Microsoft.AzureStackHCI/EdgeDevices/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*/read\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-10T15:19:13.4820522Z\",\n \"updatedOn\": \"2025-02-11T16:14:17.6124295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"865ae368-6a45-4bd1-8fbf-0d5151f56fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Customer Lockbox Approver for Subscription\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve Microsoft support requests to access specific resources contained within a subscription, or the subscription itself, when Customer Lockbox for Microsoft Azure is enabled on the tenant where the subscription resides.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.CustomerLockbox/requests/UpdateApproval/action\",\n \"Microsoft.CustomerLockbox/requests/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/eventtypes/values/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-12T18:01:15.239432Z\",\n \"updatedOn\": \"2024-08-08T19:08:54.2825991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dae6930-7baf-46f5-909e-0383bc931c46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dae6930-7baf-46f5-909e-0383bc931c46\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Bridge Deployment Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Resource Bridge Deployment Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-16T15:13:24.2748766Z\",\n \"updatedOn\": \"2024-02-26T16:08:40.5270416Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b1f81f9-4196-4058-8aae-762e593270df\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b1f81f9-4196-4058-8aae-762e593270df\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view VMs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/Read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/Read\",\n \"Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/Read\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-19T22:56:37.6955839Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b3fe76c-f777-4d24-a2d7-b027b0f7b273\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b3fe76c-f777-4d24-a2d7-b027b0f7b273\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure AI resource besides managing the resource itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\",\n \"Microsoft.MachineLearningServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/reasonings/read\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/results/images/read\"\n ],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/ContentSafety/*\",\n \"Microsoft.CognitiveServices/accounts/MaaS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:06:45.817201Z\",\n \"updatedOn\": \"2025-04-17T17:55:39.8922431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"64702f94-c441-49e6-a78b-ef80e0188fee\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to perform all VM actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/*\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/*\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/*\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/*\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/join/action\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/join/action\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/deploy/action\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:51:51.8242229Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/874d1c73-6003-4e60-a13a-cb31ea190a85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"874d1c73-6003-4e60-a13a-cb31ea190a85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"updatedOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb960402-bf75-4cc3-8d68-35b34f960f72\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb960402-bf75-4cc3-8d68-35b34f960f72\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send and receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\",\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d8c3fe3-8864-474b-8749-01e3783e8157\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d8c3fe3-8864-474b-8749-01e3783e8157\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and triage recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageRecommendations/approve/action\",\n \"Microsoft.Advisor/triageRecommendations/reject/action\",\n \"Microsoft.Advisor/triageRecommendations/reset/action\",\n \"Microsoft.Advisor/triageResources/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:31.5895356Z\",\n \"updatedOn\": \"2025-04-02T19:27:15.4734544Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8aac15f0-d885-4138-8afa-bfb5872f7d13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8aac15f0-d885-4138-8afa-bfb5872f7d13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageResources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:32.6518882Z\",\n \"updatedOn\": \"2025-04-02T19:42:31.0079991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c64499e0-74c3-47ad-921c-13865957895c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c64499e0-74c3-47ad-921c-13865957895c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Inference Deployment Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions required to create a resource deployment within a resource group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/AutoscaleSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T18:08:40.1583451Z\",\n \"updatedOn\": \"2024-03-15T17:43:35.7204254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3afb7f49-54cb-416e-8c09-6dc049efa503\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connected Cluster Managed Identity CheckAccess Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built-in role that allows a Connected Cluster managed identity to call the checkAccess API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T19:09:07.911497Z\",\n \"updatedOn\": \"2023-11-07T16:18:43.5381941Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/65a14201-8f6c-4c28-bec4-12619c5a9aaa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"65a14201-8f6c-4c28-bec4-12619c5a9aaa\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Dataset Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dataset APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"updatedOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d4b70f-0fb9-4f72-b267-b87b2f990aec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d4b70f-0fb9-4f72-b267-b87b2f990aec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender for Storage's malware scanning and sensitive data discovery features on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/defenderforstoragesettings/read\",\n \"Microsoft.Security/defenderforstoragesettings/write\",\n \"Microsoft.Security/advancedThreatProtectionSettings/read\",\n \"Microsoft.Security/advancedThreatProtectionSettings/write\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7}))\"\n }\n ],\n \"createdOn\": \"2023-11-10T10:31:03.38275Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f641de8-0b88-4198-bdef-bd8b45ceba96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f641de8-0b88-4198-bdef-bd8b45ceba96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view AFD standard and premium profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/Usages/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/Usages/action\",\n \"Microsoft.Cdn/profiles/origingroups/Usages/action\",\n \"Microsoft.Cdn/profiles/rulesets/Usages/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-15T16:30:04.3609762Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"662802e2-50f6-46b0-aed2-e834bacc6d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-28T16:02:03.528699Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86fede04-b259-4277-8c3e-e26b9865abd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86fede04-b259-4277-8c3e-e26b9865abd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc3f91a1-40bf-4439-8c46-45edbd83563a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc3f91a1-40bf-4439-8c46-45edbd83563a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5092dac-c796-4349-8681-1a322a31c3f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5092dac-c796-4349-8681-1a322a31c3f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e7037d40-443a-4434-a3fb-8cd202011e1d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e7037d40-443a-4434-a3fb-8cd202011e1d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/enclaveConnections/delete\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/delete\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-05T16:13:20.7602458Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-07T23:59:26.5917667Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19feefae-eacc-4106-81fd-ac34c0671f14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19feefae-eacc-4106-81fd-ac34c0671f14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-08T19:37:02.3189417Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3911351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Encryption Scope Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of Encryption Scopes on a Storage Account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/encryptionScopes/read\",\n \"Microsoft.Storage/storageAccounts/encryptionScopes/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-01-10T18:58:49.3538976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a316ed6d-1efe-48ac-ac08-f7995a9c26fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a316ed6d-1efe-48ac-ac08-f7995a9c26fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Key Vault Writer Service Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/vaults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/setSecret/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-08-14T19:11:47.7610812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44f0a1a8-6fea-4b35-980a-8ff50c487c97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44f0a1a8-6fea-4b35-980a-8ff50c487c97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Release User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/release/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"updatedOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08bbd89e-9f13-488c-ac41-acfcb10c90ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08bbd89e-9f13-488c-ac41-acfcb10c90ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Runtime Storage Class Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Kubernetes Runtime storage classes in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/storageClasses/read\",\n \"Microsoft.KubernetesRuntime/storageClasses/write\",\n \"Microsoft.KubernetesRuntime/storageClasses/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-15T06:02:00.5747685Z\",\n \"updatedOn\": \"2024-08-19T15:08:52.7461468Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0cd9749a-3aaf-4ae5-8803-bd217705bf3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0cd9749a-3aaf-4ae5-8803-bd217705bf3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"updatedOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/609c0c20-e0a0-4a71-b99f-e7e755ac493d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"609c0c20-e0a0-4a71-b99f-e7e755ac493d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificate User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificates/read\",\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\",\n \"Microsoft.KeyVault/vaults/keys/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"updatedOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Managed Components Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for all managed components in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/managedComponents/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/52fd16bd-6ed5-46af-9c40-29cbd7952a29\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"52fd16bd-6ed5-46af-9c40-29cbd7952a29\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6593e776-2a30-40f9-8a32-4fe28b77655d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6593e776-2a30-40f9-8a32-4fe28b77655d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Gateway Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Gateway in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/gateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"updatedOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge On-Site Deployment Engineer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an on-site person to assist in the provisioning of an edge device\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/orderItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T11:05:20.8919638Z\",\n \"updatedOn\": \"2024-08-30T13:53:39.2810677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/207bcc4b-86a6-4487-9141-d6c1f4c238aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"207bcc4b-86a6-4487-9141-d6c1f4c238aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane read operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.ApiCenter/services/workspaces/search/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T20:37:59.9775707Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7244dfb-f447-457d-b2ba-3999044d1706\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact-insight reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact-insight read access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"updatedOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfb2f09d-25f8-4558-8986-497084006d7a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfb2f09d-25f8-4558-8986-497084006d7a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud permissions to provision the Kubernetes defender security agent\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-29T16:00:38.0450387Z\",\n \"updatedOn\": \"2024-04-08T15:07:46.3009159Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cloud Controller Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and update the cloud controller manager deployed on top of OpenShift.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/privatelinkservices/write\",\n \"Microsoft.Network/privatelinkservices/read\",\n \"Microsoft.Network/privatelinkservices/delete\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.7996135Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.5578538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1f96423-95ce-4224-ab27-4e3dc72facd4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1f96423-95ce-4224-ab27-4e3dc72facd4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Disk Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Disks. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-03-28T17:59:48.0577945Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b7237c5-45e1-49d6-bc18-a1f62f400748\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b7237c5-45e1-49d6-bc18-a1f62f400748\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Network Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install and upgrade the networking components on an OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Compute/virtualMachines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be7a6435-15ae-4171-8f30-4a343eff9e8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be7a6435-15ae-4171-8f30-4a343eff9e8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Image Registry Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Resources/tags/write\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift File Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Files. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/privateDnsOperationStatuses/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateEndpoints/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0d7aedc0-15fd-4a67-a412-efad370c947e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0d7aedc0-15fd-4a67-a412-efad370c947e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Service Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Maintain machine health, network configuration, monitoring, and other features that are specific to an OpenShift cluster's continued functionality as a managed service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-06-03T15:14:11.4486606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4436bae4-7702-4c84-919b-c4069ff25ee2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4436bae4-7702-4c84-919b-c4069ff25ee2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Machine API Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage the lifecycle of specific-purpose custom resource definitions (CRD), controllers, and Azure RBAC objects that extend the Kubernetes API to declares the desired state of machines in a cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/capacityReservationGroups/deploy/action\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action\",\n \"Microsoft.Network/applicationSecurityGroups/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNATRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-03-20T13:43:14.3948725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0358943c-7e01-48ba-8889-02cc51d78637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0358943c-7e01-48ba-8889-02cc51d78637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cluster Ingress Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and configure the OpenShift router.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsZones/A/delete\",\n \"Microsoft.Network/dnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/A/delete\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-02-14T18:54:20.1640655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0336e1d3-7a87-462b-b6db-342b63f7802c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0336e1d3-7a87-462b-b6db-342b63f7802c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources and RBAC configuration, includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n }\n ],\n \"createdOn\": \"2024-02-01T23:40:30.7387663Z\",\n \"updatedOn\": \"2024-03-12T15:09:00.907512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a382001-fe36-41ff-bba4-8bf06bd54da9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a382001-fe36-41ff-bba4-8bf06bd54da9\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/WRITE\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/*/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/*/WRITE\",\n \"Microsoft.Quota/GROUPQUOTAS/*/DELETE\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:36.8464681Z\",\n \"updatedOn\": \"2025-02-04T16:18:52.2174712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e2217c0e-04bb-4724-9580-91cf9871bc01\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e2217c0e-04bb-4724-9580-91cf9871bc01\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/subscriptions/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"updatedOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0f495dc-44ef-4140-aeb0-b89110e6a7c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0f495dc-44ef-4140-aeb0-b89110e6a7c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Smart Boundary Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Smart Boundary Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-16T08:39:51.0915233Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.223022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/539283cd-c185-4a9a-9503-d35217a1db7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"539283cd-c185-4a9a-9503-d35217a1db7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender CSPM's sensitive data discovery feature on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n }\n ],\n \"createdOn\": \"2024-02-23T11:40:48.9476806Z\",\n \"updatedOn\": \"2025-09-24T15:22:44.3542995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8480c0f0-4509-4229-9339-7c10018cb8c4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8480c0f0-4509-4229-9339-7c10018cb8c4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Recommendations Contributor (Assessments and Reviews)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View assessment recommendations, accepted review recommendations, and manage the recommendations lifecycle (mark recommendations as completed, postponed or dismissed, in progress, or not started).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Advisor/recommendations/write\",\n \"Microsoft.Advisor/recommendations/available/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-26T16:08:40.5151834Z\",\n \"updatedOn\": \"2024-03-13T23:14:21.178011Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b534d80-e337-47c4-864f-140f5c7f593d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b534d80-e337-47c4-864f-140f5c7f593d\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage GeoCatalogs, but does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9c97b9c-105d-4bb5-a2a7-7d15666c2484\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9c97b9c-105d-4bb5-a2a7-7d15666c2484\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View GeoCatalogs, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7b8f583-43d0-40ae-b147-6b46f53661c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7b8f583-43d0-40ae-b147-6b46f53661c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7661499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af854a69-80ce-4ff7-8447-f1118a2e0ca8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/RestoreBuiltinTemplate/Read\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/Read\",\n \"Microsoft.HealthBot/healthBots/Localization/Read\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/Read\",\n \"Microsoft.HealthBot/healthBots/DataConnections/Read\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/Read\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*/Read\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/Read\",\n \"Microsoft.HealthBot/healthBots/Resources/Files/Read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7381488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway Dataplane User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8503139Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c20923c5-b089-47a5-bf67-fd89569c4ad9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c20923c5-b089-47a5-bf67-fd89569c4ad9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\",\n \"Microsoft.HealthBot/healthBots/Admin/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8513161Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7431492Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1082fec-a70f-419f-9230-885d2550fb38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Network Connection Approver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve private endpoint connections to Azure AI common dependency resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/privateEndpointConnections/read\",\n \"Microsoft.ApiManagement/service/privateEndpointConnections/write\",\n \"Microsoft.ApiManagement/service/privateLinkResources/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/privateLinkResources/read\",\n \"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Cache/redisEnterprise/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write\",\n \"Microsoft.Cache/redisEnterprise/privateLinkResources/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action\",\n \"Microsoft.CognitiveServices/accounts/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write\",\n \"Microsoft.CognitiveServices/accounts/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforMySQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write\",\n \"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read\",\n \"Microsoft.DocumentDB/databaseAccounts/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/write\",\n \"Microsoft.KeyVault/vaults/privateLinkResources/read\",\n \"Microsoft.KeyVault/vaults/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/registries/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/write\",\n \"Microsoft.Storage/storageAccounts/privateLinkResources/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnections/read\",\n \"Microsoft.Sql/servers/privateEndpointConnections/write\",\n \"Microsoft.Sql/servers/privateLinkResources/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/write\",\n \"Microsoft.EventHub/namespaces/privateLinkResources/read\",\n \"Microsoft.EventHub/namespaces/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/write\",\n \"Microsoft.Search/searchServices/sharedPrivateLinkResources/read\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/write\",\n \"Microsoft.Insights/privatelinkscopes/privateLinkResources/read\",\n \"Microsoft.Insights/privatelinkscopes/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/write\",\n \"Microsoft.Network/privateLinkServices/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/write\",\n \"Microsoft.Network/applicationGateways/privateLinkResources/read\",\n \"Microsoft.Network/applicationGateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-29T22:43:58.7323849Z\",\n \"updatedOn\": \"2025-01-29T21:07:16.6125101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b556d68e-0be0-4f35-a333-ad7ee1ce17ea\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role required by a Managed Identity for Azure Container Storage operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Resources/subscriptions/providers/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-06T18:09:47.8933525Z\",\n \"updatedOn\": \"2024-03-21T21:58:56.1897725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and manage its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.6502598Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95dd08a6-00bd-4661-84bf-f6726f83a4d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95dd08a6-00bd-4661-84bf-f6726f83a4d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and grants access to its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.882353Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95de85bd-744d-4664-9dde-11430bc34793\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95de85bd-744d-4664-9dde-11430bc34793\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Locations/operationStatuses/write\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.AzureStackHCI/clusters/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:44.8716461Z\",\n \"updatedOn\": \"2025-09-25T18:20:47.1023449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d3f1697-4507-4d08-bb4a-477695db5f82\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d3f1697-4507-4d08-bb4a-477695db5f82\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/233ca253-b031-42ff-9fba-87ef12d6b55f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"233ca253-b031-42ff-9fba-87ef12d6b55f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/action\",\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f54b6d04-23c6-443e-b462-9c16ab7b4a52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f54b6d04-23c6-443e-b462-9c16ab7b4a52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Can create/delete ResourceGuard \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.DataProtection/*/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/subscriptions/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Savings plan Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase savings plans\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.BillingBenefits/savingsPlanOrders/write\",\n \"Microsoft.BIllingBenefits/register/action\",\n \"Microsoft.Support/supporttickets/write\",\n \"Microsoft.Billing/billingProperty/read\",\n \"Microsoft.CostManagement/benefitRecommendations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"updatedOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read\",\n \"Microsoft.Network/expressRouteCrossConnections/*/read\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionManager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*\",\n \"Microsoft.Network/expressRouteCrossConnections/*\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [\n \"Microsoft.Network/expressRouteCrossConnections/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/399c3b2b-64c2-4ff1-af34-571db925b068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"399c3b2b-64c2-4ff1-af34-571db925b068\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/write\",\n \"Microsoft.Security/pricings/securityoperators/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-20T15:36:16.6580488Z\",\n \"updatedOn\": \"2024-12-05T16:14:33.0969374Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e93ba01-8f92-4c7a-b12a-801e3df23824\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e93ba01-8f92-4c7a-b12a-801e3df23824\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*\",\n \"Microsoft.ApiCenter/deletedServices/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1026818Z\",\n \"updatedOn\": \"2025-06-27T17:59:17.7305662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd24193f-ef65-44e5-8a7e-6fa6e03f7713\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cba8790-29c5-48e5-bab1-c7541b01cb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Compliance Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing API compliance in Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ede9aaa3-4627-494e-be13-4aa7c256148d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Historical Weather Data Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Historical Weather Data Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:24.6069385Z\",\n \"updatedOn\": \"2024-08-08T17:08:36.118249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b192c1-773c-4543-bfb0-6c59254b74a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b192c1-773c-4543-bfb0-6c59254b74a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database VmCluster Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all VmCluster resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudExadataInfrastructures/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4654513Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9ce8739-6fa2-4123-a0a2-0ef41a67806f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9ce8739-6fa2-4123-a0a2-0ef41a67806f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Reader Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/resourceAnchors/read\",\n \"Oracle.Database/networkAnchors/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2025-08-21T18:37:52.3681201Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d623d097-b882-4e1e-a26f-ac60e31065a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d623d097-b882-4e1e-a26f-ac60e31065a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Owner Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-04T21:25:06.0488389Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4562aac9-b209-4bd7-a144-6d7f3bb516f4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4562aac9-b209-4bd7-a144-6d7f3bb516f4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle Subscriptions Manager Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle Subscriptions resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/write\",\n \"Oracle.Database/oracleSubscriptions/*/delete\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-05T15:59:48.0147406Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4caf51ec-f9f5-413f-8a94-b9f5fddba66b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4caf51ec-f9f5-413f-8a94-b9f5fddba66b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exadata Infrastructure Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Exadata Infrastructure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:26.7449799Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4cfdd23b-aece-4fd1-b614-ad3a06c53453\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4cfdd23b-aece-4fd1-b614-ad3a06c53453\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Catalog Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Catalog resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f27b7598-bc64-41f7-8a44-855ff16326c2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f27b7598-bc64-41f7-8a44-855ff16326c2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Config File Pattern Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read content of config file pattern for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.869223Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.869223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25211fc6-dc78-40b6-b205-e4ac934fd9fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25211fc6-dc78-40b6-b205-e4ac934fd9fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Hybrid Database Administrator - Read Only Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read only access to Azure hybrid database services resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/*/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/getTelemetry/action\",\n \"Microsoft.AzureArcData/sqlServerInstances/availabilityGroups/getDetailView/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"updatedOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d9c6a55-fc0e-4e21-ae6f-f7b095497342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d9c6a55-fc0e-4e21-ae6f-f7b095497342\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Business Applications Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List and update actions on a business applications system. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-04T08:02:29.5240808Z\",\n \"updatedOn\": \"2024-06-05T15:32:09.463486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure ContainerApps Session Executor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and execute sessions in a sessionPool\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/sessions/generatesessions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/interpreters/execute/action\",\n \"Microsoft.App/sessionPools/interpreters/read\",\n \"Microsoft.App/sessionPools/executions/*\",\n \"Microsoft.App/sessionPools/files/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-05T18:15:51.9984875Z\",\n \"updatedOn\": \"2024-11-01T09:37:25.3241262Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Edge Winfields federated subscription read access role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Edge Winfields role for read access on federated subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-11T23:06:49.0273732Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3701285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83ee7727-862c-4213-8ed8-2ce6c5d69a40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83ee7727-862c-4213-8ed8-2ce6c5d69a40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Federated Credential\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, update and delete federated credentials on user assigned managed identities in order to build a trust relationship between the managed identity, OpenID Connect (OIDC), and the service account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-12T00:30:33.7626424Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4504757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef318e2a-8334-4a05-9e4a-295a196c6a6e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef318e2a-8334-4a05-9e4a-295a196c6a6e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Crop Id Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Crop Id Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-19T09:07:57.429491Z\",\n \"updatedOn\": \"2024-05-15T15:18:59.4401968Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39138f76-04e6-41f0-ba6b-c411b59081a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39138f76-04e6-41f0-ba6b-c411b59081a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Events Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to scheduled event actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/scheduledevents/acknowledge/action\",\n \"Microsoft.Compute/VirtualMachines/read\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/AvailabilitySets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-23T15:07:32.157769Z\",\n \"updatedOn\": \"2024-05-03T21:25:12.6392452Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b67fe603-310e-4889-b9ee-8257d09d353d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b67fe603-310e-4889-b9ee-8257d09d353d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Recommendations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to call Compute Recommendations APIs provided by Compute Diagnostic Resource Provider service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/locations/placementScores/generate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-30T15:20:17.6310289Z\",\n \"updatedOn\": \"2024-07-02T15:07:54.755272Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e82342c9-ac7f-422b-af64-e426d2e12b2d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e82342c9-ac7f-422b-af64-e426d2e12b2d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Execution Instance List Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List instances for job executions in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91422e52-bb88-4415-bb4a-90f5b71f6dcb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91422e52-bb88-4415-bb4a-90f5b71f6dcb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for jobs in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/jobs/read\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/logstream/action\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b459aa1d-e3c8-436f-ae21-c0531140f43e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b459aa1d-e3c8-436f-ae21-c0531140f43e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T17:46:29.728767Z\",\n \"updatedOn\": \"2024-05-10T17:46:29.728767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05fdd44c-adc6-4aff-981c-61041f0c929a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05fdd44c-adc6-4aff-981c-61041f0c929a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-write access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"updatedOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a5eb8433-97a5-4a06-80b2-a877e1622c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a5eb8433-97a5-4a06-80b2-a877e1622c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/write\",\n \"Microsoft.Resources/deploymentStacks/read\",\n \"Microsoft.Resources/deploymentStacks/validate/action\",\n \"Microsoft.Resources/deploymentStacks/exportTemplate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2025-06-05T00:56:22.3468702Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf7f8882-3383-422a-806a-6526c631a88a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf7f8882-3383-422a-806a-6526c631a88a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, including those with deny assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adb29209-aa1d-457b-a786-c913953d2891\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adb29209-aa1d-457b-a786-c913953d2891\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Config Server Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Config Server in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configServers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"updatedOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/74252426-c508-480e-9345-4607bbebead4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"74252426-c508-480e-9345-4607bbebead4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Catalog Lister\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listing all repositories in an Azure Container Registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:09.4683575Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5848534Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2efddaa5-3f1f-4df3-97df-af3f13818f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2efddaa5-3f1f-4df3-97df-af3f13818f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.586855Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a1e307c-b015-4ebd-883e-5b7698a07328\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a1e307c-b015-4ebd-883e-5b7698a07328\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5818531Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b93aa761-3e63-49ed-ac28-beffa264f7ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b93aa761-3e63-49ed-ac28-beffa264f7ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DeID data. This role is in preview and subject to change\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"updatedOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78e4b983-1a0b-472e-8b7d-8d770f7c5890\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78e4b983-1a0b-472e-8b7d-8d770f7c5890\"\n },\n {\n \"properties\": {\n \"roleName\": \"Locks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Locks Operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"updatedOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28bf596f-4eb7-45ce-b5bc-6cf482fec137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28bf596f-4eb7-45ce-b5bc-6cf482fec137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Standby Container Group Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage standby container group pool resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/revisions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StandbyPool/Locations/OperationStatuses/read\",\n \"Microsoft.StandbyPool/Operations/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/delete\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/runtimeViews/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"updatedOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39fcb0de-8844-4706-b050-c28ddbe3ff83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39fcb0de-8844-4706-b050-c28ddbe3ff83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Artifacts Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for publishing gallery artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/*\",\n \"Microsoft.Compute/locations/capsOperations/read\",\n \"Microsoft.Compute/locations/communityGalleries/*\",\n \"Microsoft.Compute/locations/sharedGalleries/*\",\n \"Microsoft.Compute/images/*\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"updatedOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Viewer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant access to view all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T07:46:35.012434Z\",\n \"updatedOn\": \"2024-06-28T08:35:31.7949436Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5826735-177b-4a0d-a9a3-d0e4b4bda107\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5826735-177b-4a0d-a9a3-d0e4b4bda107\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant full access to manage all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T08:01:39.0551096Z\",\n \"updatedOn\": \"2024-06-28T08:35:33.2869473Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ccf8795-8983-4912-8036-1c45212c95e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ccf8795-8983-4912-8036-1c45212c95e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a3ab03bc-5350-42ff-b0d5-00207672db55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a3ab03bc-5350-42ff-b0d5-00207672db55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Connected InfraVMs\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role of Arc Integration for Azure Stack HCI Infrastructure Virtual Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:27.6822616Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3691302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c99c945f-8bd1-4fb1-a903-01460aae6068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c99c945f-8bd1-4fb1-a903-01460aae6068\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Delete resources during VM Restore. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/locations/diskOperations/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/checkNameAvailability/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"updatedOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce8971-25e3-42e3-ba33-6055438e3080\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce8971-25e3-42e3-ba33-6055438e3080\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight clusters, configuration, extensions, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXECUTESCRIPTACTIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/GETGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/LISTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATEENDPOINTCONNECTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATELINKRESOURCES/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESOLVEPRIVATELINKSERVICEID/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESTARTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/AUTOSCALE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/RESIZE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/PROMOTE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/UPDATEGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AVAILABLECLUSTERVERSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/BILLINGSPECS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CAPABILITIES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CHECKNAMEAVAILABILITY/ACTION\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/USAGES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/VALIDATECREATEREQUEST/ACTION\",\n \"MICROSOFT.HDINSIGHT/OPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/REGISTER/ACTION\",\n \"MICROSOFT.HDINSIGHT/RESOURCETYPES/READ\",\n \"MICROSOFT.HDINSIGHT/UNREGISTER/ACTION\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"updatedOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0847e196-2fd2-4c2f-a48c-fca6fd030f44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0847e196-2fd2-4c2f-a48c-fca6fd030f44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Compute Contributor Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Manage and configure Azure Operator Nexus infrastructure resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/classicAdministrators/operationstatuses/read\",\n \"Microsoft.Authorization/classicAdministrators/read\",\n \"Microsoft.Authorization/denyAssignments/read\",\n \"Microsoft.Authorization/diagnosticSettings/read\",\n \"Microsoft.Authorization/diagnosticSettingsCategories/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/operations/read\",\n \"Microsoft.Authorization/permissions/read\",\n \"Microsoft.Authorization/policyAssignments/read\",\n \"Microsoft.Authorization/policyAssignments/privateLinkAssociations/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read\",\n \"Microsoft.Authorization/policyDefinitions/read\",\n \"Microsoft.Authorization/policyExemptions/read\",\n \"Microsoft.Authorization/policySetDefinitions/read\",\n \"Microsoft.Authorization/providerOperations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleInstances/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleRequests/read\",\n \"Microsoft.Authorization/roleAssignmentSchedules/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleInstances/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleRequests/read\",\n \"Microsoft.Authorization/roleEligibilitySchedules/read\",\n \"Microsoft.Authorization/roleManagementPolicies/read\",\n \"Microsoft.Authorization/roleManagementPolicyAssignments/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.Insights/alertRules/activated/action\",\n \"Microsoft.Insights/alertRules/delete\",\n \"Microsoft.Insights/alertRules/incidents/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/alertRules/resolved/action\",\n \"Microsoft.Insights/alertRules/throttled/action\",\n \"Microsoft.Insights/alertRules/write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.ManagedNetworkFabric/networkFabricControllers/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkFabrics/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkRacks/join/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/cordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/delete\",\n \"Microsoft.NetworkCloud/bareMetalMachines/powerOff/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/read\",\n \"Microsoft.NetworkCloud/bareMetalMachines/reimage/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/replace/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/restart/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runDataExtracts/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runReadCommands/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/start/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/uncordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/write\",\n \"Microsoft.NetworkCloud/clusterManagers/delete\",\n \"Microsoft.NetworkCloud/clusterManagers/read\",\n \"Microsoft.NetworkCloud/clusterManagers/write\",\n \"Microsoft.NetworkCloud/clusters/bareMetalMachineKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/bmcKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/continueUpdateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/delete\",\n \"Microsoft.NetworkCloud/clusters/deploy/action\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/delete\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/read\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/write\",\n \"Microsoft.NetworkCloud/clusters/read\",\n \"Microsoft.NetworkCloud/clusters/scanRuntime/action\",\n \"Microsoft.NetworkCloud/clusters/updateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/write\",\n \"Microsoft.NetworkCloud/locations/operationStatuses/read\",\n \"Microsoft.NetworkCloud/operations/read\",\n \"Microsoft.NetworkCloud/rackSkus/read\",\n \"Microsoft.NetworkCloud/racks/delete\",\n \"Microsoft.NetworkCloud/racks/join/action\",\n \"Microsoft.NetworkCloud/racks/read\",\n \"Microsoft.NetworkCloud/racks/write\",\n \"Microsoft.NetworkCloud/register/action\",\n \"Microsoft.NetworkCloud/registeredSubscriptions/read\",\n \"Microsoft.NetworkCloud/storageAppliances/read\",\n \"Microsoft.NetworkCloud/unregister/action\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"updatedOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4aa368ec-fba9-4e93-81ed-396b3d461cc5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4aa368ec-fba9-4e93-81ed-396b3d461cc5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Instances Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to container groups provided by Azure Container Instances\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerInstance/containerGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"updatedOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d977122-f97e-4b4d-a52f-6b43003ddb4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d977122-f97e-4b4d-a52f-6b43003ddb4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read connectors and their associated resources, such as impacts and insights.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Insights/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"updatedOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cdbb904-5ff3-429d-8169-7d7818b91bd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cdbb904-5ff3-429d-8169-7d7818b91bd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Transparency Logs Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Transparency Log resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/transparencyLogs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"updatedOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Limited Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View home page.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41e04612-9dac-4699-a02b-c82ff2cc3fb5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41e04612-9dac-4699-a02b-c82ff2cc3fb5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Encryption Set Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/diskEncryptionSets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"updatedOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/136d308c-0937-4a49-9bd7-edfb42adbffc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"136d308c-0937-4a49-9bd7-edfb42adbffc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Field Imagery Solution Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Field Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-01T08:16:34.164867Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1af232de-e806-426f-8ca1-c36142449755\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1af232de-e806-426f-8ca1-c36142449755\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge Hardware Center Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an edge order administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-06T15:15:42.539443Z\",\n \"updatedOn\": \"2024-08-06T15:15:42.539443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9295f069-25d0-4f44-bb6a-3da70d11aa00\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9295f069-25d0-4f44-bb6a-3da70d11aa00\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-In Role that has all control plane permissions to work with Azure AI and its dependencies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.ContainerRegistry/registries/*\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.MachineLearningServices/workspaces/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Search/searchServices/write\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Search/searchServices/delete\",\n \"Microsoft.Search/searchServices/indexes/*\",\n \"Microsoft.Search/searchServices/listAdminKeys/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/*\",\n \"Microsoft.DataFactory/factories/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-07T23:50:52.3424998Z\",\n \"updatedOn\": \"2025-04-15T15:19:36.7198543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b78c5d69-af96-48a3-bf8d-a8b4d589de94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b78c5d69-af96-48a3-bf8d-a8b4d589de94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Image Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for reading gallery images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-09T07:40:21.6696134Z\",\n \"updatedOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cf7c76d2-98a3-4358-a134-615aa78bf44d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cf7c76d2-98a3-4358-a134-615aa78bf44d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, logstream and exec into Container Apps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/containerApps/logstream/action\",\n \"Microsoft.App/containerApps/exec/action\",\n \"Microsoft.App/containerApps/debug/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-11-13T16:12:37.8788949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f3bd1b5c-91fa-40e7-afe7-0c11d331232c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f3bd1b5c-91fa-40e7-afe7-0c11d331232c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/*/write\",\n \"Microsoft.App/managedEnvironments/*/delete\",\n \"Microsoft.App/managedEnvironments/*/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/57cc5028-e6a7-4284-868d-0611c5923f8d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"57cc5028-e6a7-4284-868d-0611c5923f8d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/write\",\n \"Microsoft.App/containerApps/*/delete\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.437978Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.437978Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/358470bc-b998-42bd-ab17-a7e34c199c0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"358470bc-b998-42bd-ab17-a7e34c199c0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps managedenvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b32c00b-7eff-4c22-93e6-93d11d72d2d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b32c00b-7eff-4c22-93e6-93d11d72d2d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/managedenvironments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/edd66693-d32a-450b-997d-0158c03976b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"edd66693-d32a-450b-997d-0158c03976b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps sessionpools.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af61e8fc-2633-4b95-bed3-421ad6826515\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af61e8fc-2633-4b95-bed3-421ad6826515\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps jobs, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.App/jobs/write\",\n \"Microsoft.App/jobs/delete\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps SessionPools, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/*/write\",\n \"Microsoft.App/sessionPools/*/delete\",\n \"Microsoft.App/sessionPools/*/action\",\n \"microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7669afb-68b2-44b4-9c5f-6d2a47fddda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7669afb-68b2-44b4-9c5f-6d2a47fddda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Durable Task role for all data access operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"updatedOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ad04412-c4d5-4796-b79c-f76d14c8d402\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ad04412-c4d5-4796-b79c-f76d14c8d402\"\n },\n {\n \"properties\": {\n \"roleName\": \"KubernetesRuntime Load Balancer Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete load balancers in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/loadBalancers/read\",\n \"Microsoft.KubernetesRuntime/loadBalancers/write\",\n \"Microsoft.KubernetesRuntime/loadBalancers/delete\",\n \"Microsoft.KubernetesRuntime/bgpPeers/read\",\n \"Microsoft.KubernetesRuntime/bgpPeers/write\",\n \"Microsoft.KubernetesRuntime/bgpPeers/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesRuntime/locations/operationStatuses/write\",\n \"Microsoft.KubernetesRuntime/services/write\",\n \"Microsoft.KubernetesRuntime/services/delete\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/write\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-26T15:01:39.6821551Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a5682fc-4f12-4b25-927e-e8cfed0c539e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a5682fc-4f12-4b25-927e-e8cfed0c539e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS Orchestrator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource group because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to create the supporting resources in the resource group of the private clouds attached virtual network and bind them to the attached virtual network. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/operationStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Network/virtualHubs/delete\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/networkIntentPolicies/read\",\n \"Microsoft.Network/networkIntentPolicies/delete\",\n \"Microsoft.Network/networkIntentPolicies/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualHubs/write\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/read\",\n \"Microsoft.Network/virtualHubs/bgpConnections/write\",\n \"Microsoft.Network/virtualHubs/bgpConnections/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{d715fb95a0f04f1c8be65ad2d2767f67, 4d97b98b1d4f4787a291c67834d212e7, 49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"updatedOn\": \"2025-02-13T20:38:23.7051408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Connector Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Service Connector.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceLinker/linkers/read\",\n \"Microsoft.ServiceLinker/linkers/delete\",\n \"Microsoft.ServiceLinker/linkers/write\",\n \"Microsoft.ServiceLinker/linkers/listConfigurations/action\",\n \"Microsoft.ServiceLinker/linkers/validateLinker/action\",\n \"Microsoft.ServiceLinker/dryruns/delete\",\n \"Microsoft.ServiceLinker/dryruns/write\",\n \"Microsoft.ServiceLinker/linkers/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/delete\",\n \"Microsoft.ServiceLinker/locations/connectors/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/validate/action\",\n \"Microsoft.ServiceLinker/locations/connectors/write\",\n \"Microsoft.ServiceLinker/locations/dryruns/delete\",\n \"Microsoft.ServiceLinker/locations/dryruns/write\",\n \"Microsoft.ServiceLinker/locations/operationStatuses/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-28T15:23:35.037597Z\",\n \"updatedOn\": \"2025-05-16T03:07:33.2225582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7003cd-07a9-490c-bfa5-23e40314f8d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7003cd-07a9-490c-bfa5-23e40314f8d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Approver Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all resources in Azure Virtual Enclaves and Approve approval requests within the Enclave\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/enclaveConnections/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/communities/communityEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/approvals/initiatorCallback/action\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T15:25:33.0231286Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.356225Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2142ea27-02ad-4094-bfea-2dbac6d24934\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2142ea27-02ad-4094-bfea-2dbac6d24934\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Update Agent\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide full access to all Azure Device Update agent operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"updatedOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a740172-0fc2-4039-972c-b31864cd47d6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a740172-0fc2-4039-972c-b31864cd47d6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Purge Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows permanent deletion of soft-deleted vaults.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/locations/operationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"updatedOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a68e7c17-0ab2-4c09-9a58-125dae29748c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a68e7c17-0ab2-4c09-9a58-125dae29748c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to perform all Face APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"updatedOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, start, and stop Container Apps jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/jobs/logstream/action\",\n \"Microsoft.App/jobs/exec/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"updatedOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) This role allows full access to Azure Operator Nexus Network Cloud resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NetworkCloud/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\"\n },\n {\n \"properties\": {\n \"roleName\": \"CloudTest Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on CloudTest Accounts, CloudTest Pools, 1ES Hosted Pools and 1ES Images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CloudTest/*/read\",\n \"Microsoft.CloudTest/hostedpools/write\",\n \"Microsoft.CloudTest/hostedpools/delete\",\n \"Microsoft.CloudTest/images/write\",\n \"Microsoft.CloudTest/images/delete\",\n \"Microsoft.CloudTest/images/cancel/action\",\n \"Microsoft.CloudTest/images/refresh/action\",\n \"Microsoft.CloudTest/pools/write\",\n \"Microsoft.CloudTest/pools/delete\",\n \"Microsoft.CloudTest/accounts/write\",\n \"Microsoft.CloudTest/accounts/delete\",\n \"Microsoft.CloudTest/pools/leases/action\",\n \"Microsoft.CloudTest/pools/leases/complete/action\",\n \"Microsoft.CloudTest/pools/leases/extend/action\",\n \"Microsoft.CloudTest/hostedpools/leases/action\",\n \"Microsoft.CloudTest/hostedpools/leases/complete/action\",\n \"Microsoft.CloudTest/hostedpools/leases/extend/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2025-08-14T01:17:34.3715766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e9d0bd4-5aab-4f91-92df-9def33fe287c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e9d0bd4-5aab-4f91-92df-9def33fe287c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Automanage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Automanage Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automanage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d6517c1-e434-405c-9f3f-e0ae65085d76\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d6517c1-e434-405c-9f3f-e0ae65085d76\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Bot Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"To perform actions on the bots by copilot studio platform and extensibility team\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.BotService/listAuthServiceProviders/action\",\n \"Microsoft.BotService/listauthserviceproviders/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/read\",\n \"Microsoft.BotService/botServices/write\",\n \"Microsoft.BotService/botServices/delete\",\n \"Microsoft.BotService/botServices/channels/write\",\n \"Microsoft.BotService/botServices/channels/read\",\n \"Microsoft.BotService/botServices/channels/listchannelwithkeys/action\",\n \"Microsoft.BotService/botServices/channels/delete\",\n \"Microsoft.BotService/botServices/channels/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/connections/read\",\n \"Microsoft.BotService/botServices/connections/write\",\n \"Microsoft.BotService/botServices/connections/delete\",\n \"Microsoft.BotService/botServices/connections/listwithsecrets/write\",\n \"Microsoft.BotService/botServices/connections/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/createemailsigninurl/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.BotService/botServices/joinPerimeter/action\",\n \"Microsoft.BotService/botServices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/checknameavailability/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/hostsettings/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/delete\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/delete\",\n \"Microsoft.BotService/listqnamakerendpointkeys/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterConfigurations/reconcile/action\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/delete\",\n \"Microsoft.BotService/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.BotService/botServices/channels/regeneratekeys/action\",\n \"Microsoft.BotService/botServices/Connections/listWithSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-12T05:29:14.6965924Z\",\n \"updatedOn\": \"2025-01-30T16:45:30.6156198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/175b81b9-6e0d-490a-85e4-0d422273c10c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"175b81b9-6e0d-490a-85e4-0d422273c10c\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for all management operations, except purge, for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fe86443c-f201-4fc4-9d2a-ac61149fbda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fe86443c-f201-4fc4-9d2a-ac61149fbda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Managed Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy and manage your Service Fabric Managed Cluster resources. Includes managed clusters, node types, application types, application type versions, applications, and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/managedclusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-17T15:06:28.2939568Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83f80186-3729-438c-ad2d-39e94d718838\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83f80186-3729-438c-ad2d-39e94d718838\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Data Importer and Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to import images into a registry through the registry import operation. Provides the ability to list repositories, view images and tags, get manifests, and pull images. Does not provide permissions for importing images through configuring registry transfer pipelines such as import and export pipelines. Does not provide permissions for importing through configuring Artifact Cache or Sync rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/importImage/action\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-19T02:48:17.8131685Z\",\n \"updatedOn\": \"2025-04-25T08:31:50.8322354Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/577a9874-89fd-4f24-9dbd-b5034d0ad23a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"577a9874-89fd-4f24-9dbd-b5034d0ad23a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Service Orchestration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants the required permissions to Azure Batch Resource Provider to manage compute and other backing resources in the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/read\",\n \"Microsoft.AzureFleet/fleets/write\",\n \"Microsoft.AzureFleet/fleets/read\",\n \"Microsoft.AzureFleet/fleets/delete\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/approveRollingUpgrade/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/deallocate/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete/action\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimage/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimageall/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/restart/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/start/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/extensions/read\",\n \"microsoft.Compute/virtualMachineScaleSets/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualmachines/restart/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Network/networkWatchers/read\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T04:53:47.7198421Z\",\n \"updatedOn\": \"2025-02-12T16:18:23.8859317Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a35466a1-cfd6-450a-b35e-683fcdf30363\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a35466a1-cfd6-450a-b35e-683fcdf30363\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft PowerBI Tenant Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of tenant operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerBI/tenants/workspaces/read\",\n \"Microsoft.PowerBI/tenants/workspaces/delete\",\n \"Microsoft.PowerBI/tenants/read\",\n \"Microsoft.PowerBI/tenants/delete\",\n \"Microsoft.PowerBI/tenants/write\",\n \"Microsoft.PowerBI/tenants/workspaces/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"updatedOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8c87871d-6201-42da-abb1-1c0c985ff71c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8c87871d-6201-42da-abb1-1c0c985ff71c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage your Service Fabric Cluster resources. Includes clusters, application types, application type versions, applications, and services. You will need additional permissions to deploy and manage the cluster's underlying resources such as virtual machine scale sets, storage accounts, networks, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/clusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-01T15:07:22.3648709Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6efc156-f0da-4e90-a50a-8c000140b017\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6efc156-f0da-4e90-a50a-8c000140b017\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6e0c8711-85a0-4490-8365-8ec13c4560b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6e0c8711-85a0-4490-8365-8ec13c4560b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/streamingjobs/Read\",\n \"Microsoft.StreamAnalytics/streamingjobs/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/Read\",\n \"Microsoft.StreamAnalytics/clusters/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/ListStreamingJobs/action\",\n \"Microsoft.StreamAnalytics/locations/*/Read\",\n \"Microsoft.StreamAnalytics/operations/Read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dfc38e8-6ce7-447f-807c-029c65262c5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dfc38e8-6ce7-447f-807c-029c65262c5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Worker\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by worker applications to interact with the Durable Task service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/execute/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-04T12:40:48.3980573Z\",\n \"updatedOn\": \"2025-07-10T20:34:53.5413918Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80d0d6b0-f522-40a4-8886-a5a11720c375\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80d0d6b0-f522-40a4-8886-a5a11720c375\"\n },\n {\n \"properties\": {\n \"roleName\": \"Portal Dashboard Writer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can write an Azure Portal Dashboard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Portal/dashboards/read\",\n \"Microsoft.Portal/dashboards/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-08T15:25:11.3964685Z\",\n \"updatedOn\": \"2025-07-23T23:16:02.9942117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78eacb5e-e318-4560-85a9-e6a724ca60c9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78eacb5e-e318-4560-85a9-e6a724ca60c9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Owner allowing to review and modify Landing Zone Account, Landing Zone Configurations, as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Reader allowing to read Landing Zone Account, Landing Zone Configurations and Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2718b1f7-eb07-424e-8868-0137541392a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2718b1f7-eb07-424e-8868-0137541392a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Windows365.CloudPcDelegatedMsis Writer User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role to perform Write operations on CloudPcDelegatedMsis resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Windows365/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": \"dipakmahajan\",\n \"updatedBy\": \"dipakmahajan\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21bffb94-04c0-4ed0-b676-68bb926e832b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21bffb94-04c0-4ed0-b676-68bb926e832b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Job Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit and manage jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/batchAccounts/applications/read\",\n \"Microsoft.Batch/batchAccounts/applications/versions/read\",\n \"Microsoft.Batch/batchAccounts/pools/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48e5e92e-a480-4e71-aa9c-2778f4c13781\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48e5e92e-a480-4e71-aa9c-2778f4c13781\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources including pools and jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2025-08-07T11:36:35.1603929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11076f67-66f6-4be0-8f6b-f0609fd05cc9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11076f67-66f6-4be0-8f6b-f0609fd05cc9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Batch resources, including Batch accounts, pools and jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2025-08-07T12:06:49.3936883Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29fe4964-1e60-436b-bd3a-77fd4c178b3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29fe4964-1e60-436b-bd3a-77fd4c178b3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to manage Batch pools and jobs but not to modify accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/batchAccounts/read\",\n \"Microsoft.Batch/batchAccounts/applications/*\",\n \"Microsoft.Batch/batchAccounts/certificates/*\",\n \"Microsoft.Batch/batchAccounts/certificateOperationResults/*\",\n \"Microsoft.Batch/batchAccounts/pools/*\",\n \"Microsoft.Batch/batchAccounts/poolOperationResults/*\",\n \"Microsoft.Batch/locations/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aaa78f1-f7de-44ca-8722-c64a23943cae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aaa78f1-f7de-44ca-8722-c64a23943cae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and files. This role is used by the data scanner of Dfender CSPM.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-11-06T16:01:17.0833766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Managed Grafana Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure Managed Grafana resources, without providing access to the workspaces themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/grafana/write\",\n \"Microsoft.Dashboard/grafana/delete\",\n \"Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/action\",\n \"Microsoft.Dashboard/locations/operationStatuses/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/delete\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/write\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/write\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T19:05:56.9094034Z\",\n \"updatedOn\": \"2025-05-16T00:34:45.2747678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows to call data plane APIs, but not any control plane APIs for Microsoft Cognitive Services. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"updatedOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19c28022-e58e-450d-a464-0b2a53034789\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19c28022-e58e-450d-a464-0b2a53034789\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to Container Apps ConnectedEnvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-18T03:26:58.612812Z\",\n \"updatedOn\": \"2024-10-18T03:26:58.612812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd80684d-2f5f-4130-892a-0955546282de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd80684d-2f5f-4130-892a-0955546282de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/nodes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"updatedOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Experiment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, run, and see details for experiments, onboard targets, and manage capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2875737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7c2e40b7-25eb-482a-82cb-78ba06cb46d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7c2e40b7-25eb-482a-82cb-78ba06cb46d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view targets, capabilities, experiments, and experiment details.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:35.5075532Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29e2da8a-229c-4157-8ae8-cc72fc506b74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29e2da8a-229c-4157-8ae8-cc72fc506b74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can run and see details for experiments but cannot create experiments or manage targets and capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:07.6428446Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2476916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a40e87e-6645-48e0-b27a-0b115d849a20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a40e87e-6645-48e0-b27a-0b115d849a20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Connectors Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Connectors resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff478a4e-8633-416e-91bc-ec33ce7c9516\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff478a4e-8633-416e-91bc-ec33ce7c9516\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ConnectedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/connectedEnvironments/*\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/*/write\",\n \"Microsoft.App/connectedEnvironments/*/delete\",\n \"Microsoft.App/connectedEnvironments/*/action\",\n \"Microsoft.App/connectedEnvironments/daprComponents/listSecrets/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f4fe6fc-f04f-4d97-8528-8bc18c848dca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f4fe6fc-f04f-4d97-8528-8bc18c848dca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Contributor and Data Access Configuration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to create, list, and update container registries and registry configuration properties. Provides permissions to configure data access such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/write\",\n \"Microsoft.ContainerRegistry/registries/delete\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/regenerateCredential/action\",\n \"Microsoft.ContainerRegistry/registries/generateCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/write\",\n \"Microsoft.ContainerRegistry/registries/replications/delete\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/delete\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/write\",\n \"Microsoft.ContainerRegistry/registries/tokens/delete\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/write\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/delete\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/write\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/delete\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/deactivate/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/write\",\n \"Microsoft.ContainerRegistry/registries/webhooks/delete\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/ping/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.ContainerRegistry/locations/operationResults/read\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/privateEndpoints/privateLinkServiceProxies/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"updatedOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bc748fc-213d-45c1-8d91-9da5725539b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bc748fc-213d-45c1-8d91-9da5725539b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Health Safeguards Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in all available Health Safeguards\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalAnchoring/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalCodesValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalConflictDetection/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalEvidenceVerification/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalProvenance/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalSemanticValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/DetectHallucinationsAndOmissions/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/HealthAdaptedFiltering/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-25T13:47:32.4836018Z\",\n \"updatedOn\": \"2024-12-09T16:09:07.9062467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/566f0da3-e2a5-4393-9089-763f8bab8fb6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"566f0da3-e2a5-4393-9089-763f8bab8fb6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Configuration Reader and Data Access Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to list container registries and registry configuration properties. Provides permissions to list data access configuration such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"updatedOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69b07be0-09bf-439a-b9a6-e73de851bd59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69b07be0-09bf-439a-b9a6-e73de851bd59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Transfer Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to transfer, import, and export artifacts through configuring registry transfer pipelines that involve intermediary storage accounts and key vaults. Does not provide permissions to push or pull images. Does not provide permissions to create, manage, or list storage accounts or key vaults. Does not provide permissions to perform role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/exportPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/read\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/write\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"updatedOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization App Attach Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to manage app attach resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/write\",\n \"Microsoft.DesktopVirtualization/appattachpackages/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"updatedOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/97dfb3ce-e936-462c-9425-9cdb67e66d45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"97dfb3ce-e936-462c-9425-9cdb67e66d45\"\n },\n {\n \"properties\": {\n \"roleName\": \"HybridCompute Machine ListAccessDetails Action In-Built Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"In-Built Role definition that grants permissions to execute the listAccessDetails action on HybridCompute Machines\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/listAccessDetails/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-08T16:19:16.7242676Z\",\n \"updatedOn\": \"2025-03-12T16:00:45.5699939Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9701b4d-e6e7-4657-91cd-360a0881d224\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9701b4d-e6e7-4657-91cd-360a0881d224\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage App Service Environments but not the App Service Plans or Websites that it hosts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Web/hostingEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"updatedOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Subscription Level Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud subscription level permissions needed to activate Containers plan\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-14T10:01:45.877748Z\",\n \"updatedOn\": \"2024-12-12T11:16:08.7763533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ada52afe-776a-4b4d-a8f2-55670d3d8178\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ada52afe-776a-4b4d-a8f2-55670d3d8178\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quantum Workspace Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Quantum/Workspaces/read\",\n \"Microsoft.Quantum/locations/offerings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Quantum/Workspaces/jobs/read\",\n \"Microsoft.Quantum/Workspaces/jobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"updatedOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1410b24-3e69-4857-8f86-4d0a2e603250\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1410b24-3e69-4857-8f86-4d0a2e603250\"\n },\n {\n \"properties\": {\n \"roleName\": \"Communication and Email Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete Communications and Email Service resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Communication/CheckNameAvailability/action\",\n \"Microsoft.Communication/Locations/OperationStatuses/read\",\n \"Microsoft.Communication/Locations/OperationStatuses/write\",\n \"Microsoft.Communication/Operations/read\",\n \"Microsoft.Communication/CommunicationServices/read\",\n \"Microsoft.Communication/CommunicationServices/write\",\n \"Microsoft.Communication/CommunicationServices/delete\",\n \"Microsoft.Communication/CommunicationServices/ListKeys/action\",\n \"Microsoft.Communication/CommunicationServices/RegenerateKey/action\",\n \"Microsoft.Communication/CommunicationServices/LinkNotificationHub/action\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/read\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/write\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/delete\",\n \"Microsoft.Communication/EmailServices/read\",\n \"Microsoft.Communication/EmailServices/write\",\n \"Microsoft.Communication/EmailServices/delete\",\n \"Microsoft.Communication/EmailServices/Domains/read\",\n \"Microsoft.Communication/EmailServices/Domains/write\",\n \"Microsoft.Communication/EmailServices/Domains/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/read\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/write\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/delete\",\n \"Microsoft.Communication/EmailServices/Domains/InitiateVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/CancelVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"updatedOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/09976791-48a7-449e-bb21-39d1a415f350\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"09976791-48a7-449e-bb21-39d1a415f350\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Autonomous Database Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Autonomous Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/autonomousDatabases/*/read\",\n \"Oracle.Database/autonomousDatabases/*/write\",\n \"Oracle.Database/autonomousDatabases/*/delete\",\n \"Oracle.Database/autonomousDatabases/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-03T16:00:22.0003479Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59c05558-2358-462d-ba19-afbd7118936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59c05558-2358-462d-ba19-afbd7118936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Safety Evaluator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can perform all actions under workspace evaluations and simulations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/evaluations/*\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"updatedOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11102f94-c441-49e6-a78b-ef80e0188abc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11102f94-c441-49e6-a78b-ef80e0188abc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Tasks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to configure, read, list, trigger, or cancel Container Registry Tasks, Task Runs, Task Logs, Quick Runs, Quick Builds, and Task Agent Pools. Permissions granted for Tasks management can be used for full registry data plane permissions including reading/writing/deleting container images in registries. Permissions granted for Tasks management can also be used to run customer authored build directives and run scripts to build software artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/agentpools/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/write\",\n \"Microsoft.ContainerRegistry/registries/agentpools/delete\",\n \"Microsoft.ContainerRegistry/registries/agentpools/listQueueStatus/action\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationResults/status/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/write\",\n \"Microsoft.ContainerRegistry/registries/tasks/delete\",\n \"Microsoft.ContainerRegistry/registries/tasks/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/scheduleRun/action\",\n \"Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/read\",\n \"Microsoft.ContainerRegistry/registries/runs/write\",\n \"Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/cancel/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/read\",\n \"Microsoft.ContainerRegistry/registries/taskruns/write\",\n \"Microsoft.ContainerRegistry/registries/taskruns/delete\",\n \"Microsoft.ContainerRegistry/registries/taskruns/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/operationStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"updatedOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb382eab-e894-4461-af04-94435c366c3f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb382eab-e894-4461-af04-94435c366c3f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Backup Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permissions to backup identity to manage RPC snapshots\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/restorePointCollections/read\",\n \"Microsoft.Compute/restorePointCollections/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T12:02:58.1197573Z\",\n \"updatedOn\": \"2025-03-17T15:14:48.6639401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/afc680e2-a938-412d-b213-9a49efa7fb83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"afc680e2-a938-412d-b213-9a49efa7fb83\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS on Fleet VIS Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to inject address prefix changes of the private clouds attached virtual network to SDN and support peering sync feature. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.BareMetal/peeringSettings/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Authorization/roleAssignments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2025-01-13T16:06:06.5931961Z\",\n \"updatedOn\": \"2025-06-11T06:31:53.4195138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49fc33c1-886f-4b21-a00e-1d9993234734\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49fc33c1-886f-4b21-a00e-1d9993234734\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Management Copilot User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables users access to Edge Management Copilot.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeManagement/locations/chat/action\",\n \"Microsoft.EdgeManagement/troubleshoot/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T02:53:10.7767692Z\",\n \"updatedOn\": \"2025-09-01T15:03:56.0546394Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53e48117-a530-4075-bcbe-d91913e3bdb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53e48117-a530-4075-bcbe-d91913e3bdb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all Durable Task Scheduler data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/read\",\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T21:39:28.7653514Z\",\n \"updatedOn\": \"2025-07-10T20:34:54.3629229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Edge Machine Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Edge Machine Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"updatedOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a6f9009-515c-4455-b170-143e4c9ce229\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a6f9009-515c-4455-b170-143e4c9ce229\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\",\n \"Microsoft.OnlineExperimentation/workspaces/write\",\n \"Microsoft.OnlineExperimentation/workspaces/delete\",\n \"Microsoft.OnlineExperimentation/workspaces/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.7573167Z\",\n \"updatedOn\": \"2025-02-14T17:38:48.3796504Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53747cdd-e97c-477a-948c-b587d0e514b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53747cdd-e97c-477a-948c-b587d0e514b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"updatedOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1363e94d-546f-4fe9-8434-b0eefb292d59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1363e94d-546f-4fe9-8434-b0eefb292d59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Target Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard targets and manage capabilities but cannot create, run, or see details for experiments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"updatedOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59a618e3-3c9a-406e-9f03-1a20dd1c55f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59a618e3-3c9a-406e-9f03-1a20dd1c55f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Auto Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Auto Actions resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/OperationStatuses/write\",\n \"Microsoft.ComputeSchedule/autoActions/write\",\n \"Microsoft.ComputeSchedule/autoActions/delete\",\n \"Microsoft.ComputeSchedule/autoActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/disable/action\",\n \"Microsoft.ComputeSchedule/autoActions/enable/action\",\n \"Microsoft.ComputeSchedule/autoActions/listResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/listResources/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"updatedOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d01690-9418-4783-8ca2-9f0f1791783d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d01690-9418-4783-8ca2-9f0f1791783d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Onboarding Discovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write or delete the discovery and it's child resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DeviceOnboarding/discoveryServices/*\",\n \"Microsoft.DeviceOnboarding/locations/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"updatedOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a227fb39-f479-404b-96fd-0176f5d88ab4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a227fb39-f479-404b-96fd-0176f5d88ab4\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:00:59.904969Z\",\n \"updatedOn\": \"2025-02-24T16:00:59.904969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31ef6312-5b0c-4ce9-8c5d-587a91344fe7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31ef6312-5b0c-4ce9-8c5d-587a91344fe7\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\",\n \"Microsoft.Compute/sshpublickeys/write\",\n \"Microsoft.Compute/sshpublickeys/delete\",\n \"Microsoft.Compute/sshpublickeys/generatekeypair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"updatedOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Agent Pool Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for agentpool related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/write\",\n \"Microsoft.ContainerService/managedClusters/agentPools/delete\",\n \"Microsoft.ContainerService/managedClusters/agentPools/upgradeNodeImageVersion/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/abort/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"updatedOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b7f3653-4324-473a-9165-bc55e4d04ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b7f3653-4324-473a-9165-bc55e4d04ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Serverless Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Serverless resources and thier connections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.web/sites/publish/action\",\n \"microsoft.web/sites/slots/publish/action\",\n \"microsoft.web/sites/config/list/action\",\n \"microsoft.web/sites/slots/config/list/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T09:38:08.4219917Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ac31b4-936a-4046-a6d2-ba6f8a757bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ac31b4-936a-4046-a6d2-ba6f8a757bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dedicated Host Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for DedicatedHosts Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/hostGroups/read\",\n \"Microsoft.Compute/hostGroups/write\",\n \"Microsoft.Compute/hostGroups/delete\",\n \"Microsoft.Compute/hostGroups/hosts/read\",\n \"Microsoft.Compute/hostGroups/hosts/write\",\n \"Microsoft.Compute/hostGroups/hosts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Fleet Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Compute Fleet resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureFleet/fleets/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2bed379c-9fba-455b-99e4-6b911073bcf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2bed379c-9fba-455b-99e4-6b911073bcf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Credential Access Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane get credentials operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/getCredentials/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"updatedOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1df7cd83-1d3f-41df-95b0-53b30d963369\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1df7cd83-1d3f-41df-95b0-53b30d963369\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Federated Identity Credential Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity Federated Identity Credentials(FIC)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"updatedOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e559ce2-48d7-4b27-9128-fa1b247f1308\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e559ce2-48d7-4b27-9128-fa1b247f1308\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides full access to manage all Azure File Sync (Storage Sync Service) resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/register/action\",\n \"Microsoft.StorageSync/unregister/action\",\n \"Microsoft.StorageSync/locations/*\",\n \"Microsoft.StorageSync/deployments/preflight/action\",\n \"Microsoft.StorageSync/storageSyncServices/*\",\n \"Microsoft.StorageSync/operations/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:11:32.1254077Z\",\n \"updatedOn\": \"2025-05-21T16:06:38.6938985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92b92042-07d9-4307-87f7-36a593fc5850\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to Azure File Sync service (Storage Sync Service).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:26:47.840119Z\",\n \"updatedOn\": \"2025-03-27T21:26:47.840119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/754c1a27-40dc-4708-8ad4-2bffdeee09e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"754c1a27-40dc-4708-8ad4-2bffdeee09e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Cluster API Provider\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions to allow cluster API to manage nodes, networks and disks for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-28T17:59:48.0497955Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5098891Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88366f10-ed47-4cc0-9fab-c8a06148393e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88366f10-ed47-4cc0-9fab-c8a06148393e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions for all management operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"updatedOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c7a01fe-5518-4a42-93c2-658e45441691\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c7a01fe-5518-4a42-93c2-658e45441691\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale Storage Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale Storage Vaults\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exascaleDbStorageVaults/write\",\n \"Oracle.Database/exascaleDbStorageVaults/delete\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3733644Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2643111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a00ed373-f085-4b75-a950-53eacdc52ac0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a00ed373-f085-4b75-a950-53eacdc52ac0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"updatedOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58b80de8-4b34-424c-9e47-23faf0f7cfe2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58b80de8-4b34-424c-9e47-23faf0f7cfe2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Flux Configurations Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Flux Configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/write\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/delete\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"updatedOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61eb6405-5f4a-440b-ad03-fe06c5c85e44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61eb6405-5f4a-440b-ad03-fe06c5c85e44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Issue Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all issues data and update issues settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AlertsManagement/Issues/*\",\n \"microsoft.monitor/accounts/issues/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:12.3898424Z\",\n \"updatedOn\": \"2025-08-08T06:45:21.8923687Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d7ecc5c-f27b-43cf-883f-46409d445502\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d7ecc5c-f27b-43cf-883f-46409d445502\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Credential Sets in Container Registry. This role doesn't affect the needed permissions for storing content inside Azure Key Vault. This role also doesn't grant permissions to manage Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/write\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/delete\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f094fb07-0703-4400-ad6a-e16dd8000e14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f094fb07-0703-4400-ad6a-e16dd8000e14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale VmCluster Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale VmClusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/exadbVmClusters/*/write\",\n \"Oracle.Database/exadbVmClusters/*/delete\",\n \"Oracle.Database/exadbVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0869d06d-e3d1-4472-8764-1bb71b2bdaf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0869d06d-e3d1-4472-8764-1bb71b2bdaf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Credential Sets in Container Registry. This permission doesn't allow permission to see content inside Azure Key vault only the content inside Container Registry. This permission doesn't grant permission to read Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29093635-9924-4f2c-913b-650a12949526\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29093635-9924-4f2c-913b-650a12949526\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Cache Rules in Container Registry. This permission doesn't grant permission to read Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c357b964-0002-4b64-a50d-7a28f02edc52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c357b964-0002-4b64-a50d-7a28f02edc52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Cache Rules in Container Registry. This role doesn't grant permissions to manage Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/write\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/delete\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df87f177-bb12-4db1-9793-a413691eff94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df87f177-bb12-4db1-9793-a413691eff94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Account resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/accounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2593f4c7-8bf4-4fff-9804-2ee069b41902\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2593f4c7-8bf4-4fff-9804-2ee069b41902\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Enterprise Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Enterprise Policy resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/enterprisePolicies/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/babe7770-cdbc-4f46-9bd7-b90b34842946\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"babe7770-cdbc-4f46-9bd7-b90b34842946\"\n },\n {\n \"properties\": {\n \"roleName\": \"Usage Billing Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.UsageBilling/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/33cdeeac-0940-4f85-9317-7e2432c17289\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"33cdeeac-0940-4f85-9317-7e2432c17289\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Solution External Validator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to fetch targets, solution templates, solutions and update the external validation status\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/targets/read\",\n \"Microsoft.Edge/solutionTemplates/read\",\n \"Microsoft.Edge/solutionTemplates/versions/read\",\n \"Microsoft.Edge/targets/solutions/versions/read\",\n \"Microsoft.Edge/targets/updateExternalValidationStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db9875ba-bd2b-4e98-934d-0daa549a07f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db9875ba-bd2b-4e98-934d-0daa549a07f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Project Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/accounts/*/read\",\n \"Microsoft.CognitiveServices/accounts/projects/*\",\n \"Microsoft.CognitiveServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.5915009Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eadc314b-1a2d-4efa-be10-5d325db5065e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Dashboards with Grafana Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage dashboards with Grafana.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/dashboards/read\",\n \"Microsoft.Dashboard/dashboards/write\",\n \"Microsoft.Dashboard/dashboards/delete\",\n \"Microsoft.Dashboard/locations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"updatedOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0618ae3d-2930-4bb7-aa00-718db34ee9f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0618ae3d-2930-4bb7-aa00-718db34ee9f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage AI projects and accounts. Grants conditional assignment of the Azure AI User role to other user principles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-05-01T00:11:10.589501Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.589501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e47c6f54-e4a2-4754-9501-8e0985b135e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e47c6f54-e4a2-4754-9501-8e0985b135e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Secrets Store Extension Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, create and modify secretsync and secretproviderclass objects. Register and deregister the provider from the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecretSyncController/register/action\",\n \"Microsoft.SecretSyncController/unregister/action\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/read\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/write\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/delete\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/read\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/write\",\n \"Microsoft.SecretSyncController/operations/read\",\n \"Microsoft.SecretSyncController/secretSyncs/read\",\n \"Microsoft.SecretSyncController/secretSyncs/write\",\n \"Microsoft.SecretSyncController/secretSyncs/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"updatedOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c227a58-cff3-4b51-9fa3-51bdafb6ca55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c227a58-cff3-4b51-9fa3-51bdafb6ca55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants reader access to AI projects, reader access to AI accounts, and data actions for an AI project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"updatedOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53ca6127-db72-4b80-b1b0-d745d6d5456d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53ca6127-db72-4b80-b1b0-d745d6d5456d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Control Plane Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables the control plane operator to read resources necessary for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.113071Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.113071Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0ff367d-66d8-445e-917c-583feb0ef0d4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0ff367d-66d8-445e-917c-583feb0ef0d4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Azure resources needed by Azure Kubernetes Fleet Manager hub agents.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/trafficManagerProfiles/read\",\n \"Microsoft.Network/trafficManagerProfiles/write\",\n \"Microsoft.Network/trafficManagerProfiles/delete\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/read\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/write\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-05T15:00:30.7938727Z\",\n \"updatedOn\": \"2025-05-23T17:06:06.3537994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de2b316d-7a2c-4143-b4cd-c148f6a355a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de2b316d-7a2c-4143-b4cd-c148f6a355a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration IT Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to manage the IT Admin operations for Workload Orchestration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/eventGridFilters/delete\",\n \"Microsoft.Edge/contexts/eventGridFilters/read\",\n \"Microsoft.Edge/contexts/eventGridFilters/write\",\n \"Microsoft.Edge/contexts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"updatedOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63304235-eaf4-4c15-8e93-46c483611231\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63304235-eaf4-4c15-8e93-46c483611231\"\n },\n {\n \"properties\": {\n \"roleName\": \"Arc Gateway Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Arc Gateway Resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-08T18:19:27.614475Z\",\n \"updatedOn\": \"2025-05-08T18:19:27.614475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6e92014-8af2-414d-9948-9b1abf559285\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6e92014-8af2-414d-9948-9b1abf559285\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Machine Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for machine related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/deleteMachines/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"updatedOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e253927-1f29-4d89-baa2-c3a549eff423\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e253927-1f29-4d89-baa2-c3a549eff423\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/DevicePools/read\",\n \"Microsoft.AzureStackHCI/DevicePools/ClaimDevices/action\",\n \"Microsoft.AzureStackHCI/DevicePools/ReleaseDevices/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:48.828656Z\",\n \"updatedOn\": \"2025-05-15T08:48:48.828656Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adc3c795-c41e-4a89-a478-0b321783324c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adc3c795-c41e-4a89-a478-0b321783324c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/Read/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/Jobs/Read/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"updatedOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5f569efd-4da5-4123-99cd-d42fbb2a836e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5f569efd-4da5-4123-99cd-d42fbb2a836e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all monitoring data, update permissions for monitoring settings and permissions to deploy and remediate Azure Monitor alert policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PolicyInsights/remediations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"updatedOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47be4a87-7950-4631-9daf-b664a405f074\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47be4a87-7950-4631-9daf-b664a405f074\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for a file or Azure file share that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"updatedOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage table that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"updatedOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/965033a5-c8eb-4f35-b82f-fef460a3606d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"965033a5-c8eb-4f35-b82f-fef460a3606d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage queue that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"updatedOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ee386e9-84f0-448e-80a6-f185f6533131\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ee386e9-84f0-448e-80a6-f185f6533131\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteCreate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDelete/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-23T15:34:55.7571301Z\",\n \"updatedOn\": \"2025-06-06T16:43:20.1338695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6fbca9a8-3561-41fd-8b20-6576043c1076\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6fbca9a8-3561-41fd-8b20-6576043c1076\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Machine Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Machine Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/delete\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/delete\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\",\n \"Microsoft.HybridCompute/machines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-28T15:24:16.9803048Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.7881209Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"AI Model Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for AI access to AI services and resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/versions/read\",\n \"Microsoft.MachineLearningServices/workspaces/datastores/read\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/artifacts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-11T15:26:11.6009304Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9beb50-e28c-4879-8472-24c9d328085f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9beb50-e28c-4879-8472-24c9d328085f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to read Azure Kubernetes Service namespace resources. In-cluster namespace access further requires assignment of Azure Kubernetes Service RBAC roles to the namespace resource for an Entra ID enabled cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/listCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"updatedOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9f76ca8-b262-4b10-8ed2-09cf0948aa35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9f76ca8-b262-4b10-8ed2-09cf0948aa35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Azure Kubernetes Service namespace resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"updatedOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/289d8817-ee69-43f1-a0af-43a45505b488\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"289d8817-ee69-43f1-a0af-43a45505b488\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))\"\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4834641Z\",\n \"updatedOn\": \"2025-07-03T17:24:32.4630198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c6569b6-f23e-4295-9b90-bd4cc4ff3292\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevOps Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on Managed DevOps Pools\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevOpsInfrastructure/register/action\",\n \"Microsoft.DevOpsInfrastructure/unregister/action\",\n \"Microsoft.DevOpsInfrastructure/*/read\",\n \"Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write\",\n \"Microsoft.DevOpsInfrastructure/pools/write\",\n \"Microsoft.DevOpsInfrastructure/pools/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4784655Z\",\n \"updatedOn\": \"2025-07-17T00:34:35.8546315Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76153a9e-0edb-49bc-8e01-93c47e6b5180\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view billing information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"updatedOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/32c34659-0f83-4a4c-80f2-63a244f8ae0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"32c34659-0f83-4a4c-80f2-63a244f8ae0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view sensitive security information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"updatedOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Edge Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role for managing operations in azure stack edge\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/downloadUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/generateCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/getExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/installUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/listDCAccessCode/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/scanForUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/update/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/uploadCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"updatedOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12b8206a-0216-4469-908d-a3e2025fe085\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12b8206a-0216-4469-908d-a3e2025fe085\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grounding with Bing User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enable Approved Microsoft Applications to connect to Bing to retrieve and ground responses using real-time data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Bing/accounts/useGrounding/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T15:16:52.842097Z\",\n \"updatedOn\": \"2025-06-25T15:16:52.842097Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2016c9ed-c18d-4120-93d7-178e583efe92\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2016c9ed-c18d-4120-93d7-178e583efe92\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Advisor Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission to delete and write access for suppressions, configurations and assmessments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/suppressions/write\",\n \"Microsoft.Advisor/suppressions/delete\",\n \"Microsoft.Advisor/recommendations/suppressions/write\",\n \"Microsoft.Advisor/recommendations/suppressions/delete\",\n \"Microsoft.Advisor/assessments/write\",\n \"Microsoft.Advisor/configurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T19:21:21.1733164Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.2108089Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a41f41-6dce-4ea7-8a34-8e095ddba55c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a41f41-6dce-4ea7-8a34-8e095ddba55c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Resource Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Resource Admin\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"updatedOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/548d7e7c-65ee-412b-ae37-2dbb419d4207\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"548d7e7c-65ee-412b-ae37-2dbb419d4207\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Bulk Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to perform bulk operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/bulkOperator/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/bulkOperator/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"updatedOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Administrator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/checkNameAvailability/action\",\n \"Microsoft.Discovery/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830}))\"\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-23T16:53:36.843759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a2b6e6c-472e-4b39-8878-a26eb63d75c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a2b6e6c-472e-4b39-8878-a26eb63d75c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants readonly permissions to view Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bb7c424-af4e-436b-bfcc-8779c8934c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bb7c424-af4e-436b-bfcc-8779c8934c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view and operate on most Discovery platform resources, including workspaces, supercomputers, storages, agents, bookshelves, data containers, models, tools, workflows, and investigations, as well as perform data plane actions, but does not allow creating, updating, or deleting core resources such as workspaces, supercomputers, storages, bookshelves, node pools, or projects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Discovery/workspaces/read\",\n \"Microsoft.Discovery/supercomputers/read\",\n \"Microsoft.Discovery/storages/read\",\n \"Microsoft.Discovery/agents/*\",\n \"Microsoft.Discovery/bookshelves/read\",\n \"Microsoft.Discovery/dataContainers/*\",\n \"Microsoft.Discovery/dataContainers/dataAssets/*\",\n \"Microsoft.Discovery/models/*\",\n \"Microsoft.Discovery/supercomputers/nodePools/read\",\n \"Microsoft.Discovery/tools/*\",\n \"Microsoft.Discovery/workflows/*\",\n \"Microsoft.Discovery/workspaces/projects/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.Discovery/workspaces/write\",\n \"Microsoft.Discovery/workspaces/delete\",\n \"Microsoft.Discovery/supercomputers/write\",\n \"Microsoft.Discovery/supercomputers/delete\",\n \"Microsoft.Discovery/storages/write\",\n \"Microsoft.Discovery/storages/delete\",\n \"Microsoft.Discovery/bookshelves/write\",\n \"Microsoft.Discovery/bookshelves/delete\",\n \"Microsoft.Discovery/supercomputers/nodePools/write\",\n \"Microsoft.Discovery/supercomputers/nodePools/delete\",\n \"Microsoft.Discovery/workspaces/projects/write\",\n \"Microsoft.Discovery/workspaces/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2814036Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/01288891-85ee-45a7-b367-9db3b752fc65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"01288891-85ee-45a7-b367-9db3b752fc65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, edit and delete AIO resources. Manage all resources, including instance and its downstream resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DeviceRegistry/Assets/*\",\n \"Microsoft.DeviceRegistry/AssetEndpointProfiles/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Assets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Devices/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredAssets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredDevices/*\",\n \"Microsoft.DeviceRegistry/SchemaRegistries/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T19:55:14.5761643Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"User can Azure arc connect and deploy Azure IoT Operations securely.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.DeviceRegistry/register/action\",\n \"Microsoft.DeviceRegistry/schemaRegistries/read\",\n \"Microsoft.DeviceRegistry/schemaRegistries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/*/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T20:10:17.4373209Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write connectors and have basic customer permissions like reading authorizations, alert rules and resourceGroups\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"updatedOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c459b115-f629-486b-b359-35feb5568b83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c459b115-f629-486b-b359-35feb5568b83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Virtual Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"updatedOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1abf4029-2200-4343-800c-e4c4c01eddbd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1abf4029-2200-4343-800c-e4c4c01eddbd\"\n },\n {\n \"properties\": {\n \"roleName\": \"NginxPlus Contributor service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Nginx.NginxPlus Control Plane operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NGINX.NGINXPLUS/register/action\",\n \"NGINX.NGINXPLUS/unregister/action\",\n \"NGINX.NGINXPLUS/locations/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Delete\",\n \"NGINX.NGINXPLUS/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-11T15:44:56.6598995Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.5007488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61aed14c-6c9a-4ed5-aa44-49fc5e96a167\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61aed14c-6c9a-4ed5-aa44-49fc5e96a167\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure CosmosDB Fleets and related child resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/fleets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/35ffec73-9cb8-4593-8718-40d5bc4b7f6f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"35ffec73-9cb8-4593-8718-40d5bc4b7f6f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Apis contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows all actions on healthcareapis provider resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HealthcareApis/services/*\",\n \"Microsoft.HealthcareApis/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29f61507-bdfb-4987-b629-20033be2d6c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29f61507-bdfb-4987-b629-20033be2d6c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Datadog Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Datadog Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Datadog/register/action\",\n \"Microsoft.Datadog/unregister/action\",\n \"Microsoft.Datadog/agreements/read\",\n \"Microsoft.Datadog/agreements/write\",\n \"Microsoft.Datadog/locations/read\",\n \"Microsoft.Datadog/locations/operationStatuses/read\",\n \"Microsoft.Datadog/locations/operationStatuses/write\",\n \"Microsoft.Datadog/monitors/read\",\n \"Microsoft.Datadog/monitors/write\",\n \"Microsoft.Datadog/monitors/delete\",\n \"Microsoft.Datadog/monitors/listApiKeys/action\",\n \"Microsoft.Datadog/monitors/getDefaultKey/action\",\n \"Microsoft.Datadog/monitors/setDefaultKey/action\",\n \"Microsoft.Datadog/monitors/refreshSetPasswordLink/action\",\n \"Microsoft.Datadog/monitors/listLinkedResources/action\",\n \"Microsoft.Datadog/monitors/listHosts/read\",\n \"Microsoft.Datadog/monitors/listLinkedResources/read\",\n \"Microsoft.Datadog/monitors/listMonitoredResources/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/read\",\n \"Microsoft.Datadog/monitors/tagRules/read\",\n \"Microsoft.Datadog/monitors/tagRules/write\",\n \"Microsoft.Datadog/registeredSubscriptions/read\",\n \"Microsoft.Datadog/subscriptionStatuses/read\",\n \"Microsoft.Datadog/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3027767Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81b67e46-ef5b-4404-bddd-090985bb4a28\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81b67e46-ef5b-4404-bddd-090985bb4a28\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Elastic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Elastic/getOrganizationApiKey/action\",\n \"Microsoft.Elastic/checkNameAvailability/action\",\n \"Microsoft.Elastic/register/action\",\n \"Microsoft.Elastic/locations/read\",\n \"Microsoft.Elastic/locations/operationStatuses/read\",\n \"Microsoft.Elastic/locations/operationStatuses/write\",\n \"Microsoft.Elastic/monitors/read\",\n \"Microsoft.Elastic/monitors/write\",\n \"Microsoft.Elastic/monitors/delete\",\n \"Microsoft.Elastic/monitors/listMonitoredResources/action\",\n \"Microsoft.Elastic/monitors/listVMHost/action\",\n \"Microsoft.Elastic/monitors/createOrUpdateExternalUser/action\",\n \"Microsoft.Elastic/monitors/listAllTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/listAssociatedTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/createAndAssociateIPFilter/action\",\n \"Microsoft.Elastic/monitors/createAndAssociatePLFilter/action\",\n \"Microsoft.Elastic/monitors/associateTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachAndDeleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/deleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/listUpgradableVersions/action\",\n \"Microsoft.Elastic/monitors/getBillingInfo/action\",\n \"Microsoft.Elastic/monitors/listConnectedPartnerResources/action\",\n \"Microsoft.Elastic/monitors/upgrade/action\",\n \"Microsoft.Elastic/monitors/vmIngestionDetails/action\",\n \"Microsoft.Elastic/monitors/vmCollectionUpdate/action\",\n \"Microsoft.Elastic/monitors/listDeploymentInfo/action\",\n \"Microsoft.Elastic/monitors/resubscribe/action\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/read\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/getStatus/action\",\n \"Microsoft.Elastic/monitors/tagRules/read\",\n \"Microsoft.Elastic/monitors/tagRules/write\",\n \"Microsoft.Elastic/registeredSubscriptions/read\",\n \"Microsoft.Elastic/elasticVersions/read\",\n \"Microsoft.Elastic/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3017765Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.4997487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d68eeb8d-afae-4932-a331-203b7957e509\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d68eeb8d-afae-4932-a331-203b7957e509\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Elastic resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Elastic/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/225efd4d-4ca0-42a1-ae53-5f233ba23c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"225efd4d-4ca0-42a1-ae53-5f233ba23c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Newrelic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Newrelic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NewRelic.Observability/register/action\",\n \"NewRelic.Observability/unregister/action\",\n \"NewRelic.Observability/accounts/read\",\n \"NewRelic.Observability/plans/read\",\n \"NewRelic.Observability/organizations/read\",\n \"NewRelic.Observability/locations/read\",\n \"NewRelic.Observability/locations/operationStatuses/read\",\n \"NewRelic.Observability/locations/operationStatuses/write\",\n \"NewRelic.Observability/monitors/read\",\n \"NewRelic.Observability/monitors/write\",\n \"NewRelic.Observability/monitors/delete\",\n \"NewRelic.Observability/monitors/monitoredResources/action\",\n \"NewRelic.Observability/monitors/vmHostPayloads/action\",\n \"NewRelic.Observability/monitors/listAppServices/action\",\n \"NewRelic.Observability/monitors/listHosts/action\",\n \"NewRelic.Observability/monitors/refreshIngestionKey/action\",\n \"NewRelic.Observability/monitors/getMetricRules/action\",\n \"NewRelic.Observability/monitors/getMetricStatus/action\",\n \"NewRelic.Observability/monitors/switchBilling/action\",\n \"NewRelic.Observability/monitors/latestLinkedSaaS/action\",\n \"NewRelic.Observability/monitors/linkSaaS/action\",\n \"NewRelic.Observability/monitors/resubscribe/action\",\n \"NewRelic.Observability/monitors/getBillingInfo/action\",\n \"NewRelic.Observability/monitors/listConnectedPartnerResources/action\",\n \"NewRelic.Observability/monitors/listLinkedResources/action\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/read\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/write\",\n \"NewRelic.Observability/monitors/tagRules/read\",\n \"NewRelic.Observability/monitors/tagRules/write\",\n \"NewRelic.Observability/registeredSubscriptions/read\",\n \"NewRelic.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a60da355-bdec-443f-8d42-a03f0422f04d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a60da355-bdec-443f-8d42-a03f0422f04d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Enrollments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the creation and modification of policy enrollments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T16:55:07.415008Z\",\n \"updatedOn\": \"2025-07-16T16:55:07.415008Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/285ce6d6-fa11-43bd-94ef-42a9b3740bfd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"285ce6d6-fa11-43bd-94ef-42a9b3740bfd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dynatrace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dynatrace Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Dynatrace.Observability/checkNameAvailability/action\",\n \"Dynatrace.Observability/register/action\",\n \"Dynatrace.Observability/unregister/action\",\n \"Dynatrace.Observability/getMarketplaceSaaSResourceDetails/action\",\n \"Dynatrace.Observability/locations/read\",\n \"Dynatrace.Observability/locations/operationStatuses/read\",\n \"Dynatrace.Observability/locations/operationStatuses/write\",\n \"Dynatrace.Observability/monitors/read\",\n \"Dynatrace.Observability/monitors/write\",\n \"Dynatrace.Observability/monitors/delete\",\n \"Dynatrace.Observability/monitors/listMonitoredResources/action\",\n \"Dynatrace.Observability/monitors/getVMHostPayload/action\",\n \"Dynatrace.Observability/monitors/listHosts/action\",\n \"Dynatrace.Observability/monitors/listAppServices/action\",\n \"Dynatrace.Observability/monitors/getSSODetails/action\",\n \"Dynatrace.Observability/monitors/listLinkableEnvironments/action\",\n \"Dynatrace.Observability/monitors/getMetricStatus/action\",\n \"Dynatrace.Observability/monitors/manageAgentInstallation/action\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/read\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/read\",\n \"Dynatrace.Observability/monitors/tagRules/read\",\n \"Dynatrace.Observability/monitors/tagRules/write\",\n \"Dynatrace.Observability/registeredSubscriptions/read\",\n \"Dynatrace.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-17T04:54:12.9049103Z\",\n \"updatedOn\": \"2025-08-01T11:55:53.7346372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa96a588-3fac-4adb-bfb2-f8404ece07e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa96a588-3fac-4adb-bfb2-f8404ece07e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.OffAzureSpringBoot Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Microsoft.OffAzureSpringBoot Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OffAzureSpringBoot/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-18T10:13:03.6807059Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79732128-7761-4733-aebf-35590da9f29b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79732128-7761-4733-aebf-35590da9f29b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexus network fabric resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.ManagedNetworkFabric/*/action\",\n \"Microsoft.ManagedNetworkFabric/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/46c70067-0f50-457f-8137-2449c90de518\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"46c70067-0f50-457f-8137-2449c90de518\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Identity Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexusidentity resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NexusIdentity/*/read\",\n \"Microsoft.NexusIdentity/*/write\",\n \"Microsoft.NexusIdentity/*/action\",\n \"Microsoft.NexusIdentity/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/374a1cc6-96cb-4946-8d8b-a41054c8ae97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"374a1cc6-96cb-4946-8d8b-a41054c8ae97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Conversation Session User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows sending a message to the agent and receive a response, using the conversation session API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ConversationSession/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"updatedOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b3eb788f-5426-48bd-821d-561701ede368\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b3eb788f-5426-48bd-821d-561701ede368\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Analytics Storage Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write telemetry data from the Fleet Analytics Synapse workspace to customer-provided storage accounts or Fabric Lakehouses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T01:43:25.8457961Z\",\n \"updatedOn\": \"2025-08-28T01:46:02.2595107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf41e52e-617f-4981-8b7a-47431bd4e011\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf41e52e-617f-4981-8b7a-47431bd4e011\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Data Transfer Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete pipelines, connections, and flows in Azure Data Transfer. Also perform any appropriate control plane operations for managing Azure Data Transfer resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureDataTransfer/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"updatedOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eded264d-1796-4e25-8500-a78427f8a316\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eded264d-1796-4e25-8500-a78427f8a316\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Video Indexer Account resources and generate access tokens for data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/checknameavailability/action\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/read\",\n \"Microsoft.VideoIndexer/accounts/write\",\n \"Microsoft.VideoIndexer/accounts/delete\",\n \"Microsoft.VideoIndexer/accounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/read\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/write\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/delete\",\n \"Microsoft.VideoIndexer/accounts/privateLinkResources/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/write\",\n \"Microsoft.VideoIndexer/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-07-28T15:04:33.545254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f99eaab-6f59-4877-adf5-1cacd22e20b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f99eaab-6f59-4877-adf5-1cacd22e20b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity DUPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Deleted Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/deletedUnifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-08-21T13:32:13.8007194Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4eb044f-76b9-47af-92f9-1d95c4c14ab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4eb044f-76b9-47af-92f9-1d95c4c14ab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all Sites related resources but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurationReferences/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59f98be6-0817-488b-831e-36a353c8000b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59f98be6-0817-488b-831e-36a353c8000b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Edge Sites Owner role - Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/sites/write\",\n \"Microsoft.Edge/sites/delete\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/write\",\n \"Microsoft.Edge/configurations/delete\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/write\",\n \"Microsoft.Edge/configurations/networkConfigurations/delete\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/write\",\n \"Microsoft.Edge/configurations/securityConfigurations/delete\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/write\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/delete\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/write\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/delete\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/write\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/delete\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/write\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/delete\",\n \"Microsoft.Edge/configurationReferences/read\",\n \"Microsoft.Edge/configurationReferences/write\",\n \"Microsoft.Edge/configurationReferences/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1cd7e4da-2789-457f-adbe-3e9e84037a93\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1cd7e4da-2789-457f-adbe-3e9e84037a93\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr PureStorage Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all PureStorage related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"PureStorage.Block/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85546f1f-f28b-4cb3-b852-73e422a96897\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85546f1f-f28b-4cb3-b852-73e422a96897\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dell Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Dell related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Dell.Storage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d683b71b-2b91-4fc1-a43e-b53b3d85bed9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d683b71b-2b91-4fc1-a43e-b53b3d85bed9\"\n },\n {\n \"properties\": {\n \"roleName\": \"SupportPlan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor role for Enterprise Support Resource Provider\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EnterpriseSupport/services/delete\",\n \"Microsoft.EnterpriseSupport/services/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T21:45:45.323115Z\",\n \"updatedOn\": \"2025-07-30T21:45:45.323115Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d6f52ba-a7de-4c56-a58f-522154514fba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d6f52ba-a7de-4c56-a58f-522154514fba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Spring Apps Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-31T11:03:44.7831528Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4037dd68-1cc7-4a64-8765-3a79963a9940\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4037dd68-1cc7-4a64-8765-3a79963a9940\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Networking Outbound Rules Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-in role that can authorize users to access and update the managed network settings of a machine learning workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/delete\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/batchOutboundRules/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25cabde7-1a6c-4350-8877-cb6fe59f1399\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25cabde7-1a6c-4350-8877-cb6fe59f1399\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity UPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/unifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5108882Z\",\n \"updatedOn\": \"2025-08-21T13:32:14.8037229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"LambdaTest.HyperExecute Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all LambdaTest.HyperExecute related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"LambdaTest.HyperExecute/checkNameAvailability/action\",\n \"LambdaTest.HyperExecute/register/action\",\n \"LambdaTest.HyperExecute/unregister/action\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/read\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/write\",\n \"LambdaTest.HyperExecute/operations/read\",\n \"LambdaTest.HyperExecute/organizations/read\",\n \"LambdaTest.HyperExecute/organizations/write\",\n \"LambdaTest.HyperExecute/organizations/delete\",\n \"LambdaTest.HyperExecute/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44a00263-b2a0-45d5-a618-5d8d11709349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44a00263-b2a0-45d5-a618-5d8d11709349\"\n },\n {\n \"properties\": {\n \"roleName\": \"ArizeAi.ObservabilityEval Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all ArizeAi.ObservabilityEval related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"ArizeAi.ObservabilityEval/checkNameAvailability/action\",\n \"ArizeAi.ObservabilityEval/register/action\",\n \"ArizeAi.ObservabilityEval/unregister/action\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/read\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/write\",\n \"ArizeAi.ObservabilityEval/operations/read\",\n \"ArizeAi.ObservabilityEval/organizations/read\",\n \"ArizeAi.ObservabilityEval/organizations/write\",\n \"ArizeAi.ObservabilityEval/organizations/delete\",\n \"ArizeAi.ObservabilityEval/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dca88c6f-5090-44cd-a0ff-a88f337b12a5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dca88c6f-5090-44cd-a0ff-a88f337b12a5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Pinecone.VectorDb Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Pinecone.VectorDb related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Pinecone.VectorDb/checkNameAvailability/action\",\n \"Pinecone.VectorDb/register/action\",\n \"Pinecone.VectorDb/unregister/action\",\n \"Pinecone.VectorDb/locations/operationStatuses/read\",\n \"Pinecone.VectorDb/locations/operationStatuses/write\",\n \"Pinecone.VectorDb/operations/read\",\n \"Pinecone.VectorDb/organizations/read\",\n \"Pinecone.VectorDb/organizations/write\",\n \"Pinecone.VectorDb/organizations/delete\",\n \"Pinecone.VectorDb/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd799a69-ffc8-4aa8-9701-b51f686857d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd799a69-ffc8-4aa8-9701-b51f686857d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.WeightsAndBiases Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Microsoft.WeightsAndBiases related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WeightsAndBiases/checkNameAvailability/action\",\n \"Microsoft.WeightsAndBiases/register/action\",\n \"Microsoft.WeightsAndBiases/unregister/action\",\n \"Microsoft.WeightsAndBiases/instances/read\",\n \"Microsoft.WeightsAndBiases/instances/write\",\n \"Microsoft.WeightsAndBiases/instances/delete\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/read\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/write\",\n \"Microsoft.WeightsAndBiases/operations/read\",\n \"Microsoft.WeightsAndBiases/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:57.794372Z\",\n \"updatedOn\": \"2025-08-06T15:22:57.794372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/246fffca-69ee-4945-bbf1-2a867dce4fda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"246fffca-69ee-4945-bbf1-2a867dce4fda\"\n },\n {\n \"properties\": {\n \"roleName\": \"Recurring Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Recurring Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"updatedOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/376d0802-aca8-4c2d-83a5-c88630f396fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"376d0802-aca8-4c2d-83a5-c88630f396fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\",\n \"/providers/Microsoft.Management/serviceGroups\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-09-18T10:30:29.9987541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d2e8fe82-9212-490f-af3e-34bb52d87d3d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d2e8fe82-9212-490f-af3e-34bb52d87d3d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff09793b-be48-49f6-ad96-70d32039c0b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff09793b-be48-49f6-ad96-70d32039c0b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c914561b-1575-4601-af9c-a1356bf59818\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c914561b-1575-4601-af9c-a1356bf59818\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"updatedOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e131102b-11a5-4ff4-8508-ed922132b74c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e131102b-11a5-4ff4-8508-ed922132b74c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Order Partner Inventory Manager Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage inventory metadata and inventory links associated with Edge Order Partner scenarios. Enables configuration and control of inventory resources for tracking and fulfillment purposes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageLink/action\",\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageInventoryMetadata/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-12T15:18:36.5429246Z\",\n \"updatedOn\": \"2025-09-05T06:37:32.5466384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f24a559b-c2fc-4409-b96e-9af4b0c28ad6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f24a559b-c2fc-4409-b96e-9af4b0c28ad6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender For Container Registries Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registries\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T15:27:47.0452902Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5c82243-e78e-43f9-8428-793bba85b28e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5c82243-e78e-43f9-8428-793bba85b28e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Change Safety Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage all Microsoft.ChangeSafety resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ChangeSafety/changeStates/read\",\n \"Microsoft.ChangeSafety/changeStates/write\",\n \"Microsoft.ChangeSafety/changeStates/delete\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/read\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/write\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/delete\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/read\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/write\",\n \"Microsoft.ChangeSafety/safeRollouts/read\",\n \"Microsoft.ChangeSafety/safeRollouts/write\",\n \"Microsoft.ChangeSafety/safeRollouts/delete\",\n \"Microsoft.ChangeSafety/safeRollouts/steps/read\",\n \"Microsoft.ChangeSafety/stageMaps/read\",\n \"Microsoft.ChangeSafety/stageMaps/write\",\n \"Microsoft.ChangeSafety/stageMaps/delete\",\n \"Microsoft.ChangeSafety/validations/read\",\n \"Microsoft.ChangeSafety/validations/write\",\n \"Microsoft.ChangeSafety/validations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"updatedOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Clinical Coder Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in Clinical Coder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/AIActions/ClinicalCoder/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"updatedOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0a94e7a-d791-4571-b2e0-8bdd8f867544\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0a94e7a-d791-4571-b2e0-8bdd8f867544\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Data Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Data Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.operationalinsights/workspaces/read\",\n \"Microsoft.operationalinsights/workspaces/write\",\n \"Microsoft.operationalinsights/workspaces/query/read\",\n \"Microsoft.operationalinsights/workspaces/tables/write\",\n \"Microsoft.operationalinsights/workspaces/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-22T09:09:13.51896Z\",\n \"updatedOn\": \"2025-08-22T09:09:13.51896Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40ead2a5-466e-4039-8a80-325542d9d2dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40ead2a5-466e-4039-8a80-325542d9d2dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Local Disconnected Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Local Disconnected Operations Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/disconnectedOperations/*/read\",\n \"Microsoft.Edge/disconnectedOperations/*/write\",\n \"Microsoft.Edge/disconnectedOperations/*/delete\",\n \"Microsoft.Edge/winfields/*/read\",\n \"Microsoft.Edge/winfields/*/write\",\n \"Microsoft.Edge/winfields/*/delete\",\n \"Microsoft.Edge/winfields/*/action\",\n \"Microsoft.Edge/disconnectedOperations/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/478d20ba-a53e-4946-b33c-8078a92f2d0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"478d20ba-a53e-4946-b33c-8078a92f2d0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Workload Orchestration Administrator Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/*\",\n \"Microsoft.Edge/configTemplates/*\",\n \"Microsoft.Edge/solutionTemplates/*\",\n \"Microsoft.Edge/configurations/*\",\n \"Microsoft.Edge/configurationreferences/*\",\n \"Microsoft.Edge/schemas/*\",\n \"Microsoft.Edge/schemaReferences/*\",\n \"Microsoft.Edge/targets/*\",\n \"Microsoft.Edge/jobs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"updatedOn\": \"2025-09-04T04:15:37.014131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cbb820e9-e561-45bb-84c2-ef45d0a13f7d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cbb820e9-e561-45bb-84c2-ef45d0a13f7d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View firmware images but not upload them or perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*/read\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"updatedOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a94a2fd-3c4f-45d1-847d-6585ba88af94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a94a2fd-3c4f-45d1-847d-6585ba88af94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read, write, destructive and scripting actions on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"updatedOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04f6c337-ffae-414c-b00f-3e80c9ab8a2c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04f6c337-ffae-414c-b00f-3e80c9ab8a2c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Script Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows execution and management of scripts on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scripteval/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptevalsha/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptexists/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptflush/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptload/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:39:28.929238Z\",\n \"updatedOn\": \"2025-08-27T17:39:28.929238Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7021ea36-e168-4bc0-af53-88de51d20665\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7021ea36-e168-4bc0-af53-88de51d20665\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d9cd91b9-dada-4fa9-9406-454c4659c137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d9cd91b9-dada-4fa9-9406-454c4659c137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/append/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/del/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/expire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpersist/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hsetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/msetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psetex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readwrite/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/set/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setrange/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smove/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/spop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunionstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unlink/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangestore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebylex/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyrank/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyscore/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunionstore/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1694e55a-2496-4d07-b005-7259aa3fcbe8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1694e55a-2496-4d07-b005-7259aa3fcbe8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"updatedOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca62263b-07d5-4b48-b437-088803f5c2ff\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca62263b-07d5-4b48-b437-088803f5c2ff\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"updatedOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1fd5d8bf-9037-4ede-89bf-680f798e2765\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1fd5d8bf-9037-4ede-89bf-680f798e2765\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:38:33.2080873Z\",\n \"updatedOn\": \"2025-09-11T12:26:00.2449399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Contributor and Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Contributor and Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:53:37.3243745Z\",\n \"updatedOn\": \"2025-09-18T08:00:00.7910377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/625a1cea-653b-4a19-bd3a-df1d66ab6637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"625a1cea-653b-4a19-bd3a-df1d66ab6637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T15:23:46.8702579Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78b7345a-1e1b-483a-ac62-62228c6ea89d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78b7345a-1e1b-483a-ac62-62228c6ea89d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Azure Monitor Pipeline resources, providing full read and write access to pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/679dc20a-52e8-4ac0-a23c-3b557dfb1e24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"679dc20a-52e8-4ac0-a23c-3b557dfb1e24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Azure Monitor Pipeline resources, including pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to all SRE Agent data, including chats, incidents, logs, and configurations. Does not permit interaction with the agent.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.0394523Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b156ac-253f-4a1a-9851-96d62b71b047\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b156ac-253f-4a1a-9851-96d62b71b047\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Connectivity contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.HybridConnectivity contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/listIngressGatewayCredentials/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/delete\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/testPermissions/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/write\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/delete\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/syncNow/action\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.251471Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.251471Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0f57965-de58-41bc-ba76-2aaab4d09f30\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0f57965-de58-41bc-ba76-2aaab4d09f30\"\n },\n {\n \"properties\": {\n \"roleName\": \"Aws Connector contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AwsConnector contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/delete\",\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/write\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/delete\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/write\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/delete\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/write\",\n \"Microsoft.AwsConnector/apiGatewayStages/delete\",\n \"Microsoft.AwsConnector/apiGatewayStages/write\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/delete\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/write\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/delete\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/write\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/delete\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/write\",\n \"Microsoft.AwsConnector/cloudFormationStacks/delete\",\n \"Microsoft.AwsConnector/cloudFormationStacks/write\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/delete\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/write\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/delete\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/write\",\n \"Microsoft.AwsConnector/cloudTrailTrails/delete\",\n \"Microsoft.AwsConnector/cloudTrailTrails/write\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/delete\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/write\",\n \"Microsoft.AwsConnector/codeBuildProjects/delete\",\n \"Microsoft.AwsConnector/codeBuildProjects/write\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/delete\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/write\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/delete\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/write\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/delete\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/write\",\n \"Microsoft.AwsConnector/daxClusters/delete\",\n \"Microsoft.AwsConnector/daxClusters/write\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/delete\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/write\",\n \"Microsoft.AwsConnector/dynamoDBTables/delete\",\n \"Microsoft.AwsConnector/dynamoDBTables/write\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/delete\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/write\",\n \"Microsoft.AwsConnector/ec2Addresses/delete\",\n \"Microsoft.AwsConnector/ec2Addresses/write\",\n \"Microsoft.AwsConnector/ec2FlowLogs/delete\",\n \"Microsoft.AwsConnector/ec2FlowLogs/write\",\n \"Microsoft.AwsConnector/ec2Images/delete\",\n \"Microsoft.AwsConnector/ec2Images/write\",\n \"Microsoft.AwsConnector/ec2Instances/delete\",\n \"Microsoft.AwsConnector/ec2Instances/start/action\",\n \"Microsoft.AwsConnector/ec2Instances/stop/action\",\n \"Microsoft.AwsConnector/ec2Instances/write\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/delete\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/write\",\n \"Microsoft.AwsConnector/ec2Ipams/delete\",\n \"Microsoft.AwsConnector/ec2Ipams/write\",\n \"Microsoft.AwsConnector/ec2KeyPairs/delete\",\n \"Microsoft.AwsConnector/ec2KeyPairs/write\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/delete\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/write\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/delete\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/write\",\n \"Microsoft.AwsConnector/ec2RouteTables/delete\",\n \"Microsoft.AwsConnector/ec2RouteTables/write\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/delete\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/write\",\n \"Microsoft.AwsConnector/ec2Snapshots/delete\",\n \"Microsoft.AwsConnector/ec2Snapshots/write\",\n \"Microsoft.AwsConnector/ec2Subnets/delete\",\n \"Microsoft.AwsConnector/ec2Subnets/write\",\n \"Microsoft.AwsConnector/ec2Volumes/delete\",\n \"Microsoft.AwsConnector/ec2Volumes/write\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/delete\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/write\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/delete\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/write\",\n \"Microsoft.AwsConnector/ec2Vpcs/delete\",\n \"Microsoft.AwsConnector/ec2Vpcs/write\",\n \"Microsoft.AwsConnector/ecrImageDetails/delete\",\n \"Microsoft.AwsConnector/ecrImageDetails/write\",\n \"Microsoft.AwsConnector/ecrRepositories/delete\",\n \"Microsoft.AwsConnector/ecrRepositories/write\",\n \"Microsoft.AwsConnector/ecsClusters/delete\",\n \"Microsoft.AwsConnector/ecsClusters/write\",\n \"Microsoft.AwsConnector/ecsServices/delete\",\n \"Microsoft.AwsConnector/ecsServices/write\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/delete\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/write\",\n \"Microsoft.AwsConnector/efsFileSystems/delete\",\n \"Microsoft.AwsConnector/efsFileSystems/write\",\n \"Microsoft.AwsConnector/efsMountTargets/delete\",\n \"Microsoft.AwsConnector/efsMountTargets/write\",\n \"Microsoft.AwsConnector/eksClusters/delete\",\n \"Microsoft.AwsConnector/eksClusters/write\",\n \"Microsoft.AwsConnector/eksNodegroups/delete\",\n \"Microsoft.AwsConnector/eksNodegroups/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/write\",\n \"Microsoft.AwsConnector/elasticsearchDomains/delete\",\n \"Microsoft.AwsConnector/elasticsearchDomains/write\",\n \"Microsoft.AwsConnector/emrClusters/delete\",\n \"Microsoft.AwsConnector/emrClusters/write\",\n \"Microsoft.AwsConnector/guardDutyDetectors/delete\",\n \"Microsoft.AwsConnector/guardDutyDetectors/write\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/write\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/write\",\n \"Microsoft.AwsConnector/iamGroups/delete\",\n \"Microsoft.AwsConnector/iamGroups/write\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/delete\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/write\",\n \"Microsoft.AwsConnector/iamManagedPolicies/delete\",\n \"Microsoft.AwsConnector/iamManagedPolicies/write\",\n \"Microsoft.AwsConnector/iamMFADevices/delete\",\n \"Microsoft.AwsConnector/iamMFADevices/write\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/delete\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/write\",\n \"Microsoft.AwsConnector/iamPolicyVersions/delete\",\n \"Microsoft.AwsConnector/iamPolicyVersions/write\",\n \"Microsoft.AwsConnector/iamRoles/delete\",\n \"Microsoft.AwsConnector/iamRoles/write\",\n \"Microsoft.AwsConnector/iamServerCertificates/delete\",\n \"Microsoft.AwsConnector/iamServerCertificates/write\",\n \"Microsoft.AwsConnector/iamUserPolicies/delete\",\n \"Microsoft.AwsConnector/iamUserPolicies/write\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/delete\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/write\",\n \"Microsoft.AwsConnector/kmsAliases/delete\",\n \"Microsoft.AwsConnector/kmsAliases/write\",\n \"Microsoft.AwsConnector/kmsKeys/delete\",\n \"Microsoft.AwsConnector/kmsKeys/write\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/write\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/write\",\n \"Microsoft.AwsConnector/lambdaFunctions/delete\",\n \"Microsoft.AwsConnector/lambdaFunctions/write\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/delete\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/write\",\n \"Microsoft.AwsConnector/lightsailBuckets/delete\",\n \"Microsoft.AwsConnector/lightsailBuckets/write\",\n \"Microsoft.AwsConnector/lightsailInstances/delete\",\n \"Microsoft.AwsConnector/lightsailInstances/write\",\n \"Microsoft.AwsConnector/Locations/OperationStatuses/write\",\n \"Microsoft.AwsConnector/logsLogGroups/delete\",\n \"Microsoft.AwsConnector/logsLogGroups/write\",\n \"Microsoft.AwsConnector/logsLogStreams/delete\",\n \"Microsoft.AwsConnector/logsLogStreams/write\",\n \"Microsoft.AwsConnector/logsMetricFilters/delete\",\n \"Microsoft.AwsConnector/logsMetricFilters/write\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/delete\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/write\",\n \"Microsoft.AwsConnector/macie2JobSummaries/delete\",\n \"Microsoft.AwsConnector/macie2JobSummaries/write\",\n \"Microsoft.AwsConnector/macieAllowLists/delete\",\n \"Microsoft.AwsConnector/macieAllowLists/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/write\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/delete\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/write\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/delete\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/write\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/delete\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/write\",\n \"Microsoft.AwsConnector/organizationsAccounts/delete\",\n \"Microsoft.AwsConnector/organizationsAccounts/write\",\n \"Microsoft.AwsConnector/organizationsOrganizations/delete\",\n \"Microsoft.AwsConnector/organizationsOrganizations/write\",\n \"Microsoft.AwsConnector/rdsDBClusters/delete\",\n \"Microsoft.AwsConnector/rdsDBClusters/write\",\n \"Microsoft.AwsConnector/rdsDBInstances/delete\",\n \"Microsoft.AwsConnector/rdsDBInstances/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/write\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/delete\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/write\",\n \"Microsoft.AwsConnector/rdsExportTasks/delete\",\n \"Microsoft.AwsConnector/rdsExportTasks/write\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/delete\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/write\",\n \"Microsoft.AwsConnector/redshiftClusters/delete\",\n \"Microsoft.AwsConnector/redshiftClusters/write\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/delete\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/write\",\n \"Microsoft.AwsConnector/route53HostedZones/delete\",\n \"Microsoft.AwsConnector/route53HostedZones/write\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/delete\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/write\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/delete\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/write\",\n \"Microsoft.AwsConnector/s3AccessPoints/delete\",\n \"Microsoft.AwsConnector/s3AccessPoints/write\",\n \"Microsoft.AwsConnector/s3BucketPolicies/delete\",\n \"Microsoft.AwsConnector/s3BucketPolicies/write\",\n \"Microsoft.AwsConnector/s3Buckets/delete\",\n \"Microsoft.AwsConnector/s3Buckets/write\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/delete\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/write\",\n \"Microsoft.AwsConnector/sageMakerApps/delete\",\n \"Microsoft.AwsConnector/sageMakerApps/write\",\n \"Microsoft.AwsConnector/sageMakerDevices/delete\",\n \"Microsoft.AwsConnector/sageMakerDevices/write\",\n \"Microsoft.AwsConnector/sageMakerImages/delete\",\n \"Microsoft.AwsConnector/sageMakerImages/write\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/delete\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/write\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/delete\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/write\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/delete\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/write\",\n \"Microsoft.AwsConnector/snsSubscriptions/delete\",\n \"Microsoft.AwsConnector/snsSubscriptions/write\",\n \"Microsoft.AwsConnector/snsTopics/delete\",\n \"Microsoft.AwsConnector/snsTopics/write\",\n \"Microsoft.AwsConnector/sqsQueues/delete\",\n \"Microsoft.AwsConnector/sqsQueues/write\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/delete\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/write\",\n \"Microsoft.AwsConnector/ssmParameters/delete\",\n \"Microsoft.AwsConnector/ssmParameters/write\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/delete\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/write\",\n \"Microsoft.AwsConnector/wafv2IPSets/delete\",\n \"Microsoft.AwsConnector/wafv2IPSets/write\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/delete\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/write\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/delete\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/write\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/delete\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/98c206fe-ea1b-4578-93f8-83a99a5628fc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"98c206fe-ea1b-4578-93f8-83a99a5628fc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB MI Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin-level access for managed identities on files/directories in Azure file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a235d3ee-5935-4cfb-8cc5-a3303ad5995e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Common Edge Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Common Edge Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/connectivityStatuses/delete\",\n \"Microsoft.Edge/connectivityStatuses/write\",\n \"Microsoft.Edge/locations/operationStatuses/write\",\n \"Microsoft.Edge/updates/delete\",\n \"Microsoft.Edge/updates/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b256d512-9a3a-4a96-9366-9f54f900e58b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b256d512-9a3a-4a96-9366-9f54f900e58b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Upload and analyze firmware images but not perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/register/action\",\n \"Microsoft.IoTFirmwareDefense/unregister/action\",\n \"Microsoft.IoTFirmwareDefense/workspaces/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53b2724d-1e51-44fa-b586-bcace0c82609\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53b2724d-1e51-44fa-b586-bcace0c82609\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Standard User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to interact with the SRE Agent to triage incidents and run diagnostics.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\",\n \"Microsoft.App/agents/threads/write\",\n \"Microsoft.App/agents/graph/write\",\n \"Microsoft.App/agents/memory/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8379721Z\",\n \"updatedOn\": \"2025-09-16T15:14:52.3167343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d84a65a-63b2-4343-bbb6-31105d857bc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d84a65a-63b2-4343-bbb6-31105d857bc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full control of the agent—manage chats, incident response plans, and agent run modes; approve and execute commands.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/*/read\",\n \"Microsoft.App/agents/*/write\",\n \"Microsoft.App/agents/*/delete\",\n \"Microsoft.App/agents/threads/approve/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8389733Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e79298df-d852-4c6d-84f9-5d13249d1e55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e79298df-d852-4c6d-84f9-5d13249d1e55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Kubernetes Fleet Manager as well as the Kubernetes config file to connect to the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/listCredentials/action\",\n \"Microsoft.ContainerService/fleets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"updatedOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/850c5848-fc51-4a9a-8823-f220370626e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"850c5848-fc51-4a9a-8823-f220370626e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Data Reader can query and search the logs it is allowed to view over Log Analytics workspaces and tables\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"updatedOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b03c2da-16b3-4a49-8834-0f8130efdd3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b03c2da-16b3-4a49-8834-0f8130efdd3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dynamics 365 Customer Insights Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables Diagnostic Logging setup for Customer Insights instances.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.D365CustomerInsights/instances/write\",\n \"Microsoft.D365CustomerInsights/instances/providers/Microsoft.Insights/diagnosticSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"updatedOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Blob Data Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions - Storage Task to list & perform operations on the Storage Account blobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/runAsSuperUser/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/immutableStorage/runAsSuperUser/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4bad4d9e-2a13-4888-94bb-c8432f6f3040\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4bad4d9e-2a13-4888-94bb-c8432f6f3040\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Task Assignment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions assigner to create a Task Assignment on their target Storage Account, with RBAC privileges for Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/reports/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/write\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/delete\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/reports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040}))\"\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77789c21-1643-48a2-8f27-47f858540b51\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77789c21-1643-48a2-8f27-47f858540b51\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Native Dynatrace Agent Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage Dynatrace Agent on compute resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/55077723-1b30-4603-a70b-68de134cfa20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"55077723-1b30-4603-a70b-68de134cfa20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions author to create, read, update, and delete Storage Actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StorageActions/storageTasks/read\",\n \"Microsoft.StorageActions/storageTasks/write\",\n \"Microsoft.StorageActions/storageTasks/delete\",\n \"Microsoft.StorageActions/storageTasks/storageTaskAssignments/read\",\n \"Microsoft.StorageActions/storageTasks/reports/read\",\n \"Microsoft.StorageActions/locations/previewActions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Essential Machine Management Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can managed Essential Machine Management resources for subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/dataCollectionRules/read\",\n \"Microsoft.Insights/dataCollectionRules/write\",\n \"Microsoft.Monitor/accounts/write\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.ManagedOps/managedOps/read\",\n \"Microsoft.ManagedOps/managedOps/write\",\n \"Microsoft.ManagedOps/managedOps/delete\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationsManagement/solutions/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/metricAlerts/write\",\n \"Microsoft.Insights/metricAlerts/read\",\n \"Microsoft.Security/pricings/write\",\n \"Microsoft.Security/pricings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"updatedOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34013b0a-565b-43aa-8755-1b7c286f6cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34013b0a-565b-43aa-8755-1b7c286f6cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/da9adf61-39cd-41d5-87a0-30b21f7270d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"da9adf61-39cd-41d5-87a0-30b21f7270d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numsub/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numpat/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/publish/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56e95fdc-3337-468d-b964-30d07f2a2018\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56e95fdc-3337-468d-b964-30d07f2a2018\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tenant Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Entra ID Tenants.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [],\n \"createdOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"updatedOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a7c2fa1-6f28-41a4-86b8-e74937c63222\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a7c2fa1-6f28-41a4-86b8-e74937c63222\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin access equivalent to storage account key for end users over SMB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-30T15:23:51.084353Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Supercomputer Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Supercomputer Infrastructure resources, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SupercomputerInfrastructure/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"updatedOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68899692-f960-4247-af28-82f55b357997\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68899692-f960-4247-af28-82f55b357997\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions?api-version=2022-05-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZURlZmluaXRpb25zP2FwaS12ZXJzaW9uPTIwMjItMDUtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "4f60e104-3c2e-4bed-b05f-9977062d8be7" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "7618e888-c8e1-41a2-918d-4326c65935b7" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/5681b004-6990-46ca-a79e-f9833ca3f55b" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "c638da68-6209-4f02-a80f-7b7340588a58" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101954Z:c638da68-6209-4f02-a80f-7b7340588a58" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: D40AD015C12E4A87A3A3BCF0E95E8F88 Ref B: DUB241062307042 Ref C: 2025-10-04T10:19:54Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:53 GMT" + ], + "Content-Length": [ + "993823" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleName\": \"AcrPush\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr push\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-29T17:52:32.5201177Z\",\n \"updatedOn\": \"2021-11-11T20:13:07.4993029Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8311e382-0749-4cb8-b61a-304f252e45ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service and the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8650193Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.3179618Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"312a565d-c81f-4fd8-895a-4e21e48d571c\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrPull\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr pull\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-22T19:01:56.8227182Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.8779328Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f951dda-4ed3-4680-a7ca-43fe172d538d\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrImageSigner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Planned DEPRECATION on March 31, 2028. Grant the signing permission for content trust. As content trust is being deprecated and will be completely removed on March 31, 2028, this role will also be removed. Refer to https://aka.ms/acr/dctdeprecation for details and transition guidance.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/sign/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/trustedCollections/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-15T23:23:08.4038322Z\",\n \"updatedOn\": \"2025-10-03T10:06:29.6549664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cef56e8-d556-48e5-a04f-b8e64114680f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cef56e8-d556-48e5-a04f-b8e64114680f\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrDelete\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr delete\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-11T20:19:31.6682804Z\",\n \"updatedOn\": \"2021-11-11T20:13:09.9631744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2f4ef07-c644-48eb-af81-4b1b4947fb11\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:27:39.9596835Z\",\n \"updatedOn\": \"2021-11-11T20:13:10.3188052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cdda3590-29a3-44f6-95f2-9f980659eb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cdda3590-29a3-44f6-95f2-9f980659eb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineWriter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data writer\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\",\n \"Microsoft.ContainerRegistry/registries/quarantine/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\",\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:26:37.587182Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.3488079Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d4ff99-41c3-41a8-9f60-21dfdad59608\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service but not the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/backup/action\",\n \"Microsoft.ApiManagement/service/delete\",\n \"Microsoft.ApiManagement/service/managedeployments/action\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/restore/action\",\n \"Microsoft.ApiManagement/service/updatecertificate/action\",\n \"Microsoft.ApiManagement/service/updatehostname/action\",\n \"Microsoft.ApiManagement/service/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:03:42.1194019Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.5244023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e022efe7-f5ba-4159-bbe4-b44f577e9b61\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to service and APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:26:45.1540473Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.8704466Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"71522526-b88f-4d52-b57f-d31fc3546d0d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Component Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Application Insights components\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:12.6428401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae349356-3a1b-4a5e-921d-050484c6347e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae349356-3a1b-4a5e-921d-050484c6347e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Snapshot Debugger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives user permission to use Application Insights Snapshot Debugger features\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T21:25:12.3728747Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.0034435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08954f03-6346-4c2e-81c0-ec3a5cfae23b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08954f03-6346-4c2e-81c0-ec3a5cfae23b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read the attestation provider properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-25T19:42:59.157671Z\",\n \"updatedOn\": \"2024-07-11T17:43:35.9489411Z\",\n \"createdBy\": null,\n \"updatedBy\": \"SYSTEM\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd1bd22b-8476-40bc-a0bc-69b95687b9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd1bd22b-8476-40bc-a0bc-69b95687b9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Job Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Manage Jobs using Automation Runbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:52:41.0020018Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.706566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fe576fe-1146-4730-92eb-48519fa6bf9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fe576fe-1146-4730-92eb-48519fa6bf9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Runbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Runbook properties - to be able to create Jobs of the runbook.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:47:49.5640674Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.8815461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Automation Operators are able to start, stop, suspend, and resume jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/read\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/write\",\n \"Microsoft.Automation/automationAccounts/linkedWorkspace/read\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/schedules/read\",\n \"Microsoft.Automation/automationAccounts/schedules/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-08-18T01:05:03.391613Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.0515408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d3881f73-407a-4167-8283-e981cbba0404\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d3881f73-407a-4167-8283-e981cbba0404\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create and manage an Avere vFXT cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/proximityPlacementGroups/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/disks/*\",\n \"Microsoft.Network/*/read\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/*/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:00:58.9207889Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.2265665Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f8fab4f-1852-4a58-a46a-8eaf358af14a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f8fab4f-1852-4a58-a46a-8eaf358af14a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Avere vFXT cluster to manage the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:02:38.3399857Z\",\n \"updatedOn\": \"2021-11-11T20:13:15.1065886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action\",\n \"Microsoft.ContainerService/managedClusters/accessProfiles/listCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/runcommand/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T21:38:18.5953853Z\",\n \"updatedOn\": \"2022-05-17T01:51:12.0390652Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T22:04:53.4037241Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.4351976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4abbcc35-e782-43d8-92c5-2d3f1bd2253f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4abbcc35-e782-43d8-92c5-2d3f1bd2253f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-05T19:47:03.472307Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.9582685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Registration Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Stack registrations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStack/edgeSubscriptions/read\",\n \"Microsoft.AzureStack/registrations/products/*/action\",\n \"Microsoft.AzureStack/registrations/products/read\",\n \"Microsoft.AzureStack/registrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-11-13T23:42:06.2161827Z\",\n \"updatedOn\": \"2021-11-11T20:13:23.295782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f12a6df-dd06-4f3e-bcb1-ce8be600526a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f12a6df-dd06-4f3e-bcb1-ce8be600526a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backups, but can't delete vaults and give access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/*\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/Vaults/usages/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/vaults/operationStatus/read\",\n \"Microsoft.RecoveryServices/vaults/operationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/delete\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/write\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/write\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/locations/checkNameAvailability/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/SuspendBackups/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:12:15.7321344Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2904248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e467623-bb1f-42f4-a55d-6e525e11384b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e467623-bb1f-42f4-a55d-6e525e11384b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to billing data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Billing/*/read\",\n \"Microsoft.Commerce/*/read\",\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T02:13:38.9054151Z\",\n \"updatedOn\": \"2021-11-11T20:13:24.5342563Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view backup services, but can't make changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:18:41.3893065Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.9723749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a795c7a0-d4a2-40c1-ae25-d81f01202912\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a795c7a0-d4a2-40c1-ae25-d81f01202912\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blockchain Member Node Access (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Blockchain Member nodes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T10:33:01.9604839Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.055892Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31a002a1-acaf-453e-8a5b-297c9ca1ea24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31a002a1-acaf-453e-8a5b-297c9ca1ea24\"\n },\n {\n \"properties\": {\n \"roleName\": \"BizTalk Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage BizTalk services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BizTalkServices/BizTalk/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.2359269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e3c6656-6cfa-4708-81fe-0de47ac73342\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T08:06:49.788929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"426e0c7f-0c7e-4658-b36f-ff54d6c29b45\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-06T16:25:55.5514166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ec156ff8-a8d1-4d15-830c-5b80698ca432\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Cdn/profiles/CheckResourceUsage/action\",\n \"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f96442b-4075-438f-813d-ad51ab4019af\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicNetwork/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.4433301Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b34d265f-36f7-4a0d-a4d4-e158ca92e90f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic storage accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.6183566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86e8f5dc-a6e9-4c67-9d15-de283e8eac25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86e8f5dc-a6e9-4c67-9d15-de283e8eac25\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicStorage/storageAccounts/listkeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:22:52.14611Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.9796021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/985d6b00-f706-48f5-a6fe-d0ca12fb668d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"985d6b00-f706-48f5-a6fe-d0ca12fb668d\"\n },\n {\n \"properties\": {\n \"roleName\": \"ClearDB MySQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage ClearDB MySQL databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"successbricks.cleardb/databases/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.1646373Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9106cda0-8a86-4e81-b686-29a22c54effe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9106cda0-8a86-4e81-b686-29a22c54effe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/domainNames/*\",\n \"Microsoft.ClassicCompute/virtualMachines/*\",\n \"Microsoft.ClassicNetwork/networkSecurityGroups/join/action\",\n \"Microsoft.ClassicNetwork/reservedIps/link/action\",\n \"Microsoft.ClassicNetwork/reservedIps/read\",\n \"Microsoft.ClassicNetwork/virtualNetworks/join/action\",\n \"Microsoft.ClassicNetwork/virtualNetworks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/disks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/images/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-04-25T00:37:56.5416086Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.3446332Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d73bb868-a0df-4d4d-bd69-98a00b01fccb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d73bb868-a0df-4d4d-bd69-98a00b01fccb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and list keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:23:43.7701274Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.5316443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a97b65f3-24c7-4388-baec-2e87135dc908\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read Cognitive Services data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-13T20:02:12.6849986Z\",\n \"updatedOn\": \"2024-10-10T18:41:31.3351912Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b59867f0-fa02-499b-be73-45a86b5b3e1c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create, read, update, delete and manage keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:18:39.2257848Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.911623Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosBackupOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can submit restore request for a Cosmos DB database or a container for an account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/databaseAccounts/backup/action\",\n \"Microsoft.DocumentDB/databaseAccounts/restore/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-07T19:47:14.965156Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.4333692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7b14f2-5adf-42da-9f96-f2ee17bab5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7b14f2-5adf-42da-9f96-f2ee17bab5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [\n \"Microsoft.Authorization/*/Delete\",\n \"Microsoft.Authorization/*/Write\",\n \"Microsoft.Authorization/elevateAccess/Action\",\n \"Microsoft.Blueprint/blueprintAssignments/write\",\n \"Microsoft.Blueprint/blueprintAssignments/delete\",\n \"Microsoft.Compute/galleries/share/action\",\n \"Microsoft.Purview/consents/write\",\n \"Microsoft.Purview/consents/delete\",\n \"Microsoft.Resources/deploymentStacks/manageDenySetting/action\",\n \"Microsoft.Subscription/cancel/action\",\n \"Microsoft.Subscription/enable/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2024-11-19T20:03:30.321264Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b24988ac-6180-42a0-ab88-20f7382dd24c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Account Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read Azure Cosmos DB Accounts data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDB/*/read\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlykeys/action\",\n \"Microsoft.Insights/MetricDefinitions/read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-10-30T17:53:54.6005577Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.7911765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbdf93bf-df7d-467e-a4d2-9458aa1360c8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbdf93bf-df7d-467e-a4d2-9458aa1360c8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view costs and manage cost configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*\",\n \"Microsoft.CostManagement/*\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.4851851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434105ed-43f6-45c7-a02f-909b2ba83430\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434105ed-43f6-45c7-a02f-909b2ba83430\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view cost data and configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.66018Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/72fafb9e-0641-4937-9268-a91bfd8191a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"72fafb9e-0641-4937-9268-a91bfd8191a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage everything under Data Box Service except giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Databox/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:28:42.714021Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.3737856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/add466c9-e687-43fc-8d98-dfcf8d720be5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"add466c9-e687-43fc-8d98-dfcf8d720be5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Data Box Service except creating order or editing order details and giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Databox/*/read\",\n \"Microsoft.Databox/jobs/listsecrets/action\",\n \"Microsoft.Databox/jobs/listcredentials/action\",\n \"Microsoft.Databox/locations/availableSkus/action\",\n \"Microsoft.Databox/locations/validateInputs/action\",\n \"Microsoft.Databox/locations/regionConfiguration/action\",\n \"Microsoft.Databox/locations/validateAddress/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:26:21.9284772Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.5546117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Factory Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage data factories, as well as child resources within them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DataFactory/dataFactories/*\",\n \"Microsoft.DataFactory/factories/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.EventGrid/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.7420174Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"673868aa-7521-48a0-acc6-0f60742d39f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Purger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can purge analytics data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Insights/components/purge/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/purge/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-04-30T22:39:49.61677Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.2788395Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"150f5e0c-0603-4f03-8c7f-cf70034c4e90\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Lake Analytics Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BigAnalytics/accounts/*\",\n \"Microsoft.DataLakeAnalytics/accounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.BigAnalytics/accounts/Delete\",\n \"Microsoft.BigAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.BigAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.DataLakeAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-20T00:33:29.3115234Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.4688491Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47b7735b-770e-4598-a7da-8b91488b4c88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47b7735b-770e-4598-a7da-8b91488b4c88\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevTest Labs User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.DevTestLab/*/read\",\n \"Microsoft.DevTestLab/labs/claimAnyVm/action\",\n \"Microsoft.DevTestLab/labs/createEnvironment/action\",\n \"Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action\",\n \"Microsoft.DevTestLab/labs/formulas/delete\",\n \"Microsoft.DevTestLab/labs/formulas/read\",\n \"Microsoft.DevTestLab/labs/formulas/write\",\n \"Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/claim/action\",\n \"Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkInterfaces/*/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/publicIPAddresses/*/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/virtualMachines/vmSizes/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-08T21:52:45.0657582Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.1746507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76283e04-6283-4c54-8f91-bcf1374a3c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76283e04-6283-4c54-8f91-bcf1374a3c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"DocumentDB Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DocumentDB accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.3496502Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bd9cd88-fe45-4216-938b-f97437e15450\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bd9cd88-fe45-4216-938b-f97437e15450\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/dnsZones/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.5233957Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"befefa01-2a29-4197-83a8-272ff33ce314\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid event subscription operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/*\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-08T23:27:28.3130743Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.4166738Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"428e0ff0-5e57-4d9c-a221-2c70d0e0a443\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read EventGrid event subscriptions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-09T17:29:28.1417894Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.7846748Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2414bbcf-6497-4faf-8c65-045460748405\"\n },\n {\n \"properties\": {\n \"roleName\": \"Graph Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage all aspects of the Enterprise Graph - Ontology, Schema mapping, Conflation and Conversational AI and Ingestions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/delete\",\n \"Microsoft.EnterpriseKnowledgeGraph/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:07:22.5844236Z\",\n \"updatedOn\": \"2021-11-11T20:13:34.6707886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b60367af-1334-4454-b71e-769d9a4f83d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b60367af-1334-4454-b71e-769d9a4f83d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AAD/*/read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.AAD/domainServices/oucontainer/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-12T22:42:51.7451109Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.3921342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d8d5a11-05d3-4bda-a417-a08778121c7c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Intelligent Systems Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Intelligent Systems accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.IntelligentSystems/accounts/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.9371582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"03a6d094-3444-4b3d-88af-7477090a9e5e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage key vaults, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/hsmPools/*\",\n \"Microsoft.KeyVault/managedHsms/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-02-25T17:08:28.5184971Z\",\n \"updatedOn\": \"2021-11-11T20:13:36.1170988Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f25e0fa2-a7c8-4377-a976-54943a77a395\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f25e0fa2-a7c8-4377-a976-54943a77a395\"\n },\n {\n \"properties\": {\n \"roleName\": \"Knowledge Consumer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Knowledge Read permission to consume Enterprise Graph Knowledge using entity search and graph query\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:23:31.4037552Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.0021342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ee361c5d-f7b5-4119-b4b6-892157c8f64c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ee361c5d-f7b5-4119-b4b6-892157c8f64c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Creator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create new labs under your Azure Lab Accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.LabServices/labAccounts/*/read\",\n \"Microsoft.LabServices/labAccounts/createLab/action\",\n \"Microsoft.LabServices/labAccounts/getPricingAndAvailability/action\",\n \"Microsoft.LabServices/labAccounts/getRestrictionsAndUsage/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-01-18T23:38:58.1036141Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.1821588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-02T00:20:28.1449012Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c42c96-874c-492b-b04d-ab87d138a893\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/extensions/*\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.Compute/virtualMachines/extensions/*\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/*\",\n \"Microsoft.OperationsManagement/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T21:51:45.3174711Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92aaf0da-9dab-42b6-94a3-d43ce8d16293\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, enable and disable logic app.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*/read\",\n \"Microsoft.Insights/metricAlerts/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.Insights/metricDefinitions/*/read\",\n \"Microsoft.Logic/*/read\",\n \"Microsoft.Logic/workflows/disable/action\",\n \"Microsoft.Logic/workflows/enable/action\",\n \"Microsoft.Logic/workflows/validate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*/read\",\n \"Microsoft.Web/connections/*/read\",\n \"Microsoft.Web/customApis/*/read\",\n \"Microsoft.Web/serverFarms/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.0573444Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage logic app, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logdefinitions/*\",\n \"Microsoft.Insights/metricDefinitions/*\",\n \"Microsoft.Logic/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/functions/listSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.2523833Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"87a39d53-fc1b-424a-814c-f7e04687dc9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and perform actions on Managed Application resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/read\",\n \"Microsoft.Solutions/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T00:59:33.7988813Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.5973763Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7393b34-138c-406f-901b-d8cf2b17e6ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7393b34-138c-406f-901b-d8cf2b17e6ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Publisher Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the publisher to read resources in the managed resource group for Managed Application and request JIT access for additional operations. This role is only used by the Managed Application service to provide access to publishers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Solutions/jitRequests/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-06T00:33:58.3651522Z\",\n \"updatedOn\": \"2025-05-01T17:14:44.1844267Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9331d33-8a36-4f8c-b097-4f54124fdb44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9331d33-8a36-4f8c-b097-4f54124fdb44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and Assign User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/assign/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:52:04.3924594Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.9523759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1a07417-d97a-45cb-824c-7a7467783830\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1a07417-d97a-45cb-824c-7a7467783830\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/revokeTokens/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:53:42.8804692Z\",\n \"updatedOn\": \"2024-03-29T00:22:59.7937695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/delete\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/delete\",\n \"Microsoft.Management/managementGroups/subscriptions/write\",\n \"Microsoft.Management/managementGroups/write\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:28:29.0523964Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:31:03.4295347Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ac63b705-f282-497d-ac71-919bf39d939d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ac63b705-f282-497d-ac71-919bf39d939d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:19:52.4939376Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/43d0d8ad-25c7-4714-9337-8ba259a9fe05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"43d0d8ad-25c7-4714-9337-8ba259a9fe05\"\n },\n {\n \"properties\": {\n \"roleName\": \"Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:44.6328966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d97b98b-1d4f-4787-a291-c67834d212e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"New Relic APM Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"NewRelic.APM/accounts/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.7178576Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d28c62d-5b37-4476-8438-e587778df237\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d28c62d-5b37-4476-8438-e587778df237\"\n },\n {\n \"properties\": {\n \"roleName\": \"Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.8978856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e3af657-a8ff-443c-a75c-2fe8c4bcb635\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:47.8628684Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"acdd72a7-3385-48ef-bd42-f606fba81ae7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Redis Cache Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Redis caches, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cache/register/action\",\n \"Microsoft.Cache/redis/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.0528671Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e0f68234-74aa-48ed-b826-c38b57376e17\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader and Data Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/ListAccountSas/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-27T23:20:46.1498906Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.2278951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c12c1c16-33a1-487b-954d-41c89c60f349\"\n },\n {\n \"properties\": {\n \"roleName\": \"Resource Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/policyassignments/*\",\n \"Microsoft.Authorization/policydefinitions/*\",\n \"Microsoft.Authorization/policyexemptions/*\",\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/policysetdefinitions/*\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-08-25T19:08:01.3861639Z\",\n \"updatedOn\": \"2025-03-25T15:25:05.1731507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36243c78-bf99-498c-9df9-86d9f8d28608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36243c78-bf99-498c-9df9-86d9f8d28608\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduler Job Collections Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Scheduler job collections, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Scheduler/jobcollections/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:49.8429293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"188a0f2f-5c9e-469b-ae67-2aa5ce574b94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Search services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Search/searchServices/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.0229309Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ca78c08-252a-4471-8644-bb5ff32d4ba0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Manager (Legacy)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is a legacy role. Please use Security Administrator instead\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/*/write\",\n \"Microsoft.ClassicNetwork/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-22T17:45:15.8986455Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.5729549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e3d13bf0-dd5a-482e-ba6b-9b8433878d10\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e3d13bf0-dd5a-482e-ba6b-9b8433878d10\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*/read\",\n \"Microsoft.IoTSecurity/*/read\",\n \"Microsoft.Support/*/read\",\n \"Microsoft.Security/iotDefenderSettings/packageDownloads/action\",\n \"Microsoft.Security/iotDefenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Security/iotSensors/downloadResetPassword/action\",\n \"Microsoft.IoTSecurity/defenderSettings/packageDownloads/action\",\n \"Microsoft.IoTSecurity/defenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Management/managementGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:48:49.0516559Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.7479015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39bc4728-0917-49c7-9d2c-d95423bc2eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39bc4728-0917-49c7-9d2c-d95423bc2eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, but not delete them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:41.1420864Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.28294Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Site Recovery service except vault creation and role assignment\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/*\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/*\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/*\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/*\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/*\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/*\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/vaults/replicationOperationStatus/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:46:17.4592776Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.4579503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6670b86e-a3f7-4917-ac9b-5d6ab1be4567\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6670b86e-a3f7-4917-ac9b-5d6ab1be4567\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you failover and failback but not perform other Site Recovery management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:47:50.1341148Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.6263418Z\",\n \"createdBy\": null,\n \"updatedBy\": \"\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494ae006-db33-4328-bf46-533a6560a3ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494ae006-db33-4328-bf46-533a6560a3ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you locate and read properties of spatial anchors in your account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:42.9271004Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.8013467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d51204f-eb77-4b1c-b86a-2ec626c49413\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d51204f-eb77-4b1c-b86a-2ec626c49413\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Site Recovery status but not perform other management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/read\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:35:40.0093634Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.9763366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dbaa88c4-0c30-4179-9fb3-46319faa6149\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dbaa88c4-0c30-4179-9fb3-46319faa6149\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/delete\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:43.5489832Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.166325Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/70bbe301-9835-447d-afdd-19eb3167307c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"70bbe301-9835-447d-afdd-19eb3167307c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Managed Instance Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/*\",\n \"Microsoft.Network/routeTables/*\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/locations/instanceFailoverGroups/*\",\n \"Microsoft.Sql/managedInstances/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/*\",\n \"Microsoft.Network/virtualNetworks/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-10T22:57:14.2937983Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.3513507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/databases/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/write\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/action\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.5363219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Security Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the security-related policies of SQL servers and databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/administratorAzureAsyncOperation/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/read\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/write\",\n \"Microsoft.Sql/locations/serverConfigurationOptionAzureAsyncOperation/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/read\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/servers/databases/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/firewallRules/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/*\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*\",\n \"Microsoft.Security/sqlVulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/administrators/read\",\n \"Microsoft.Sql/servers/administrators/read\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/*\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsAzureAsyncOperation/read\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsOperationResults/read\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-16T18:44:40.4607572Z\",\n \"updatedOn\": \"2025-10-01T18:55:10.630521Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"056cd41c-7e88-42e1-933e-88ba6a50c9c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.2363539Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"17d1049b-9a84-46fb-8f53-869881c3d3ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/write\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/delete\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-04-28T23:10:45.2206234Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:26:11.577057Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.7697481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81a9662b-bebf-436f-a333-f67b29880f12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81a9662b-bebf-436f-a333-f67b29880f12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.9397456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba92f5b4-2d11-453d-a403-e96b0029c9fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-04T07:02:58.2775257Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.1225062Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7e6dc6d-f1e8-4753-8033-0f276bb0955b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.2975076Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.4725469Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/974c5e8b-45b9-4653-ba55-5f855dd0fb88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"974c5e8b-45b9-4653-ba55-5f855dd0fb88\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Processor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for peek, receive, and delete access to Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:27:04.8947111Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.6575408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a0f0c08-91a1-4084-bc3d-661d67233fed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a0f0c08-91a1-4084-bc3d-661d67233fed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for sending of Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:28:34.7459724Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.8325508Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.0178497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19e7f393-937e-4f77-808e-94535e297925\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19e7f393-937e-4f77-808e-94535e297925\"\n },\n {\n \"properties\": {\n \"roleName\": \"Support Request Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create and manage Support requests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-06-22T22:25:37.8053068Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.7444481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Traffic Manager Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Traffic Manager profiles, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/trafficManagerProfiles/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.2744497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"User Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage user access to Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.7932023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/virtualMachineScaleSets/*\",\n \"Microsoft.Compute/cloudServices/*\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/hostgroups/write\",\n \"Microsoft.Compute/hostgroups/hosts/write\",\n \"Microsoft.DevTestLab/schedules/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/applicationGateways/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/loadBalancers/probes/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/locations/*\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/write\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SerialConsole/serialPorts/connect/action\",\n \"Microsoft.SqlVirtualMachine/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2025-02-06T01:34:42.8731411Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9980e02c-c2be-4d73-94e8-173b1dc7cf3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web Plan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the web plans for websites, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/hostingEnvironments/Join/Action\",\n \"Microsoft.Insights/autoscalesettings/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-09-05T15:10:54.6819807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Website Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage websites (not web plans), but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/listSitesAssignedToHostName/read\",\n \"Microsoft.Web/register/action\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-05-12T23:10:23.6193952Z\",\n \"updatedOn\": \"2024-08-05T15:09:29.7130534Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de139f84-1756-47ae-9be6-808fbbe84772\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:33:36.7445745Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.2005807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"090c5cfd-751d-490a-894a-3ce6f1109419\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:34:29.8656362Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.3721538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f526a384-b230-433a-b45c-95f59c4a2dec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read write or delete the attestation provider instance\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-19T00:24:09.3354177Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.7271218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and modify HDInsight cluster configurations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/*/read\",\n \"Microsoft.HDInsight/clusters/getGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/updateGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/configurations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-20T00:03:01.7110732Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.905218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61ed4efc-fab3-44fd-b111-e24485cc132a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [\n \"Microsoft.DocumentDB/databaseAccounts/copyJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/dataTransferJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/regenerateKey/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-26T17:01:17.0169383Z\",\n \"updatedOn\": \"2025-06-06T07:02:41.174245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/230815da-be43-4aae-9cb4-875f7bd000aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"230815da-be43-4aae-9cb4-875f7bd000aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete, and re-onboard Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T21:39:32.3132923Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.2548257Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48b40c6e-82e0-4eb3-90d5-19e40f49b624\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48b40c6e-82e0-4eb3-90d5-19e40f49b624\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard new Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T22:36:28.1873756Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.4308999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/consumergroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:25:21.1056666Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.3225169Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a638d3c7-ab3a-418d-83e6-5f17a39d4fde\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:26:12.4673714Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.4925583Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2b629674-e913-4c01-ae53-ef4638d8f975\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for receive access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:01.6343849Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.6629685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:46.7046934Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.8479199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure File Share over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:19:31.8620471Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.3642909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aba4ae5f-2193-4029-9191-0cb91df5e314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aba4ae5f-2193-4029-9191-0cb91df5e314\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:54:35.483431Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.5443323Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Private DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage private DNS zone resources, but not the virtual networks they are linked to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/privateDnsZones/*\",\n \"Microsoft.Network/privateDnsOperationResults/*\",\n \"Microsoft.Network/privateDnsOperationStatuses/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-10T19:31:15.5645518Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.7342851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b12aa53e-6015-4669-85d0-8515ebb3ae7f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key which can be used to sign SAS tokens\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-23T00:51:16.3376761Z\",\n \"updatedOn\": \"2021-11-11T20:14:05.4321714Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db58b8e5-c6ad-4a2a-8342-4190687cbf4a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db58b8e5-c6ad-4a2a-8342-4190687cbf4a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to use the applications in an application group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DesktopVirtualization/applicationGroups/useApplications/action\",\n \"Microsoft.DesktopVirtualization/appAttachPackages/useApplications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T00:29:03.8727621Z\",\n \"updatedOn\": \"2023-06-15T23:55:51.3849931Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Elevated Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T01:35:36.9935457Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.1571744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7264617-510b-434b-a828-9731dc254ea7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7264617-510b-434b-a828-9731dc254ea7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage blueprint definitions, but not assign them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprints/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:55:16.9683949Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.5171828Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41077137-e803-4205-871c-5a86e6a753b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41077137-e803-4205-871c-5a86e6a753b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can assign existing published blueprints, but cannot create new blueprints. NOTE: this only works if the assignment is done with a user-assigned managed identity.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprintAssignments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:56:48.7897875Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.6971401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/437d2ced-4a38-4302-8479-ed2bcb43d090\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"437d2ced-4a38-4302-8479-ed2bcb43d090\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:39:03.8725173Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ab8e14d6-4a74-4a29-9ba8-549422addade\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ab8e14d6-4a74-4a29-9ba8-549422addade\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Responder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:54:07.6467264Z\",\n \"updatedOn\": \"2024-04-03T15:49:45.0145489Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e150937-b8fe-4cfb-8069-0eaf05ecd056\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e150937-b8fe-4cfb-8069-0eaf05ecd056\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/templateSpecs/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:58:50.1132117Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d289c81-5878-46d4-8554-54e1e3d8b5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d289c81-5878-46d4-8554-54e1e3d8b5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Insights Data Writer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to resource policies and write access to resource component policy events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyassignments/read\",\n \"Microsoft.Authorization/policydefinitions/read\",\n \"Microsoft.Authorization/policyexemptions/read\",\n \"Microsoft.Authorization/policysetdefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.PolicyInsights/checkDataPolicyCompliance/action\",\n \"Microsoft.PolicyInsights/policyEvents/logDataEvents/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-19T19:35:20.9504127Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.4235132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66bb4e9e-b016-4a94-8249-4c0511c2be84\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66bb4e9e-b016-4a94-8249-4c0511c2be84\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR AccessKey Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read SignalR Service Access Keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*/read\",\n \"Microsoft.SignalRService/SignalR/listkeys/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:33:19.6236874Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.613486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04165923-9d83-45d5-8227-78b77b0a687e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04165923-9d83-45d5-8227-78b77b0a687e\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR/Web PubSub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete SignalR service resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:58:09.0009662Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.7884765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/write\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/delete\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.HybridCompute/machines/addExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:15:07.137287Z\",\n \"updatedOn\": \"2025-04-24T23:16:22.0803758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Services Registration assignment Delete Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedServices/registrationAssignments/read\",\n \"Microsoft.ManagedServices/registrationAssignments/delete\",\n \"Microsoft.ManagedServices/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T22:33:33.1183469Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.23364Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91c1777a-f3dc-4fae-b103-61d183457e46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91c1777a-f3dc-4fae-b103-61d183457e46\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\",\n \"Microsoft.AppConfiguration/configurationStores/*/write\",\n \"Microsoft.AppConfiguration/configurationStores/*/delete\",\n \"Microsoft.AppConfiguration/configurationStores/*/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/useSasAuth/action\"\n ]\n }\n ],\n \"createdOn\": \"2019-10-25T18:41:40.1185063Z\",\n \"updatedOn\": \"2024-10-25T19:38:13.5062377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-25T18:45:33.7975332Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.5885341Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"516239f1-63e1-4d78-a4de-a74fb236a071\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Cluster - Azure Arc Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role definition to authorize any user/service to create connectedClusters resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-11-18T17:00:02.2087147Z\",\n \"updatedOn\": \"2024-10-31T01:30:51.0732973Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34e09817-6cbe-4d01-b1a2-e0eac5743d41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34e09817-6cbe-4d01-b1a2-e0eac5743d41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-13T00:08:08.6679591Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.6454147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a22b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a22b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you read and test a KB only.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:26:12.3329439Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.8254033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"466ccd10-b268-4a11-b098-b4849f024126\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you create, edit, import and export a KB. You cannot publish or delete a KB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:27:30.6434556Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.9961559Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4cc2bf9-21be-47a1-bdf1-5c5804381025\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experimentadmin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-18T22:46:33.1116612Z\",\n \"updatedOn\": \"2021-11-11T20:14:15.1811577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a33b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a33b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:15:31.3450348Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.7621737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3df8b902-2a6f-47c7-8cc5-360e9b272a7e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3df8b902-2a6f-47c7-8cc5-360e9b272a7e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Client\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:32:52.7069824Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.9421512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d39065c4-c120-43c9-ab0a-63eed9795f0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d39065c4-c120-43c9-ab0a-63eed9795f0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating managed application resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/*\",\n \"Microsoft.Solutions/register/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-08T03:39:11.8933879Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.1271536Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/641177b8-a67a-45b9-a033-47bc880bb21e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"641177b8-a67a-45b9-a033-47bc880bb21e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Assessment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you push assessments to Security Center\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-13T08:23:47.7656161Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.3021974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/612c2aa1-cb24-443b-ac28-3ab7272de6f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"612c2aa1-cb24-443b-ac28-3ab7272de6f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tag Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage tags on entities, without providing access to the entities themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/tags/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-18T23:19:19.2977644Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.0172041Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a9ae827-6dc8-4573-8ac7-8239d42aa03f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows developers to create and update workflows, integration accounts and API connections in integration service environments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/read\",\n \"Microsoft.Logic/integrationServiceEnvironments/*/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:09:00.5627875Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.1871986Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage integration service environments, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:10:44.4008319Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.3622058Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a41e2c5b-bd99-4a07-88f4-9bf657a760b8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerService/locations/*\",\n \"Microsoft.ContainerService/managedClusters/*\",\n \"Microsoft.ContainerService/managedclustersnapshots/*\",\n \"Microsoft.ContainerService/snapshots/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/deploymentSafeguards/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-27T19:27:15.073997Z\",\n \"updatedOn\": \"2025-07-22T15:11:45.9409312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only role for Digital Twins data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/read\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/read\",\n \"Microsoft.DigitalTwins/eventroutes/read\",\n \"Microsoft.DigitalTwins/jobs/import/read\",\n \"Microsoft.DigitalTwins/jobs/imports/read\",\n \"Microsoft.DigitalTwins/jobs/deletions/read\",\n \"Microsoft.DigitalTwins/models/read\",\n \"Microsoft.DigitalTwins/query/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:48:14.7057381Z\",\n \"updatedOn\": \"2024-01-10T19:29:11.1291888Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d57506d4-4c8d-48b1-8587-93c323f6a5a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d57506d4-4c8d-48b1-8587-93c323f6a5a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access role for Digital Twins data-plane\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/*\",\n \"Microsoft.DigitalTwins/digitaltwins/commands/*\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/*\",\n \"Microsoft.DigitalTwins/eventroutes/*\",\n \"Microsoft.DigitalTwins/jobs/*\",\n \"Microsoft.DigitalTwins/models/*\",\n \"Microsoft.DigitalTwins/query/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:49:33.782193Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcd981a7-7f74-457b-83e1-cceb9e632ffe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hierarchy Settings Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to edit and delete Hierarchy Settings\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/settings/write\",\n \"Microsoft.Management/managementGroups/settings/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-13T23:55:11.0212387Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.0882347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/350f8d15-c687-4448-8ae1-157740a3936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"350f8d15-c687-4448-8ae1-157740a3936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal full access to FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/*\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-03-17T18:35:04.4949547Z\",\n \"updatedOn\": \"2023-08-18T22:59:42.5066274Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a1fc7df-4bf1-4951-a576-89034ee01acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and export FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:45:01.9764073Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.7992557Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3db33094-8700-4567-8da5-1501d4e7e843\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:49:04.8353499Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.9692275Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c8d0bbc-75d3-4935-991f-5f3c56d81508\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and write FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:55:35.2413335Z\",\n \"updatedOn\": \"2023-07-25T15:17:34.7618105Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f88fce4-5892-4214-ae73-ba5294559913\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-25T18:05:14.8375678Z\",\n \"updatedOn\": \"2021-11-11T20:14:24.504239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for Azure Object Understanding.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-04-22T19:15:09.0697923Z\",\n \"updatedOn\": \"2021-11-11T20:14:26.8743132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dd61c23-6743-42fe-a388-d8bdd41cb745\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dd61c23-6743-42fe-a388-d8bdd41cb745\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read, write, and delete access to map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\",\n \"Microsoft.Maps/accounts/*/write\",\n \"Microsoft.Maps/accounts/*/delete\",\n \"Microsoft.Maps/accounts/*/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-07T20:55:05.064541Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.3092598Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the ability to view, create, edit, or delete projects.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-08T23:47:07.0779345Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.8342655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Publish, unpublish or export models. Deployment can view the project but can’t update.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/classify/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/detect/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:31:05.952862Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.0142669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c4089e1-6d96-4d2f-b296-c1bc7137275f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can’t update anything other than training images and tags.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:33:20.8278896Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.1892871Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88424f51-ebe7-446f-bc41-7fa16989e96c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only actions in the project. Readers can’t create or update the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:34:18.5328818Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.3642707Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"93586559-c37d-4a6b-ba08-b9f0940c2d73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Trainer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can’t create or delete the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:35:13.8147804Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.5442713Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. Cannot manage key vault resources or manage role assignments. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:46.2349235Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.2542755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00482a5a-887f-4fb3-b363-3b7fe8e74483\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00482a5a-887f-4fb3-b363-3b7fe8e74483\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform cryptographic operations using keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/update/action\",\n \"Microsoft.KeyVault/vaults/keys/backup/action\",\n \"Microsoft.KeyVault/vaults/keys/encrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/decrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\",\n \"Microsoft.KeyVault/vaults/keys/sign/action\",\n \"Microsoft.KeyVault/vaults/keys/verify/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0699268Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.6042921Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12338af0-0e69-4776-bea7-57ae8d297424\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12338af0-0e69-4776-bea7-57ae8d297424\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the secrets of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.1449242Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.779347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b86a8fe4-44ce-4948-aee5-eccb2c155cd7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b86a8fe4-44ce-4948-aee5-eccb2c155cd7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read secret contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2049241Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.9542829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4633458b-17de-408a-b874-0445c86b69e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4633458b-17de-408a-b874-0445c86b69e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificates Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the certificates of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificatecas/*\",\n \"Microsoft.KeyVault/vaults/certificates/*\",\n \"Microsoft.KeyVault/vaults/certificatecontacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2499247Z\",\n \"updatedOn\": \"2023-06-09T18:51:51.8587772Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4417e6f-fecd-4de8-b567-7b0420556985\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4417e6f-fecd-4de8-b567-7b0420556985\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of key vaults and its certificates, keys, and secrets. Cannot read sensitive values such as secret contents or key material. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2949294Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.3043292Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21090545-7ca7-4776-b22c-e363652d74d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21090545-7ca7-4776-b22c-e363652d74d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Encryption User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-20T20:55:19.239847Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.8443056Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e147488a-f6f5-4113-8e2d-b22465e65bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e147488a-f6f5-4113-8e2d-b22465e65bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources in cluster/namespace, except secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/read\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/read\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/read\",\n \"Microsoft.Kubernetes/connectedClusters/pods/read\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/read\",\n \"Microsoft.Kubernetes/connectedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:51:12.8801199Z\",\n \"updatedOn\": \"2021-11-11T20:14:33.8193353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63f0a09d-1495-4db4-a681-037d84835eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63f0a09d-1495-4db4-a681-037d84835eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:53:50.6749823Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.0043462Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b999177-9696-4545-85c7-50de3797e5a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b999177-9696-4545-85c7-50de3797e5a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:55:30.9910462Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.1743694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8393591c-06b9-48a2-a542-1bd6b377f6a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8393591c-06b9-48a2-a542-1bd6b377f6a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:57:06.0391177Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.3593384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dffb1e0c-446f-4dde-a09f-99eb5cc68b96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dffb1e0c-446f-4dde-a09f-99eb5cc68b96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:47:24.4071415Z\",\n \"updatedOn\": \"2022-10-13T01:31:35.5535817Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.ContainerService/managedClusters/resourcequotas/write\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/delete\",\n \"Microsoft.ContainerService/managedClusters/namespaces/write\",\n \"Microsoft.ContainerService/managedClusters/namespaces/delete\"\n ]\n }\n ],\n \"createdOn\": \"2020-07-02T17:50:30.4020311Z\",\n \"updatedOn\": \"2023-05-09T19:55:25.9025082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3498e952-d568-435e-9b2c-8d77e338d7f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3498e952-d568-435e-9b2c-8d77e338d7f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/read\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/read\",\n \"Microsoft.ContainerService/managedClusters/configmaps/read\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/endpoints/read\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/managedClusters/pods/read\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/read\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/read\",\n \"Microsoft.ContainerService/managedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:53:05.5728294Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.286456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f6c6a51-bcf8-42ba-9220-52d62157d7db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f6c6a51-bcf8-42ba-9220-52d62157d7db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/*\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/*\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/read\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/write\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/delete\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/*\",\n \"Microsoft.ContainerService/managedClusters/configmaps/*\",\n \"Microsoft.ContainerService/managedClusters/endpoints/*\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/managedClusters/pods/*\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/*\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/secrets/*\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/*\",\n \"Microsoft.ContainerService/managedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:54:51.9644983Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.2854555Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Services Hub Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.ServicesHub/connectors/write\",\n \"Microsoft.ServicesHub/connectors/read\",\n \"Microsoft.ServicesHub/connectors/delete\",\n \"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action\",\n \"Microsoft.ServicesHub/supportOfferingEntitlement/read\",\n \"Microsoft.ServicesHub/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-20T17:57:22.0644902Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.5544021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"82200a5b-e217-47a5-b665-6d8765ee745b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object understanding account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-23T19:16:31.9929119Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.9070085Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18777c0-1514-4662-8490-608db7d334b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18777c0-1514-4662-8490-608db7d334b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/clientToken/action\",\n \"Microsoft.SignalRService/SignalR/hub/*\",\n \"Microsoft.SignalRService/SignalR/group/*\",\n \"Microsoft.SignalRService/SignalR/clientConnection/*\",\n \"Microsoft.SignalRService/SignalR/user/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T09:35:32.2764751Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd53cd77-2268-407a-8f46-7e7863d0f521\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd53cd77-2268-407a-8f46-7e7863d0f521\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage data packages of a collaborative.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/locations/dataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/receivedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/rejectDataPackage/action\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/sharedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/dataModels/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/auditLogs/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-14T11:58:31.8973556Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.2428145Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/daa9e50b-21df-454c-94a6-a8050adab352\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"daa9e50b-21df-454c-94a6-a8050adab352\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management and content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:40:19.237361Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.7922672Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management and content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:56:22.352051Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.9672678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/02ca0879-e8e4-47a5-a61e-5c618b76e64a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"02ca0879-e8e4-47a5-a61e-5c618b76e64a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:58:18.42555Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.1433368Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0378884a-3af5-44ab-8323-f5b22f9f3c98\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0378884a-3af5-44ab-8323-f5b22f9f3c98\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:02:43.3299181Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.6754856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the system level configuration.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-10T07:46:47.5804491Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.6930781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cb43c632-a144-4ec5-977c-e80c4affc34a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-10T07:47:59.6195639Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.8780761Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b20f47b-3825-43cb-8114-4bd2201156a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and list Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:31:38.027274Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:48:26.6032931Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5dffeca3-4936-4216-b2bc-10343a5abb25\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/list/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/search/action\",\n \"Microsoft.AgFoodPlatform/*/download/action\",\n \"Microsoft.AgFoodPlatform/*/overlap/action\",\n \"Microsoft.AgFoodPlatform/*/checkConsent/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:08.913882Z\",\n \"updatedOn\": \"2022-12-13T16:08:52.9655626Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/write\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/farmers/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.7239169Z\",\n \"updatedOn\": \"2023-12-01T07:52:03.4961232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8508508a-4469-4e45-963b-2518ee0bb728\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides admin access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.8039209Z\",\n \"updatedOn\": \"2021-11-11T20:14:45.3613128Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f8da80de-1ff9-4747-ad80-a19b7f6079e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed HSM contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage managed HSM pools, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/managedHSMs/*\",\n \"Microsoft.KeyVault/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/purge/action\",\n \"Microsoft.KeyVault/locations/managedHsmOperationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-16T21:47:01.1291104Z\",\n \"updatedOn\": \"2022-03-08T00:35:44.4196909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18500a29-7fe2-46b2-a342-b16a415e101d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-01T08:55:21.3980274Z\",\n \"updatedOn\": \"2021-11-11T20:14:47.547135Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b555d9b-b4a7-4f43-b330-627f0e5be8f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b555d9b-b4a7-4f43-b330-627f0e5be8f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/group/read\",\n \"Microsoft.SignalRService/SignalR/clientConnection/read\",\n \"Microsoft.SignalRService/SignalR/user/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:19:05.6463616Z\",\n \"updatedOn\": \"2021-11-11T20:14:48.790297Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddde6b66-c0df-4114-a159-3618637b3035\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddde6b66-c0df-4114-a159-3618637b3035\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:20:32.150141Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e4f1700-ea5a-4f59-8f37-079cfe29dce3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e4f1700-ea5a-4f59-8f37-079cfe29dce3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reservation Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase reservations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Compute/register/action\",\n \"Microsoft.Consumption/register/action\",\n \"Microsoft.Consumption/reservationRecommendationDetails/read\",\n \"Microsoft.Consumption/reservationRecommendations/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SQL/register/action\",\n \"Microsoft.Support/supporttickets/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-23T20:22:48.9217751Z\",\n \"updatedOn\": \"2022-04-14T02:20:54.5414624Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7b75c60-3036-4b75-91c3-6b41c27c1689\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7b75c60-3036-4b75-91c3-6b41c27c1689\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Metrics Writer (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you write metrics to AzureML workspace\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/metrics/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-27T16:55:19.566495Z\",\n \"updatedOn\": \"2021-11-11T20:14:49.8655015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"635dd51f-9968-44d3-b7fb-6d9a6bd613ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform backup and restore operations using Azure Backup on the storage account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/operations/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/delete\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/write\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/restorePointMarkers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/restoreBlobRanges/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-02T23:32:50.4203469Z\",\n \"updatedOn\": \"2022-04-20T05:50:13.0184092Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Metric Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creation, writes and reads to the metric set via the metrics service APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-10T20:07:53.7535885Z\",\n \"updatedOn\": \"2021-11-11T20:14:50.9524177Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6188b7c9-7d01-4f99-a59f-c88b630326c0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6188b7c9-7d01-4f99-a59f-c88b630326c0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Curator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\",\n \"Microsoft.ProjectBabylon/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:31:33.7988825Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.4929515Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9ef4ef9c-a049-46b0-82ab-dd8ac094c889\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9ef4ef9c-a049-46b0-82ab-dd8ac094c889\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:33:13.5342351Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.6729667Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d896ba-346d-4f50-bc1d-7d1c84130446\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d896ba-346d-4f50-bc1d-7d1c84130446\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Source Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/scan/read\",\n \"Microsoft.ProjectBabylon/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:34:01.8401954Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.8529643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05b7651b-dc44-475e-b74d-df3db49fae0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05b7651b-dc44-475e-b74d-df3db49fae0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-03T23:26:00.2784962Z\",\n \"updatedOn\": \"2021-11-11T20:14:52.9432015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca6382a4-1721-4bcf-a114-ff0c70227b6b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca6382a4-1721-4bcf-a114-ff0c70227b6b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:36:19.0140629Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.0407838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49a72310-ab8d-41df-bbb0-79b649203868\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49a72310-ab8d-41df-bbb0-79b649203868\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:37:16.2910337Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.2107872Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/082f0a83-3be5-4ba1-904c-961cca79b387\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"082f0a83-3be5-4ba1-904c-961cca79b387\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/*\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:38:29.6089216Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.3907854Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21efdde3-836f-432b-bf3d-3e8e734d4b2b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21efdde3-836f-432b-bf3d-3e8e734d4b2b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User Session Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization User Session.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:16.9100273Z\",\n \"updatedOn\": \"2024-10-31T14:20:50.9460757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Session Host Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization Session Host.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:53.2569741Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.7508042Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ad6aaab-ead9-4eaa-8ac5-da422f562408\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ad6aaab-ead9-4eaa-8ac5-da422f562408\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:33.1430834Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.9257967Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ceadfde2-b300-400a-ab7b-6143895aa822\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ceadfde2-b300-400a-ab7b-6143895aa822\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:57.2976187Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.1057701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e307426c-f9b6-4e81-87de-d99efb3c32bc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e307426c-f9b6-4e81-87de-d99efb3c32bc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:18.0287398Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.2858006Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:38.6205531Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.4677136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86240b0e-9422-4c43-887b-b61143f32ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86240b0e-9422-4c43-887b-b61143f32ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:58.1892707Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.6577168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T07:39:03.8394514Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.0178737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk restore.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:31.8481619Z\",\n \"updatedOn\": \"2025-08-21T09:27:36.8531131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b50d9833-a0cb-478e-945f-707fcc997c13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b50d9833-a0cb-478e-945f-707fcc997c13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to manage disk snapshots.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:51.4471411Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.9158814Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7efff54f-a5b4-42b5-a1c5-5411624893ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7efff54f-a5b4-42b5-a1c5-5411624893ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Kubernetes connected cluster role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Kubernetes connected cluster role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.Kubernetes/connectedClusters/write\",\n \"Microsoft.Kubernetes/connectedClusters/delete\",\n \"Microsoft.Kubernetes/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-07T23:57:10.9923232Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.2039838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5548b2cf-c94c-4228-90ba-30851930a12f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5548b2cf-c94c-4228-90ba-30851930a12f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submission Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create and manage submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/adminview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/analystview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/publicview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T09:35:36.5739297Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.3939604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a37b566d-3efa-4beb-a2f2-698963fa42ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a37b566d-3efa-4beb-a2f2-698963fa42ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/platforms/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/write\",\n \"Microsoft.SecurityDetonation/chambers/platforms/delete\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/write\",\n \"Microsoft.SecurityDetonation/chambers/workflows/delete\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/write\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/delete\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/cancel/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T11:43:14.0858184Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.5639749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/352470b3-6a9c-4686-b503-35deb827e500\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"352470b3-6a9c-4686-b503-35deb827e500\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Runtime Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage resources created by AICS at runtime\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/derivedModels/*\",\n \"Microsoft.IndustryDataLifecycle/pipelineSets/*\",\n \"Microsoft.IndustryDataLifecycle/modelMappings/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-19T10:00:27.3464971Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.7442136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a6f0e70-c033-4fb1-828c-08514e5f4102\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a6f0e70-c033-4fb1-828c-08514e5f4102\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosRestoreOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform restore action for Cosmos DB database account with continuous backup mode\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/restore/action\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/*/read\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-21T19:51:35.3884884Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.4892686Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5432c526-bc82-444a-b7ba-57c5b0b5b34f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5432c526-bc82-444a-b7ba-57c5b0b5b34f\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Converter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to convert data from legacy format to FHIR\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-22T19:39:01.1601069Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.8605937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1705bd2-3a8f-45a5-8683-466fcfd5cc24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create quota requests, get quota request status, and create support tickets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/read\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/write\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimitsRequests/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Quota/usages/read\",\n \"Microsoft.Quota/quotas/read\",\n \"Microsoft.Quota/quotas/write\",\n \"Microsoft.Quota/quotaRequests/read\",\n \"Microsoft.Quota/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-03T00:06:35.8404575Z\",\n \"updatedOn\": \"2022-12-07T21:46:59.0116853Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e5f05e5-9ab9-446b-b98d-1e2157c94125\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e5f05e5-9ab9-446b-b98d-1e2157c94125\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-08T18:46:18.8999557Z\",\n \"updatedOn\": \"2021-11-11T20:15:01.6867802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e241071-0855-49ea-94dc-649edcd759de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to query submission info and files from Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-01T14:06:46.2814905Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.327409Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28241645-39f8-410b-ad48-87863e2951d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28241645-39f8-410b-ad48-87863e2951d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:20:47.0279813Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.5006082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a167cdf-cb95-4554-9203-2347fe489bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a167cdf-cb95-4554-9203-2347fe489bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:42:02.0014737Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.6855873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\"\n },\n {\n \"properties\": {\n \"roleName\": \"WorkloadBuilder Migration Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"WorkloadBuilder Migration Agent Role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WorkloadBuilder/migrationAgents/Read\",\n \"Microsoft.WorkloadBuilder/migrationAgents/Write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-11T17:07:20.0828003Z\",\n \"updatedOn\": \"2021-11-11T20:15:04.2456706Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d17ce0a2-0697-43bc-aac5-9113337ab61c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d17ce0a2-0697-43bc-aac5-9113337ab61c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-25T11:12:12.678601Z\",\n \"updatedOn\": \"2021-11-11T20:15:05.3368606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5537268-8956-4941-a8f0-646150406f0c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5537268-8956-4941-a8f0-646150406f0c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:49.7826633Z\",\n \"updatedOn\": \"2024-04-12T06:28:35.0285254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e75ca1e-0464-4b4d-8b93-68208a576181\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Recognizer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/detect/action\",\n \"Microsoft.CognitiveServices/accounts/Face/verify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/identify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/group/action\",\n \"Microsoft.CognitiveServices/accounts/Face/findsimilars/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/read\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-31T01:51:41.3557295Z\",\n \"updatedOn\": \"2023-11-10T00:42:33.8288289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9894cab4-e18a-44aa-828b-cb588cd6f2d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Query Tester\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform query testing without creating a stream analytics job first\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/locations/TestQuery/action\",\n \"Microsoft.StreamAnalytics/locations/OperationResults/read\",\n \"Microsoft.StreamAnalytics/locations/SampleInput/action\",\n \"Microsoft.StreamAnalytics/locations/CompileQuery/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T17:33:24.572787Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.0481551Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\"\n },\n {\n \"properties\": {\n \"roleName\": \"AnyBuild Builder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AnyBuild/clusters/build/write\",\n \"Microsoft.AnyBuild/clusters/build/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T22:07:00.4963853Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.4254134Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2138dac-4907-4679-a376-736901ed8ad8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2138dac-4907-4679-a376-736901ed8ad8\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to IoT Hub data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*/read\",\n \"Microsoft.Devices/IotHubs/fileUpload/notifications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T18:03:29.8843192Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.6054154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b447c946-2db7-41ec-983d-d8bf3b1c77e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b447c946-2db7-41ec-983d-d8bf3b1c77e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Twin Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to all IoT Hub device and module twins.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/twins/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:10.1136903Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.7855063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494bdba2-168f-4f31-a0a1-191d2f7c028c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494bdba2-168f-4f31-a0a1-191d2f7c028c\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub device registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/devices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:47.5532704Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.9804295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ea46cd5-c1b2-4a8e-910b-273211f9ce47\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ea46cd5-c1b2-4a8e-910b-273211f9ce47\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:37:16.9927761Z\",\n \"updatedOn\": \"2021-11-11T20:15:09.1754206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fc6c259-987e-4a07-842e-c321cc9d413f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fc6c259-987e-4a07-842e-c321cc9d413f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Test Base Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let you view and download packages and test results.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getVideoDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/getDownloadUrl/action\",\n \"Microsoft.TestBase/*/read\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/write\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-05-11T23:41:33.1038367Z\",\n \"updatedOn\": \"2021-11-11T20:15:10.8004347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/15e0f5a1-3450-4248-8e25-e2afe88a9e85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"15e0f5a1-3450-4248-8e25-e2afe88a9e85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T20:26:13.4850461Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.3604371Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1407120a-92aa-4202-b7e9-c0e197c71c8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T22:15:16.5388472Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.5504385Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ebe5a00-799e-43f5-93ac-243d3dce84a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:40:54.9150717Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.1005298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76199698-9eea-4c19-bc75-cec21354c6b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76199698-9eea-4c19-bc75-cec21354c6b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:51:59.820761Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.2854966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and search DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:58:30.1630494Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.0154948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:59:30.8659515Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.1904985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58a3b984-7adf-4c20-983a-32417c86fbc8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58a3b984-7adf-4c20-983a-32417c86fbc8\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-02T21:55:40.4847495Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6111233Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a91429-5739-47e2-a06b-3470a27159e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Pool Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-08T17:26:05.1079972Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.9154612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60fc6e62-5479-42d4-8bf4-67625fcc2840\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60fc6e62-5479-42d4-8bf4-67625fcc2840\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Data Scientist\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-14T21:51:06.0361218Z\",\n \"updatedOn\": \"2023-05-30T15:09:08.4457249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6c7c914-8db3-469d-8ca1-694a8f32e121\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage server-wide settings and manage access to resources such as organizations, users, and licenses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-15T21:32:35.380234Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/22926164-76b3-42b3-bc55-97df8dab3e41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"22926164-76b3-42b3-bc55-97df8dab3e41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected SQL Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/sqlServerInstances/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-19T23:52:15.8885739Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.1754742Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8113dce-c529-4d33-91fa-e9b972617508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8113dce-c529-4d33-91fa-e9b972617508\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:37:20.7558643Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.5454755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26baccc8-eea7-41f1-98f4-1762cc7f685d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:44:26.3023126Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.7154782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2787bf04-f1f5-4bfe-8383-c8a24483ee38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Listener\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listen access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/listen/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T18:38:03.1437496Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.9005232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26e0b698-aa6d-4085-9386-aadae190014d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View dashboards, playlists, and query data sources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:36:18.7737511Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60921a7e-fef1-4a43-9b16-a26c52ad4769\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60921a7e-fef1-4a43-9b16-a26c52ad4769\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, edit, delete, or view dashboards; create, edit, or delete folders; and edit or view playlists.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:37:32.5299593Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a79a5197-3a5c-4973-a920-486035ffd60f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a79a5197-3a5c-4973-a920-486035ffd60f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage azure automation resources and other resources using azure automation.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automation/automationAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/ActionGroups/*\",\n \"Microsoft.Insights/ActivityLogAlerts/*\",\n \"Microsoft.Insights/MetricAlerts/*\",\n \"Microsoft.Insights/ScheduledQueryRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T10:18:19.1054699Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.7304954Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f353d9bd-d4a6-484e-a77a-8050b599b867\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f353d9bd-d4a6-484e-a77a-8050b599b867\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Extension Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:47:50.6828896Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.9155393Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85cb6faf-e071-4c9b-8136-154b5a04f717\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85cb6faf-e071-4c9b-8136-154b5a04f717\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to Device Provisioning Service data-plane properties.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:53:12.1374732Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.0905503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/10745317-c249-44a1-a5ce-3a4353c0bbd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"10745317-c249-44a1-a5ce-3a4353c0bbd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Device Provisioning Service data-plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:54:03.2783227Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.2605302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce44e4-17b7-4bd1-a6d1-04996ec95633\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce44e4-17b7-4bd1-a6d1-04996ec95633\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Certificate Profile Signer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Sign files with a certificate profile. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/certificateProfiles/Sign/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-16T23:17:53.0002693Z\",\n \"updatedOn\": \"2024-04-05T05:34:02.8330268Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2837e146-70d7-4cfd-ad55-7efa6464f958\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2837e146-70d7-4cfd-ad55-7efa6464f958\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:40:17.9785063Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.9655101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cff1b556-2399-4e7e-856d-a8f754be7b65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cff1b556-2399-4e7e-856d-a8f754be7b65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\",\n \"Microsoft.AppPlatform/Spring/eurekaService/write\",\n \"Microsoft.AppPlatform/Spring/eurekaService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:42:38.9153779Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.1405497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5880b48-c26d-48be-b172-7927bfa1c8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5880b48-c26d-48be-b172-7927bfa1c8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-26T01:50:51.5123701Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.3155517Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d04c6db6-4947-4782-9e91-30a88feb7be7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d04c6db6-4947-4782-9e91-30a88feb7be7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\",\n \"Microsoft.AppPlatform/Spring/configService/write\",\n \"Microsoft.AppPlatform/Spring/configService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-06T02:30:47.861158Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.0405208Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure VM Managed identities restore Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-13T05:27:59.2180214Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.5805266Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6ae96244-5829-4925-a7d3-5975537d91dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6ae96244-5829-4925-a7d3-5975537d91dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Search and Render Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/render/read\",\n \"Microsoft.Maps/accounts/services/search/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:17:50.5178931Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.045541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6be48352-4f82-47c9-ad5e-0acacefdb005\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6be48352-4f82-47c9-ad5e-0acacefdb005\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access all Azure Maps resource management.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maps/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:19:13.1357904Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.2455414Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dba33070-676a-4fb0-87fa-064dc56ff7fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dba33070-676a-4fb0-87fa-064dc56ff7fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/*\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachineinstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:19:53.0087024Z\",\n \"updatedOn\": \"2023-08-31T13:23:35.2639121Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b748a06d-6150-4f8a-aaa9-ce3940cd96cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b748a06d-6150-4f8a-aaa9-ce3940cd96cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/join/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/Read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/clone/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/Read\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/Read\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/Read\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/allocateSpace/action\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:20:46.5105444Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Administrator role \",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all connected VMwarevSphere actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T17:12:42.6172725Z\",\n \"updatedOn\": \"2024-05-21T15:16:30.6838061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddc140ed-e463-4246-9145-7c664192013f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddc140ed-e463-4246-9145-7c664192013f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, Write, Deploy and Delete functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:28:02.96118Z\",\n \"updatedOn\": \"2021-11-11T20:15:25.4884913Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f72c8140-2111-481c-87ff-72b910f6e3f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/*/read\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action\",\n \"Microsoft.CognitiveServices/accounts/Language/generate/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:14.7643336Z\",\n \"updatedOn\": \"2023-02-28T16:09:04.1394585Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7628b7b8-a8b2-4cdc-b46f-e9b35248918e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, and Write functions under Language Portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:39.5761019Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2904465Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, Write, Deploy and Delete functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:07.6173528Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2749033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f07febfe-79bc-46b1-8b37-790e26e6e498\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under LUIS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*/read\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:31.2704834Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.2134821Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e81cdc-4e98-4e29-a639-e7d10c5a6226\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, and Write functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/delete\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:31:12.1580052Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.3934523Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6322a993-d5c9-4bed-b113-e49bbea25b27\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PlayFab/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T23:26:57.2248605Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.5784834Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9a19cc5-31f4-447c-901f-56c0bb18fcaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9a19cc5-31f4-447c-901f-56c0bb18fcaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, update, delete and execute load tests. View and list load test resources but can not make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/*\",\n \"Microsoft.LoadTestService/testProfiles/*\",\n \"Microsoft.LoadTestService/testProfileRuns/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:11:21.0936461Z\",\n \"updatedOn\": \"2025-09-29T15:12:02.8710803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749a398d-560b-491b-bb21-08924219302e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749a398d-560b-491b-bb21-08924219302e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute all operations on load test resources and load tests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:12:24.5500195Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45bb0b16-2f0c-4e78-afaa-a07599b003f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45bb0b16-2f0c-4e78-afaa-a07599b003f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contributor access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PlayFab/*/read\",\n \"Microsoft.PlayFab/*/write\",\n \"Microsoft.PlayFab/*/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T00:55:37.3326276Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.0547167Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c8b84dc-067c-4039-9615-fa1a4b77c726\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c8b84dc-067c-4039-9615-fa1a4b77c726\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View and list all load tests and load test resources but can not make any changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/readTest/action\",\n \"Microsoft.LoadTestService/testProfiles/read\",\n \"Microsoft.LoadTestService/testProfileRuns/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T06:14:08.3903105Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3ae3fb29-0000-4ccd-bf80-542e7b26e081\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3ae3fb29-0000-4ccd-bf80-542e7b26e081\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Immersive Reader User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create Immersive Reader sessions and call APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T19:52:14.4487503Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.4146975Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b2de6794-95db-4659-8781-7e080d3f2b9d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:51:03.3308981Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.7792013Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f69b8690-cc87-41d6-b77a-a4bc3c0a966f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f69b8690-cc87-41d6-b77a-a4bc3c0a966f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services reader role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:55:30.4208618Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.9592032Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Assistant\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab assistant role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:10.4295443Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.144253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce40b423-cede-4313-a93f-9b28290b72e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce40b423-cede-4313-a93f-9b28290b72e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab operator role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:41.9942935Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.3242664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a36e6959-b6be-4b12-8e9f-ef4b474d304d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a36e6959-b6be-4b12-8e9f-ef4b474d304d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/write\",\n \"Microsoft.LabServices/labs/delete\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/syncGroup/action\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:57:05.9018065Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.4992096Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5daaa2af-1fe8-407c-9122-bba179798270\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5daaa2af-1fe8-407c-9122-bba179798270\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/policyAssignments/*\",\n \"Microsoft.Authorization/policyDefinitions/*\",\n \"Microsoft.Authorization/policyExemptions/*\",\n \"Microsoft.Authorization/policySetDefinitions/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.IoTSecurity/*\",\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:51:23.0917487Z\",\n \"updatedOn\": \"2023-06-27T15:20:21.4401023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb1c8493-542b-48eb-b624-b4c8fea62acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:10:11.833518Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12cf5a90-567b-43ae-8102-96cf46c7d9b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12cf5a90-567b-43ae-8102-96cf46c7d9b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:11:12.6235436Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR App Server\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets your app server access SignalR Service with AAD auth options.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/accessKey/action\",\n \"Microsoft.SignalRService/SignalR/serverConnection/write\",\n \"Microsoft.SignalRService/SignalR/clientConnection/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T06:54:40.1201435Z\",\n \"updatedOn\": \"2021-11-16T05:19:04.8579948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/420fcaa2-552c-430f-98ca-3264be4806c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"420fcaa2-552c-430f-98ca-3264be4806c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a regular user.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.HybridCompute/machines/login/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:55:50.6185845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb879df8-f326-4884-b1cf-06f3ad86be52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb879df8-f326-4884-b1cf-06f3ad86be52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.Compute/virtualMachines/loginAsAdmin/action\",\n \"Microsoft.HybridCompute/machines/login/action\",\n \"Microsoft.HybridCompute/machines/loginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:56:53.8134295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c0163c0-47e6-4577-8991-ea5c82e286e4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c0163c0-47e6-4577-8991-ea5c82e286e4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete and re-onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/*\",\n \"Microsoft.HybridCompute/machines/runCommands/*\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/settings/*\",\n \"Microsoft.HybridCompute/gateways/*\",\n \"Microsoft.HybridCompute/privateLinkScopes/*\",\n \"Microsoft.HybridCompute/licenses/*\",\n \"Microsoft.HybridCompute/locations/*\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:24:59.1474607Z\",\n \"updatedOn\": \"2025-01-31T22:43:26.2952467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd570a14-e51a-42ad-bac8-bafd67325302\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd570a14-e51a-42ad-bac8-bafd67325302\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backup services, except removal of backup, vault creation and giving access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/accessToken/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/write\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/write\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupTriggerValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationsStatuses/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupAadProperties/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrossRegionRestore/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:21:11.894764Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2914246Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00c29273-979b-4161-815c-10b084fb9324\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00c29273-979b-4161-815c-10b084fb9324\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can save shared workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/workbooks/write\",\n \"Microsoft.Insights/workbooks/delete\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/workbooks/revisions/read\",\n \"Microsoft.Insights/workbooktemplates/write\",\n \"Microsoft.Insights/workbooktemplates/delete\",\n \"Microsoft.Insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:59:42.4820277Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8ddcd69-c73f-4f9f-9844-4100522f16ad\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8ddcd69-c73f-4f9f-9844-4100522f16ad\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.insights/workbooks/read\",\n \"microsoft.insights/workbooks/revisions/read\",\n \"microsoft.insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:56:17.680814Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b279062a-9be3-42a0-92ae-8b3cf002ec4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b279062a-9be3-42a0-92ae-8b3cf002ec4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data and update monitoring settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.Monitor/settings/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:21:08.4345976Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749f88d5-cbae-40b8-bcfc-e573ddc772fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Metrics Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables publishing metrics against Azure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Insights/Metrics/Write\",\n \"Microsoft.Insights/Telemetry/Write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-14T00:36:16.5610279Z\",\n \"updatedOn\": \"2022-01-04T00:38:04.0289073Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3913510d-42f4-4e42-8a64-420c390055eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3913510d-42f4-4e42-8a64-420c390055eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 1 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\",\n \"Microsoft.Purview/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:37:15.0123345Z\",\n \"updatedOn\": \"2022-01-04T00:43:15.6924286Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a3c2885-9b38-4fd2-9d99-91af537c1347\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a3c2885-9b38-4fd2-9d99-91af537c1347\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 2 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/scan/read\",\n \"Microsoft.Purview/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:40:05.0975648Z\",\n \"updatedOn\": \"2022-01-04T00:47:22.9678219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/200bba9e-f0c8-430f-892b-6f0794863803\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"200bba9e-f0c8-430f-892b-6f0794863803\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 3 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:39:22.234474Z\",\n \"updatedOn\": \"2022-01-04T00:48:08.2844802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff100721-1b9d-43d8-af52-42b69c1272db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff100721-1b9d-43d8-af52-42b69c1272db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to upload and manage new Autonomous Development Platform measurements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/read\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/dataStreams/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurementCollections/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/changeState/action\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/changeState/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-12-15T11:30:01.7459379Z\",\n \"updatedOn\": \"2022-09-15T17:13:47.5365709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8b15564-4fa6-4a59-ab12-03e1d9594795\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8b15564-4fa6-4a59-ab12-03e1d9594795\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:13:59.9702378Z\",\n \"updatedOn\": \"2022-01-04T13:20:26.2040404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/27f8b550-c507-4db9-86f2-f4b8e816d59d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"27f8b550-c507-4db9-86f2-f4b8e816d59d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:11:31.9843256Z\",\n \"updatedOn\": \"2022-01-04T13:21:04.3207709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d63b75f7-47ea-4f27-92ac-e0d173aaf093\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d63b75f7-47ea-4f27-92ac-e0d173aaf093\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the keys of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/*\",\n \"Microsoft.KeyVault/vaults/keyrotationpolicies/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0099249Z\",\n \"updatedOn\": \"2022-01-06T23:21:17.9760884Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/14b46e9e-c2b7-41b4-b07b-48a6ebf60603\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"14b46e9e-c2b7-41b4-b07b-48a6ebf60603\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:01:34.705363Z\",\n \"updatedOn\": \"2022-01-13T01:35:51.6463216Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49e2f5d2-7741-4835-8efa-19e1fe35e47f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49e2f5d2-7741-4835-8efa-19e1fe35e47f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:59:52.1001666Z\",\n \"updatedOn\": \"2022-01-13T01:59:19.4616366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e4237640-0e3d-4a46-8fda-70bc94856432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e4237640-0e3d-4a46-8fda-70bc94856432\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Write\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.KubernetesConfiguration/extensions/Write\",\n \"Microsoft.KubernetesConfiguration/extensions/Read\",\n \"Microsoft.KubernetesConfiguration/extensions/Delete\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Write\",\n \"Microsoft.ExtendedLocation/customLocations/Delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ResourceConnector/appliances/Read\",\n \"Microsoft.ResourceConnector/appliances/Write\",\n \"Microsoft.ResourceConnector/appliances/Delete\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.BackupSolutions/vmwareapplications/write\",\n \"Microsoft.BackupSolutions/vmwareapplications/delete\",\n \"Microsoft.BackupSolutions/vmwareapplications/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T22:18:08.4480747Z\",\n \"updatedOn\": \"2023-08-18T17:54:09.8815166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/67d33e57-3129-45e6-bb0b-7cc522f762fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"67d33e57-3129-45e6-bb0b-7cc522f762fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Automation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Logic/workflows/triggers/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Logic/workflows/runs/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/runs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-24T08:50:52.0382991Z\",\n \"updatedOn\": \"2022-01-26T09:25:00.4699337Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4c81013-99ee-4d62-a7ee-b3f1f648599a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4c81013-99ee-4d62-a7ee-b3f1f648599a\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*/read\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.097708Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"871e35f6-b5c1-49cc-a043-bde969a0f2cd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can’t create, delete or modify the data/test/model/endpoint for custom models.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read\"\n ]\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:27.4339032Z\",\n \"updatedOn\": \"2024-10-18T20:00:21.397467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2dc8367-1007-4938-bd23-fe263f013447\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows Admin Center Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let's you manage the OS of your resource via Windows Admin Center as an administrator.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/upgradeExtensions/action\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkWatchers/securityGroupView/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/listManagedProxyDetails/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/versions/read\",\n \"Microsoft.Compute/diskAccesses/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete\",\n \"Microsoft.AzureStackHCI/Operations/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Write\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HybridCompute/machines/WACLoginAsAdmin/action\",\n \"Microsoft.Compute/virtualMachines/WACloginAsAdmin/action\",\n \"Microsoft.AzureStackHCI/Clusters/WACloginAsAdmin/Action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/WACloginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-12T00:51:19.5581155Z\",\n \"updatedOn\": \"2024-01-24T16:28:56.8362682Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a6333a3e-0164-44c3-b281-7a577aff287f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a6333a3e-0164-44c3-b281-7a577aff287f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Policy Add-on Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy the Azure Policy add-on on Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/proximityPlacementGroups/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-07T20:51:48.5662807Z\",\n \"updatedOn\": \"2022-03-15T23:34:13.5188193Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ed5180-3e48-46fd-8541-4ea054d57064\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ed5180-3e48-46fd-8541-4ea054d57064\"\n },\n {\n \"properties\": {\n \"roleName\": \"Guest Configuration Resource Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, write Guest Configuration Resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-13T21:31:41.9626667Z\",\n \"updatedOn\": \"2022-02-10T19:22:44.9057916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/088ab73d-1256-47ae-bea9-9de8e7131f31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"088ab73d-1256-47ae-bea9-9de8e7131f31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Insights/DiagnosticSettings/read\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/routes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:38:46.904317Z\",\n \"updatedOn\": \"2022-06-27T17:28:30.2892869Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/361898ef-9ed1-48c2-849c-a832951106bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"361898ef-9ed1-48c2-849c-a832951106bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/Read\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/register/action\",\n \"Microsoft.AAD/unregister/action\",\n \"Microsoft.AAD/domainServices/*\",\n \"Microsoft.Network/register/action\",\n \"Microsoft.Network/unregister/action\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/delete\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:40:22.3943189Z\",\n \"updatedOn\": \"2022-06-27T17:28:31.1017906Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eeaeda52-9324-47f6-8069-5d5bade478b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eeaeda52-9324-47f6-8069-5d5bade478b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Resolver Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS resolver resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsResolvers/read\",\n \"Microsoft.Network/dnsResolvers/write\",\n \"Microsoft.Network/dnsResolvers/delete\",\n \"Microsoft.Network/dnsResolvers/join/action\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/join/action\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/read\",\n \"Microsoft.Network/dnsForwardingRulesets/write\",\n \"Microsoft.Network/dnsForwardingRulesets/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/read\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/write\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/read\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/write\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/delete\",\n \"Microsoft.Network/locations/dnsResolverOperationResults/read\",\n \"Microsoft.Network/locations/dnsResolverOperationStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-16T23:25:04.4308795Z\",\n \"updatedOn\": \"2022-03-12T01:08:44.4650132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Enabled Kubernetes Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credentials action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredentials/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-28T17:37:00.7637445Z\",\n \"updatedOn\": \"2022-02-17T02:29:05.1000798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00493d72-78f6-4148-b6c5-d3ce8e4799dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00493d72-78f6-4148-b6c5-d3ce8e4799dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to upload data to empty managed disks, read, or export data of managed disks (not attached to running VMs) and snapshots using SAS URIs and Azure AD authentication.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/disks/download/action\",\n \"Microsoft.Compute/disks/upload/action\",\n \"Microsoft.Compute/snapshots/download/action\",\n \"Microsoft.Compute/snapshots/upload/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"updatedOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/959f8984-c045-4866-89c7-12bf9737be2e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"959f8984-c045-4866-89c7-12bf9737be2e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Sensor Partner Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to manage sensor related entities in AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete\"\n ]\n }\n ],\n \"createdOn\": \"2022-03-09T09:03:53.490279Z\",\n \"updatedOn\": \"2022-10-27T07:34:00.932807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b77f0a0-0d89-41cc-acd1-579c22c17a67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Sharing Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role allows user to share gallery to another subscription/tenant or share it to the public.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-10T04:36:08.9040323Z\",\n \"updatedOn\": \"2022-03-26T00:40:55.2620635Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ef6a3be-d0ac-425d-8c01-acb62866290b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ef6a3be-d0ac-425d-8c01-acb62866290b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Patching Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/maintenanceConfigurations/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/delete\",\n \"Microsoft.Maintenance/configurationAssignments/read\",\n \"Microsoft.Maintenance/configurationAssignments/write\",\n \"Microsoft.Maintenance/configurationAssignments/delete\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/applyUpdates/read\",\n \"Microsoft.Maintenance/updates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-21T14:34:05.5308153Z\",\n \"updatedOn\": \"2025-02-27T13:35:19.3626961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd08ab90-6b14-449c-ad9a-8f8e549482c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd08ab90-6b14-449c-ad9a-8f8e549482c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Dev Box User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create and manage dev boxes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T22:42:03.2894277Z\",\n \"updatedOn\": \"2023-10-18T19:06:15.1790546Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45d50f46-0b78-4001-a660-4198cbe8cd05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45d50f46-0b78-4001-a660-4198cbe8cd05\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Project Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage project resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/write\",\n \"Microsoft.DevCenter/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/adminStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminAlign/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminAction/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T23:57:37.3708041Z\",\n \"updatedOn\": \"2025-07-23T23:00:43.7994094Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/331c37c6-af14-46d9-b9f4-e1909e1b95a0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"331c37c6-af14-46d9-b9f4-e1909e1b95a0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Local User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a local user configured on the arc server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-07T04:12:11.0327385Z\",\n \"updatedOn\": \"2022-04-16T23:03:02.5542069Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/602da2ba-a5c2-41da-b01d-5360126ab525\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"602da2ba-a5c2-41da-b01d-5360126ab525\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/virtualmachines/*\",\n \"microsoft.scvmm/virtualMachineInstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.9085842Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e582369a-e17b-42a5-b10c-874c387c530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e582369a-e17b-42a5-b10c-874c387c530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Administrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ScVmm/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a92dfd61-77f9-4aec-a531-19858b406c87\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a92dfd61-77f9-4aec-a531-19858b406c87\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/vmmservers/Read\",\n \"microsoft.scvmm/vmmservers/Write\",\n \"microsoft.scvmm/vmmservers/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-05-19T07:39:31.0563245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"microsoft.scvmm/virtualnetworks/join/action\",\n \"microsoft.scvmm/virtualnetworks/Read\",\n \"microsoft.scvmm/virtualmachinetemplates/clone/action\",\n \"microsoft.scvmm/virtualmachinetemplates/Read\",\n \"microsoft.scvmm/clouds/deploy/action\",\n \"microsoft.scvmm/clouds/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0781e91-8102-4553-8951-97c6d4243cda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0781e91-8102-4553-8951-97c6d4243cda\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Pool Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/delete\",\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.HDInsight/clusterPools/write\",\n \"Microsoft.HDInsight/clusterpools/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterpools/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/upgradehistories/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:43.7126562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7656b436-37d4-490a-a4ab-d39f838f0042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7656b436-37d4-490a-a4ab-d39f838f0042\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/clusters/delete\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/rollback/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd036e6b-1266-47a0-b0bb-a05d04831731\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd036e6b-1266-47a0-b0bb-a05d04831731\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and import FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-19T12:03:07.1913541Z\",\n \"updatedOn\": \"2022-04-21T13:19:49.7566662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4465e953-8ced-4406-a58e-0f6e3f3b530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to read cluster configurations, resize clusters and run jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.Hdinsight/clusterpools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\",\n \"Microsoft.Insights/diagnosticSettings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-26T14:14:33.8566334Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcf28286-af25-4c81-bb6f-351fcab5dbe9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcf28286-af25-4c81-bb6f-351fcab5dbe9\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Developer Portal Content Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can customize the developer portal, edit its content, and publish it.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/portalRevisions/read\",\n \"Microsoft.ApiManagement/service/portalRevisions/write\",\n \"Microsoft.ApiManagement/service/contentTypes/read\",\n \"Microsoft.ApiManagement/service/contentTypes/delete\",\n \"Microsoft.ApiManagement/service/contentTypes/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/read\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-06T21:46:28.7501982Z\",\n \"updatedOn\": \"2022-05-11T01:48:03.0899467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c031e6a8-4391-4de0-8d69-4706a7ed3729\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c031e6a8-4391-4de0-8d69-4706a7ed3729\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role that provides access to disk snapshot for security analysis.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/instanceView/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/instanceView/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-15T19:19:38.5462809Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7808068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to all resources under Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-26T12:41:01.1833837Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80dcbedb-47ef-405d-95bd-188a1b4ac406\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80dcbedb-47ef-405d-95bd-188a1b4ac406\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for control path read access to Azure Elastic SAN\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-01T07:05:04.5639037Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af6a70f8-3c9f-4105-acf1-d719e9fca4ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af6a70f8-3c9f-4105-acf1-d719e9fca4ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read\",\n \"Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/availabilitySets/vmSizes/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.Compute/locations/usages/read\",\n \"Microsoft.Compute/locations/vmSizes/read\",\n \"Microsoft.Compute/operations/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/runCommand/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/write\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read\",\n \"Microsoft.KeyVault/vaults/deploy/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.2575005Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5340758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a959dbd1-f747-45e3-8ba6-dd80f235f97c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Off Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureStackHCI/operations/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/restart/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/stop/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/eventtypes/values/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-08-15T18:24:59.2883823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40c5ff49-9181-41f8-ae61-143b0e78555e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40c5ff49-9181-41f8-ae61-143b0e78555e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-02-12T16:11:25.5904731Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/489581de-a3bd-480d-9518-53dea7416b33\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"489581de-a3bd-480d-9518-53dea7416b33\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Group Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to a volume group in Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8281131-f312-4f34-8d98-ae12be9f0d23\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8281131-f312-4f34-8d98-ae12be9f0d23\"\n },\n {\n \"properties\": {\n \"roleName\": \"Access Review Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Management/getEntities/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76cc9ee4-d5d3-4a45-a930-26add3d73475\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76cc9ee4-d5d3-4a45-a930-26add3d73475\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Identity Verifier\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage identity or business verification requests. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/IdentityVerification/Read\",\n \"Microsoft.CodeSigning/IdentityVerification/Write\",\n \"Microsoft.CodeSigning/IdentityVerification/Delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-29T07:36:35.8877235Z\",\n \"updatedOn\": \"2024-10-24T14:08:43.6479343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4339b7cf-9826-4e41-b4ed-c7f4505dac08\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4339b7cf-9826-4e41-b4ed-c7f4505dac08\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Restricted Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to view and search through all video's insights and transcription in the Video Indexer portal. No access to model customization, embedding of widget, downloading videos, or sharing the account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/*/read\",\n \"Microsoft.VideoIndexer/accounts/*/action\"\n ],\n \"notActions\": [\n \"Microsoft.VideoIndexer/*/write\",\n \"Microsoft.VideoIndexer/*/delete\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"updatedOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2c4a527-7dc0-4ee3-897b-403ade70fafb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2c4a527-7dc0-4ee3-897b-403ade70fafb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access the data in an Azure Monitor Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Monitor/accounts/data/metrics/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T15:27:32.9926129Z\",\n \"updatedOn\": \"2022-10-07T20:52:48.6545841Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b0d8363b-8ddd-447d-831f-62ca05bff136\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b0d8363b-8ddd-447d-831f-62ca05bff136\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7837694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5af6afb3-c06c-4fa4-8848-71a8aee05683\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5af6afb3-c06c-4fa4-8848-71a8aee05683\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/apps/deployments/*\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/*\",\n \"Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/*\",\n \"Microsoft.ContainerService/fleets/batch/jobs/*\",\n \"Microsoft.ContainerService/fleets/configmaps/*\",\n \"Microsoft.ContainerService/fleets/endpoints/*\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/*\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/*\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/*\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/*\",\n \"Microsoft.ContainerService/fleets/services/*\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/*\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434fb43a-c01c-447e-9f67-c3ad923cfaba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434fb43a-c01c-447e-9f67-c3ad923cfaba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63bb64ad-9799-4770-b5c3-24ed299a07bf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63bb64ad-9799-4770-b5c3-24ed299a07bf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-23T18:34:36.152431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/30b27cfc-9c84-438e-b0ce-70e35255df80\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"30b27cfc-9c84-438e-b0ce-70e35255df80\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ab4d3d-a1bf-4477-8ad9-8359bc988f69\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ab4d3d-a1bf-4477-8ad9-8359bc988f69\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to read namespace resources and retrieve kubeconfig for the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/listUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"updatedOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba79058c-0414-4a34-9e42-c3399d80cd5a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba79058c-0414-4a34-9e42-c3399d80cd5a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Labeling - Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can label data in Labeling.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/experiments/runs/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/summary/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-02T20:34:03.6536098Z\",\n \"updatedOn\": \"2022-09-08T21:01:04.9492408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6decf44-fd0a-444c-a844-d653c394e7ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6decf44-fd0a-444c-a844-d653c394e7ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Role Based Access Control Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T00:28:32.1779656Z\",\n \"updatedOn\": \"2023-11-08T20:50:17.2103449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f58310d9-a9f6-439a-9e8d-f62e7b41a168\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f58310d9-a9f6-439a-9e8d-f62e7b41a168\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Template Spec operations at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c9b6475-caf0-4164-b5a1-2142a7116f4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c9b6475-caf0-4164-b5a1-2142a7116f4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Template Specs at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/392ae280-861d-42bd-9ea5-08ee6d83b80e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"392ae280-861d-42bd-9ea5-08ee6d83b80e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Playbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Playbook Operator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Logic/workflows/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-20T17:17:53.1732035Z\",\n \"updatedOn\": \"2022-12-07T18:28:46.3977543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/51d6186e-6489-4900-b93f-92e23144cca5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"51d6186e-6489-4900-b93f-92e23144cca5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/userRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/userOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-21T23:02:10.9267534Z\",\n \"updatedOn\": \"2023-11-11T02:44:04.8360299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e40d4e-8d2e-438d-97e1-9528336e149c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e40d4e-8d2e-438d-97e1-9528336e149c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Connect Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Connect Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"updatedOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80558df3-64f9-4c0f-b32d-e5094b036b0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80558df3-64f9-4c0f-b32d-e5094b036b0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Remote Debugging Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Remote Debugging Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"updatedOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a99b0159-1064-4c22-a57b-c9b3caa1c054\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a99b0159-1064-4c22-a57b-c9b3caa1c054\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Registry User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/registries/assets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1823dd4f-9b8c-4ab6-ab4e-7397a3684615\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Compute Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/computes/*\",\n \"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/write\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/virtualNetworks/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/join/action\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aabbc5dd-1af0-458b-a942-81af88f9c138\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aabbc5dd-1af0-458b-a942-81af88f9c138\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/Operations/read\",\n \"Microsoft.Workloads/Locations/OperationStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2024-01-12T10:58:11.4343824Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05352d14-a920-4328-a0de-4cbe7430e26b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05352d14-a920-4328-a0de-4cbe7430e26b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read and write access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/write\",\n \"Microsoft.Workloads/sapVirtualInstances/*/delete\",\n \"Microsoft.Workloads/Locations/*/action\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/start/action\",\n \"Microsoft.Workloads/sapVirtualInstances/*/stop/action\",\n \"Microsoft.Workloads/connectors/*/read\",\n \"Microsoft.Workloads/connectors/*/write\",\n \"Microsoft.Workloads/connectors/*/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/*/generateKeyPair/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-04T17:14:14.5212968Z\",\n \"updatedOn\": \"2023-06-21T15:30:31.2294248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"AppGw for Containers Configuration Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access and configuration updates to Application Gateway for Containers resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/delete\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-06T03:15:51.8980834Z\",\n \"updatedOn\": \"2024-10-29T15:24:36.1024666Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbc52c3f-28ad-4303-a892-8a056630b8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbc52c3f-28ad-4303-a892-8a056630b8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR SMART User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user to access FHIR Service according to SMART on FHIR specification\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T17:20:25.4418773Z\",\n \"updatedOn\": \"2022-12-07T20:30:43.3899302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ba50f17-9666-485c-a643-ff00808643f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ba50f17-9666-485c-a643-ff00808643f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access including the ability to fine-tune, deploy and generate text\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/read\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/write\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/delete\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/read\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/write\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/delete\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2023-08-25T21:51:58.6134163Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a001fd3d-188f-4b5d-821b-7da978bf7442\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Ability to view files, models, deployments. Readers can't make any changes They can inference and create images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*/read\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/delete\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/assistants/*\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/responses/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read\"\n ]\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2025-04-28T15:13:50.0338628Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact Reporter role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact write access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*\",\n \"Microsoft.Impact/ImpactCategories/read\",\n \"Microsoft.Impact/TopologyImpacts/*\",\n \"Microsoft.Impact/getUploadToken/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:34:10.0140145Z\",\n \"updatedOn\": \"2025-09-26T15:39:14.9829777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Impact Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to reported impacts and impact categories\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/read\",\n \"Microsoft.Impact/ImpactCategories/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:49:23.8706555Z\",\n \"updatedOn\": \"2022-11-14T16:02:29.4536312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Monitoring User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster monitoring user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-02-06T16:01:22.3399796Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1afdec4b-e479-420e-99e7-f82237c7c5e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1afdec4b-e479-420e-99e7-f82237c7c5e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"ContainerApp Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all containerapp resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-01-02T16:08:35.1119461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EdgeMarketplace/locations/operationStatuses/read\",\n \"Microsoft.EdgeMarketPlace/offers/getAccessToken/action\",\n \"Microsoft.EdgeMarketPlace/offers/generateAccessToken/action\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Attestation/attestationProviders/write\",\n \"Microsoft.Attestation/attestationProviders/read\",\n \"Microsoft.Attestation/attestationProviders/delete\",\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-15T16:12:10.4398106Z\",\n \"updatedOn\": \"2024-08-26T15:01:40.009798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5819b54-e033-4d82-ac66-4fec3cbf3f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5819b54-e033-4d82-ac66-4fec3cbf3f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlDb Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlDb migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/write\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/write\",\n \"Microsoft.Sql/servers/databases/delete\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-12-07T23:03:17.2201214Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6344876Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/189207d4-bb67-4208-a635-b06afe8b2c57\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"189207d4-bb67-4208-a635-b06afe8b2c57\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services GDU Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to GDU Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.7508137Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c4bc862a-3b64-4a35-a021-a380c159b042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c4bc862a-3b64-4a35-a021-a380c159b042\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Imagery Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.2220222Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef29765d-0d37-4119-a4f8-f9f9902c9588\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef29765d-0d37-4119-a4f8-f9f9902c9588\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Service role for management\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions that the user assigned managed identity must have to enable registration for the existing systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0105a6b0-4bb9-43d2-982a-12806f9faddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0105a6b0-4bb9-43d2-982a-12806f9faddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Management role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions which allow users to register existing systems, view and manage systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d949e1d-41e2-46e3-8920-c6e4f31a8310\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d949e1d-41e2-46e3-8920-c6e4f31a8310\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes API Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Security/pricings/securityoperators/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T13:11:09.1105477Z\",\n \"updatedOn\": \"2025-09-12T08:03:06.9409916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a2ae44-610b-4500-93be-660a0c5f5ca6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a2ae44-610b-4500-93be-660a0c5f5ca6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Usage Billing Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Usage Billing shared BuiltIn role to be used for all Customer Account Authentication\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.UsageBilling/accounts/inputs/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T20:45:56.3071212Z\",\n \"updatedOn\": \"2023-01-26T19:26:37.6422441Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Registry secure supply chain operator service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\",\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-19T15:58:15.6513344Z\",\n \"updatedOn\": \"2024-06-12T15:19:54.7471937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96062cf7-95ca-4f89-9b9d-2a2aa47356af\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlMI Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlMI migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/write\",\n \"Microsoft.Sql/managedInstances/databases/read\",\n \"Microsoft.Sql/managedInstances/databases/write\",\n \"Microsoft.Sql/managedInstances/databases/delete\",\n \"Microsoft.Sql/managedInstances/metrics/read\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.2824316Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3295951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d335eef-eee1-47fe-a9e0-53214eba8872\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d335eef-eee1-47fe-a9e0-53214eba8872\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services CWUM Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to CWUM Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3570667Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9b99099-ead7-47db-8fcf-072597a61dfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9b99099-ead7-47db-8fcf-072597a61dfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlVM Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlVM migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3580681Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6444899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae8036db-e102-405b-a1b9-bae082ea436d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae8036db-e102-405b-a1b9-bae082ea436d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Cdn/profiles/customdomains/write\",\n \"Microsoft.Cdn/profiles/customdomains/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.0560669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab34830-df19-4f8c-b84e-aa85b8afa6e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7541192Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0db238c4-885e-4c4f-a933-aa2cef684fca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Cdn/profiles/secrets/write\",\n \"Microsoft.Cdn/profiles/secrets/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f2eb865-5811-4578-b90a-6fc6fa0df8e5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door domains, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7551197Z\",\n \"updatedOn\": \"2023-12-07T09:22:52.9393362Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f99d363-226e-4dca-9920-b807cf8e1a5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/register/action\",\n \"Microsoft.AzureStackHCI/Unregister/Action\",\n \"Microsoft.AzureStackHCI/clusters/*\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action\",\n \"Microsoft.HybridCompute/register/action\",\n \"Microsoft.GuestConfiguration/register/action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.AzureStackHCI/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068}))\"\n }\n ],\n \"createdOn\": \"2023-02-03T05:08:48.3968454Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bda0d508-adf1-4af0-9c28-88919fc3ae06\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bda0d508-adf1-4af0-9c28-88919fc3ae06\"\n },\n {\n \"properties\": {\n \"roleName\": \"MySQL Backup And Export Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage backup and export resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforMySQL/flexibleServers/validateBackup/action\",\n \"Microsoft.DBforMySQL/flexibleServers/backupAndExport/action\",\n \"Microsoft.DBforMySQL/locations/operationResults/read\",\n \"Microsoft.DBforMySQL/locations/azureAsyncOperation/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T06:09:26.5657063Z\",\n \"updatedOn\": \"2023-05-12T10:55:29.6654289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18ad5f3-1baf-4119-b49b-d944edb1f9d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18ad5f3-1baf-4119-b49b-d944edb1f9d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalNGFirewallAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to create, modify, describe, or delete NGFirewalls.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/firewalls/*\",\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/globalRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/networkVirtualAppliances/read\",\n \"Microsoft.Network/networkVirtualAppliances/write\",\n \"Microsoft.Network/networkVirtualAppliances/delete\",\n \"Microsoft.Network/virtualHubs/read\",\n \"Microsoft.Network/virtualWans/read\",\n \"Microsoft.Network/virtualWans/virtualHubs/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4098652Z\",\n \"updatedOn\": \"2023-03-13T15:13:22.9170402Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalRulestacksAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create, modify, describe, or delete Rulestacks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4108678Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3315958Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfc3b73d-c6ff-45eb-9a5f-40298295bf20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfc3b73d-c6ff-45eb-9a5f-40298295bf20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Extension for SQL Server Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to enable deployment of Azure Extension for SQL Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.HybridCompute/machines/extensions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-09T19:23:30.8734404Z\",\n \"updatedOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7392c568-9289-4bde-aaaa-b7131215889d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7392c568-9289-4bde-aaaa-b7131215889d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Read and Batch Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can be used to assign read and batch actions on Azure Maps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/*/read\",\n \"Microsoft.Maps/accounts/services/batch/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"updatedOn\": \"2023-05-16T15:12:18.5723729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6470a16-71bd-43ab-86b3-6f3a73f4e787\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6470a16-71bd-43ab-86b3-6f3a73f4e787\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/users/read\",\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/groups/read\",\n \"Microsoft.ApiManagement/service/groups/users/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/apis/*\",\n \"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*\",\n \"Microsoft.ApiManagement/service/workspaces/policies/*\",\n \"Microsoft.ApiManagement/service/workspaces/schemas/*\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/policyFragments/*\",\n \"Microsoft.ApiManagement/service/workspaces/namedValues/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/backends/*\",\n \"Microsoft.ApiManagement/service/workspaces/certificates/*\",\n \"Microsoft.ApiManagement/service/workspaces/diagnostics/*\",\n \"Microsoft.ApiManagement/service/workspaces/loggers/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56328988-075d-4c6a-8766-d93edd6725b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/subscriptions/*\",\n \"Microsoft.ApiManagement/service/workspaces/groups/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/notifications/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c2c328-d004-4c5e-938c-35c6f5679a1f\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9565a273-41b9-4368-97d2-aeb0c976a9b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:33:57.1067324Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8eda974-7b85-4f76-af95-65846b26df6d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8eda974-7b85-4f76-af95-65846b26df6d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:49:03.5905581Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69566ab7-960f-475b-8e7c-b3118f30c6bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to read virtual networks and join the designated virtual networks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7eabc9a4-85f7-4f71-b8ab-75daaccc1033\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7eabc9a4-85f7-4f71-b8ab-75daaccc1033\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows365SubscriptionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d55a8f6-4133-418d-8051-facdb1735758\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d55a8f6-4133-418d-8051-facdb1735758\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network Interface Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action\",\n \"Microsoft.Network/networkInterfaces/effectiveRouteTable/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1f135831-5bbe-4924-9016-264044c00788\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1f135831-5bbe-4924-9016-264044c00788\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1250456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppComplianceAutomation/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/fileservices/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.PolicyInsights/policyStates/queryResults/action\",\n \"Microsoft.PolicyInsights/policyStates/triggerEvaluation/action\",\n \"Microsoft.Resources/resources/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/tags/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Security/automations/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Security/automations/delete\",\n \"Microsoft.Security/automations/write\",\n \"Microsoft.Security/register/action\",\n \"Microsoft.Security/unregister/action\",\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1240456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f37683f-2463-46b6-9ce7-9b788b988ba2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f37683f-2463-46b6-9ce7-9b788b988ba2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-01T15:11:52.6370946Z\",\n \"updatedOn\": \"2023-05-05T22:39:42.6328063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9dfcab-4b77-4632-a6df-94bd07820648\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9dfcab-4b77-4632-a6df-94bd07820648\"\n },\n {\n \"properties\": {\n \"roleName\": \"SaaS Hub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"SaaS Hub contributor can manage SaaS Hub resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-02T15:22:12.2506952Z\",\n \"updatedOn\": \"2023-05-11T22:10:29.48093Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeployments/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.1951056Z\",\n \"updatedOn\": \"2023-05-11T22:10:28.3488114Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read and download Azure Sphere resources and upload images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.AzureSphere/catalogs/images/write\",\n \"Microsoft.AzureSphere/catalogs/uploadImage/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.8007514Z\",\n \"updatedOn\": \"2024-01-26T23:01:00.4162781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d994134-994b-4a59-9974-f479f0b227fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d994134-994b-4a59-9974-f479f0b227fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Machine Learning Workspace Connection Secrets Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can list workspace connection secrets\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/secrets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2023-10-13T16:37:23.7956902Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea01e6af-a1c1-4350-9563-ad00f8c72ec5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea01e6af-a1c1-4350-9563-ad00f8c72ec5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Procurement Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the procurement of products and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\",\n \"Microsoft.SaaSHub/register/action\",\n \"Microsoft.SaaS/resources/read\",\n \"Microsoft.SaaS/resources/write\",\n \"Microsoft.SaaS/resources/delete\",\n \"Microsoft.SaaS/register/action\",\n \"Microsoft.ProfessionalService/resources/read\",\n \"Microsoft.ProfessionalService/resources/write\",\n \"Microsoft.ProfessionalService/resources/delete\",\n \"Microsoft.ProfessionalService/register/action\",\n \"Microsoft.BillingBenefits/register/action\",\n \"Microsoft.BillingBenefits/maccs/read\",\n \"Microsoft.BillingBenefits/maccs/write\",\n \"Microsoft.BillingBenefits/maccs/delete\",\n \"Microsoft.BillingBenefits/maccs/cancel/action\",\n \"Microsoft.BillingBenefits/maccs/chargeShortfall/action\",\n \"Microsoft.BillingBenefits/maccs/contributors/read\",\n \"Microsoft.BillingBenefits/credits/read\",\n \"Microsoft.BillingBenefits/credits/write\",\n \"Microsoft.BillingBenefits/credits/cancel/action\",\n \"Microsoft.BillingBenefits/credits/sources/read\",\n \"Microsoft.BillingBenefits/credits/sources/write\",\n \"Microsoft.BillingBenefits/credits/sources/delete\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/read\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/write\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/delete\",\n \"Microsoft.EnterpriseSupport/register/action\",\n \"Microsoft.SoftwarePlan/register/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/read\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/write\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/delete\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/cancel/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/listKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2025-06-17T15:17:30.9745788Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be1a1ac2-09d3-4261-9e57-a73a6e227f53\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be1a1ac2-09d3-4261-9e57-a73a6e227f53\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Contributor (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/*\",\n \"Microsoft.CognitiveSearch/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:21.2869168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Reader (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/read\",\n \"Microsoft.CognitiveSearch/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:20.8732351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79b01272-bf9f-4f4c-9517-5506269cf524\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79b01272-bf9f-4f4c-9517-5506269cf524\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/communities/delete\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/communityEndpoints/delete\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/communities/transitHubs/delete\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-25T20:51:16.2041501Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e28a61e-8040-49db-b175-bb5b88af6239\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e28a61e-8040-49db-b175-bb5b88af6239\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrative user that can upload/view firmwares & configure firmware workspaces\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-12T15:03:22.1277659Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4423915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9c1607d1-791d-4c68-885d-c7b7aaff7c8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9c1607d1-791d-4c68-885d-c7b7aaff7c8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Data Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure Key Vault by adding or removing role assignments for the Key Vault Administrator, Key Vault Certificates Officer, Key Vault Crypto Officer, Key Vault Crypto Service Encryption User, Key Vault Crypto User, Key Vault Reader, Key Vault Secrets Officer, or Key Vault Secrets User roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/vaults/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6}))\"\n }\n ],\n \"createdOn\": \"2023-06-20T22:26:01.661921Z\",\n \"updatedOn\": \"2023-12-07T01:33:05.5970688Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b54135c-b56d-4d72-a534-26097cfdc8d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b54135c-b56d-4d72-a534-26097cfdc8d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and update index tags. This role is used by the data scanner of Defender for Storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-21T15:30:31.2244258Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Diagnostics Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to execute diagnostics provided by Compute Diagnostic Service for Compute Resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/virtualmachinescalesets/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-03T15:01:36.9754614Z\",\n \"updatedOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df2711a6-406d-41cf-b366-b0250bff9ad1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df2711a6-406d-41cf-b366-b0250bff9ad1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Network Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to create Private Endpoints on SAN resources, and to read SAN resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/write\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/delete\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-11T15:16:02.2537915Z\",\n \"updatedOn\": \"2023-07-24T15:07:43.2245803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa6cecf6-5db3-4c43-8470-c540bcb4eafa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa6cecf6-5db3-4c43-8470-c540bcb4eafa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Usages Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Minimal permission to view Cognitive Services usages.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/locations/usages/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"updatedOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bba48692-92b0-4667-a9ad-c31c7b334ac2\"\n },\n {\n \"properties\": {\n \"roleName\": \"PostgreSQL Flexible Server Long Term Retention Backup Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role to allow backup vault to access PostgreSQL Flexible Server Resource APIs for Long Term Retention Backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrBackupOperations/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrPreBackup/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/startLtrBackup/action\",\n \"Microsoft.DBforPostgreSQL/locations/azureAsyncOperation/read\",\n \"Microsoft.DBforPostgreSQL/locations/operationResults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-19T15:33:56.5176195Z\",\n \"updatedOn\": \"2023-08-02T22:48:06.4502162Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c088a766-074b-43ba-90d4-1fb21feae531\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c088a766-074b-43ba-90d4-1fb21feae531\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Parameter Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal access to $status and $reindex to update search parameters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/searchparameter/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"updatedOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a02f7c31-354d-4106-865a-deedf37fa038\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a02f7c31-354d-4106-865a-deedf37fa038\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Data Access Administrator (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Virtual Machines by adding or removing role assignments for the Virtual Machine Administrator Login and Virtual Machine User Login roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52}))\"\n }\n ],\n \"createdOn\": \"2023-08-07T15:25:15.1179899Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Developer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/sites/config/list/Action\",\n \"microsoft.web/sites/config/Write\",\n \"microsoft.web/sites/config/web/appsettings/delete\",\n \"microsoft.web/sites/config/web/appsettings/write\",\n \"microsoft.web/sites/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"microsoft.web/sites/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/publish/Action\",\n \"microsoft.web/sites/slots/config/appsettings/write\",\n \"Microsoft.Web/sites/slots/config/list/Action\",\n \"microsoft.web/sites/slots/config/web/appsettings/delete\",\n \"microsoft.web/sites/slots/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/slots/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/slots/publish/Action\",\n \"microsoft.web/sites/workflows/*\",\n \"microsoft.web/sites/workflowsconfiguration/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:10.0284774Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"523776ba-4eb2-4600-a3c8-f2dc93da4bdb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.2307952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad710c24-b039-4e85-a019-deb4a06e8570\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Operator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/sites/applySlotConfig/Action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"Microsoft.Web/sites/restart/Action\",\n \"Microsoft.Web/sites/slots/restart/Action\",\n \"Microsoft.Web/sites/slots/slotsswap/Action\",\n \"Microsoft.Web/sites/slots/start/Action\",\n \"Microsoft.Web/sites/slots/stop/Action\",\n \"Microsoft.Web/sites/slotsdiffs/Action\",\n \"Microsoft.Web/sites/slotsswap/Action\",\n \"Microsoft.Web/sites/start/Action\",\n \"Microsoft.Web/sites/stop/Action\",\n \"Microsoft.Web/sites/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.616246Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.0327572Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b70c96e9-66fe-4c09-b6e7-c98e69c98555\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:52.9359215Z\",\n \"updatedOn\": \"2024-04-03T21:08:11.472321Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4accf36b-2c05-432f-91c8-5c532dff4c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"IPAM Pool User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read IPAM Pools and child resources. Create and remove associations. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkManagers/ipamPools/*/read\",\n \"Microsoft.Network/networkManagers/ipamPools/*/action\",\n \"Microsoft.Network/networkManagers/ipamPools/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"updatedOn\": \"2024-10-14T15:14:50.4699933Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\"\n },\n {\n \"properties\": {\n \"roleName\": \"SpatialMapsAccounts Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage data in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/spatialMapsAccounts/read\",\n \"Microsoft.MixedReality/spatialMapsAccounts/delete\",\n \"Microsoft.MixedReality/spatialMapsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-24T22:24:26.823752Z\",\n \"updatedOn\": \"2023-08-24T22:24:26.823752Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Notifications System Topics Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create system topics and event subscriptions on all system topics exposed currently and in the future by Azure Resource Notifications\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToImpactReportingResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToAksResources/action\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/systemTopics/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-31T17:58:41.4180876Z\",\n \"updatedOn\": \"2025-10-01T20:11:41.338522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b962ed2-6d56-471c-bd5f-3477d83a7ba4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b962ed2-6d56-471c-bd5f-3477d83a7ba4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for Importing Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preRestore/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/90e8b822-3e73-47b5-868a-787dc80c008f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"90e8b822-3e73-47b5-868a-787dc80c008f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Snapshot Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating and exporting Snapshot of Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preBackup/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c4770c0-34f7-4110-a1ea-a5855cc7a939\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c4770c0-34f7-4110-a1ea-a5855cc7a939\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-14T21:20:02.9426432Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49435da6-99fe-48a5-a235-fc668b9dc04a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49435da6-99fe-48a5-a235-fc668b9dc04a\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you subscribe messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/subscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b0f2fd7-60b4-4eca-896f-4435034f8bf5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b0f2fd7-60b4-4eca-896f-4435034f8bf5\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you publish messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/publish/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a12b0b94-b317-4dcd-84a8-502ce99884c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a12b0b94-b317-4dcd-84a8-502ce99884c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Boundary Tenant Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows tenant level administration for data boundaries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/dataBoundaries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"updatedOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1a38570-4b05-4d70-b8e4-1100bcf76d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1a38570-4b05-4d70-b8e4-1100bcf76d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Realtime Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute requests against DeID realtime endpoint. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Realtime/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"updatedOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\"\n ]\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b73a14ee-91f5-41b7-bd81-920e12466be9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b73a14ee-91f5-41b7-bd81-920e12466be9\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a90fa6b-6997-4a07-8a95-30633a7c97b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a90fa6b-6997-4a07-8a95-30633a7c97b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Carbon Optimization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Carbon Optimization data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Carbon/carbonEmissionReports/action\",\n \"Microsoft.Carbon/carbonEmissionReports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-29T19:24:38.5828579Z\",\n \"updatedOn\": \"2025-02-17T16:06:32.7430565Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa0d39e6-28e5-40cf-8521-1eb320653a4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa0d39e6-28e5-40cf-8521-1eb320653a4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Owner allowing to review and modify Landing Zone Configurations as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/*\",\n \"Microsoft.Sovereign/landingZoneRegistrations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"updatedOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/38863829-c2a4-4f8d-b1d2-2e325973ebc7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"38863829-c2a4-4f8d-b1d2-2e325973ebc7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Reader allowing to review Landing Zone Configurations and corresponding Registrations without the ability to modify. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/read\",\n \"Microsoft.Sovereign/landingZoneRegistrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"updatedOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8fe6e843-6d9e-417b-9073-106b048f50bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8fe6e843-6d9e-417b-9073-106b048f50bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Device Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Management Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/Clusters/*\",\n \"Microsoft.AzureStackHCI/EdgeDevices/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*/read\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-10T15:19:13.4820522Z\",\n \"updatedOn\": \"2025-02-11T16:14:17.6124295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"865ae368-6a45-4bd1-8fbf-0d5151f56fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Customer Lockbox Approver for Subscription\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve Microsoft support requests to access specific resources contained within a subscription, or the subscription itself, when Customer Lockbox for Microsoft Azure is enabled on the tenant where the subscription resides.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.CustomerLockbox/requests/UpdateApproval/action\",\n \"Microsoft.CustomerLockbox/requests/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/eventtypes/values/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-12T18:01:15.239432Z\",\n \"updatedOn\": \"2024-08-08T19:08:54.2825991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dae6930-7baf-46f5-909e-0383bc931c46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dae6930-7baf-46f5-909e-0383bc931c46\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Bridge Deployment Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Resource Bridge Deployment Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-16T15:13:24.2748766Z\",\n \"updatedOn\": \"2024-02-26T16:08:40.5270416Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b1f81f9-4196-4058-8aae-762e593270df\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b1f81f9-4196-4058-8aae-762e593270df\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view VMs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/Read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/Read\",\n \"Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/Read\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-19T22:56:37.6955839Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b3fe76c-f777-4d24-a2d7-b027b0f7b273\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b3fe76c-f777-4d24-a2d7-b027b0f7b273\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure AI resource besides managing the resource itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\",\n \"Microsoft.MachineLearningServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/reasonings/read\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/results/images/read\"\n ],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/ContentSafety/*\",\n \"Microsoft.CognitiveServices/accounts/MaaS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:06:45.817201Z\",\n \"updatedOn\": \"2025-04-17T17:55:39.8922431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"64702f94-c441-49e6-a78b-ef80e0188fee\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to perform all VM actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/*\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/*\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/*\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/*\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/join/action\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/join/action\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/deploy/action\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:51:51.8242229Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/874d1c73-6003-4e60-a13a-cb31ea190a85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"874d1c73-6003-4e60-a13a-cb31ea190a85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"updatedOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb960402-bf75-4cc3-8d68-35b34f960f72\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb960402-bf75-4cc3-8d68-35b34f960f72\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send and receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\",\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d8c3fe3-8864-474b-8749-01e3783e8157\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d8c3fe3-8864-474b-8749-01e3783e8157\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and triage recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageRecommendations/approve/action\",\n \"Microsoft.Advisor/triageRecommendations/reject/action\",\n \"Microsoft.Advisor/triageRecommendations/reset/action\",\n \"Microsoft.Advisor/triageResources/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:31.5895356Z\",\n \"updatedOn\": \"2025-04-02T19:27:15.4734544Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8aac15f0-d885-4138-8afa-bfb5872f7d13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8aac15f0-d885-4138-8afa-bfb5872f7d13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageResources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:32.6518882Z\",\n \"updatedOn\": \"2025-04-02T19:42:31.0079991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c64499e0-74c3-47ad-921c-13865957895c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c64499e0-74c3-47ad-921c-13865957895c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Inference Deployment Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions required to create a resource deployment within a resource group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/AutoscaleSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T18:08:40.1583451Z\",\n \"updatedOn\": \"2024-03-15T17:43:35.7204254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3afb7f49-54cb-416e-8c09-6dc049efa503\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connected Cluster Managed Identity CheckAccess Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built-in role that allows a Connected Cluster managed identity to call the checkAccess API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T19:09:07.911497Z\",\n \"updatedOn\": \"2023-11-07T16:18:43.5381941Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/65a14201-8f6c-4c28-bec4-12619c5a9aaa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"65a14201-8f6c-4c28-bec4-12619c5a9aaa\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Dataset Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dataset APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"updatedOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d4b70f-0fb9-4f72-b267-b87b2f990aec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d4b70f-0fb9-4f72-b267-b87b2f990aec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender for Storage's malware scanning and sensitive data discovery features on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/defenderforstoragesettings/read\",\n \"Microsoft.Security/defenderforstoragesettings/write\",\n \"Microsoft.Security/advancedThreatProtectionSettings/read\",\n \"Microsoft.Security/advancedThreatProtectionSettings/write\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7}))\"\n }\n ],\n \"createdOn\": \"2023-11-10T10:31:03.38275Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f641de8-0b88-4198-bdef-bd8b45ceba96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f641de8-0b88-4198-bdef-bd8b45ceba96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view AFD standard and premium profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/Usages/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/Usages/action\",\n \"Microsoft.Cdn/profiles/origingroups/Usages/action\",\n \"Microsoft.Cdn/profiles/rulesets/Usages/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-15T16:30:04.3609762Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"662802e2-50f6-46b0-aed2-e834bacc6d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-28T16:02:03.528699Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86fede04-b259-4277-8c3e-e26b9865abd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86fede04-b259-4277-8c3e-e26b9865abd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc3f91a1-40bf-4439-8c46-45edbd83563a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc3f91a1-40bf-4439-8c46-45edbd83563a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5092dac-c796-4349-8681-1a322a31c3f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5092dac-c796-4349-8681-1a322a31c3f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e7037d40-443a-4434-a3fb-8cd202011e1d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e7037d40-443a-4434-a3fb-8cd202011e1d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/enclaveConnections/delete\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/delete\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-05T16:13:20.7602458Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-07T23:59:26.5917667Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19feefae-eacc-4106-81fd-ac34c0671f14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19feefae-eacc-4106-81fd-ac34c0671f14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-08T19:37:02.3189417Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3911351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Encryption Scope Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of Encryption Scopes on a Storage Account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/encryptionScopes/read\",\n \"Microsoft.Storage/storageAccounts/encryptionScopes/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-01-10T18:58:49.3538976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a316ed6d-1efe-48ac-ac08-f7995a9c26fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a316ed6d-1efe-48ac-ac08-f7995a9c26fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Key Vault Writer Service Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/vaults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/setSecret/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-08-14T19:11:47.7610812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44f0a1a8-6fea-4b35-980a-8ff50c487c97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44f0a1a8-6fea-4b35-980a-8ff50c487c97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Release User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/release/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"updatedOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08bbd89e-9f13-488c-ac41-acfcb10c90ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08bbd89e-9f13-488c-ac41-acfcb10c90ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Runtime Storage Class Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Kubernetes Runtime storage classes in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/storageClasses/read\",\n \"Microsoft.KubernetesRuntime/storageClasses/write\",\n \"Microsoft.KubernetesRuntime/storageClasses/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-15T06:02:00.5747685Z\",\n \"updatedOn\": \"2024-08-19T15:08:52.7461468Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0cd9749a-3aaf-4ae5-8803-bd217705bf3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0cd9749a-3aaf-4ae5-8803-bd217705bf3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"updatedOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/609c0c20-e0a0-4a71-b99f-e7e755ac493d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"609c0c20-e0a0-4a71-b99f-e7e755ac493d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificate User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificates/read\",\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\",\n \"Microsoft.KeyVault/vaults/keys/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"updatedOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Managed Components Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for all managed components in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/managedComponents/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/52fd16bd-6ed5-46af-9c40-29cbd7952a29\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"52fd16bd-6ed5-46af-9c40-29cbd7952a29\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6593e776-2a30-40f9-8a32-4fe28b77655d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6593e776-2a30-40f9-8a32-4fe28b77655d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Gateway Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Gateway in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/gateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"updatedOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge On-Site Deployment Engineer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an on-site person to assist in the provisioning of an edge device\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/orderItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T11:05:20.8919638Z\",\n \"updatedOn\": \"2024-08-30T13:53:39.2810677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/207bcc4b-86a6-4487-9141-d6c1f4c238aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"207bcc4b-86a6-4487-9141-d6c1f4c238aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane read operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.ApiCenter/services/workspaces/search/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T20:37:59.9775707Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7244dfb-f447-457d-b2ba-3999044d1706\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact-insight reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact-insight read access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"updatedOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfb2f09d-25f8-4558-8986-497084006d7a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfb2f09d-25f8-4558-8986-497084006d7a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud permissions to provision the Kubernetes defender security agent\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-29T16:00:38.0450387Z\",\n \"updatedOn\": \"2024-04-08T15:07:46.3009159Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cloud Controller Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and update the cloud controller manager deployed on top of OpenShift.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/privatelinkservices/write\",\n \"Microsoft.Network/privatelinkservices/read\",\n \"Microsoft.Network/privatelinkservices/delete\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.7996135Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.5578538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1f96423-95ce-4224-ab27-4e3dc72facd4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1f96423-95ce-4224-ab27-4e3dc72facd4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Disk Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Disks. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-03-28T17:59:48.0577945Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b7237c5-45e1-49d6-bc18-a1f62f400748\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b7237c5-45e1-49d6-bc18-a1f62f400748\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Network Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install and upgrade the networking components on an OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Compute/virtualMachines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be7a6435-15ae-4171-8f30-4a343eff9e8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be7a6435-15ae-4171-8f30-4a343eff9e8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Image Registry Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Resources/tags/write\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift File Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Files. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/privateDnsOperationStatuses/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateEndpoints/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0d7aedc0-15fd-4a67-a412-efad370c947e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0d7aedc0-15fd-4a67-a412-efad370c947e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Service Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Maintain machine health, network configuration, monitoring, and other features that are specific to an OpenShift cluster's continued functionality as a managed service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-06-03T15:14:11.4486606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4436bae4-7702-4c84-919b-c4069ff25ee2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4436bae4-7702-4c84-919b-c4069ff25ee2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Machine API Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage the lifecycle of specific-purpose custom resource definitions (CRD), controllers, and Azure RBAC objects that extend the Kubernetes API to declares the desired state of machines in a cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/capacityReservationGroups/deploy/action\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action\",\n \"Microsoft.Network/applicationSecurityGroups/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNATRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-03-20T13:43:14.3948725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0358943c-7e01-48ba-8889-02cc51d78637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0358943c-7e01-48ba-8889-02cc51d78637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cluster Ingress Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and configure the OpenShift router.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsZones/A/delete\",\n \"Microsoft.Network/dnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/A/delete\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-02-14T18:54:20.1640655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0336e1d3-7a87-462b-b6db-342b63f7802c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0336e1d3-7a87-462b-b6db-342b63f7802c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources and RBAC configuration, includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n }\n ],\n \"createdOn\": \"2024-02-01T23:40:30.7387663Z\",\n \"updatedOn\": \"2024-03-12T15:09:00.907512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a382001-fe36-41ff-bba4-8bf06bd54da9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a382001-fe36-41ff-bba4-8bf06bd54da9\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/WRITE\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/*/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/*/WRITE\",\n \"Microsoft.Quota/GROUPQUOTAS/*/DELETE\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:36.8464681Z\",\n \"updatedOn\": \"2025-02-04T16:18:52.2174712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e2217c0e-04bb-4724-9580-91cf9871bc01\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e2217c0e-04bb-4724-9580-91cf9871bc01\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/subscriptions/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"updatedOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0f495dc-44ef-4140-aeb0-b89110e6a7c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0f495dc-44ef-4140-aeb0-b89110e6a7c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Smart Boundary Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Smart Boundary Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-16T08:39:51.0915233Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.223022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/539283cd-c185-4a9a-9503-d35217a1db7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"539283cd-c185-4a9a-9503-d35217a1db7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender CSPM's sensitive data discovery feature on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n }\n ],\n \"createdOn\": \"2024-02-23T11:40:48.9476806Z\",\n \"updatedOn\": \"2025-09-24T15:22:44.3542995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8480c0f0-4509-4229-9339-7c10018cb8c4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8480c0f0-4509-4229-9339-7c10018cb8c4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Recommendations Contributor (Assessments and Reviews)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View assessment recommendations, accepted review recommendations, and manage the recommendations lifecycle (mark recommendations as completed, postponed or dismissed, in progress, or not started).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Advisor/recommendations/write\",\n \"Microsoft.Advisor/recommendations/available/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-26T16:08:40.5151834Z\",\n \"updatedOn\": \"2024-03-13T23:14:21.178011Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b534d80-e337-47c4-864f-140f5c7f593d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b534d80-e337-47c4-864f-140f5c7f593d\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage GeoCatalogs, but does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9c97b9c-105d-4bb5-a2a7-7d15666c2484\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9c97b9c-105d-4bb5-a2a7-7d15666c2484\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View GeoCatalogs, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7b8f583-43d0-40ae-b147-6b46f53661c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7b8f583-43d0-40ae-b147-6b46f53661c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7661499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af854a69-80ce-4ff7-8447-f1118a2e0ca8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/RestoreBuiltinTemplate/Read\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/Read\",\n \"Microsoft.HealthBot/healthBots/Localization/Read\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/Read\",\n \"Microsoft.HealthBot/healthBots/DataConnections/Read\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/Read\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*/Read\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/Read\",\n \"Microsoft.HealthBot/healthBots/Resources/Files/Read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7381488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway Dataplane User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8503139Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c20923c5-b089-47a5-bf67-fd89569c4ad9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c20923c5-b089-47a5-bf67-fd89569c4ad9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\",\n \"Microsoft.HealthBot/healthBots/Admin/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8513161Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7431492Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1082fec-a70f-419f-9230-885d2550fb38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Network Connection Approver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve private endpoint connections to Azure AI common dependency resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/privateEndpointConnections/read\",\n \"Microsoft.ApiManagement/service/privateEndpointConnections/write\",\n \"Microsoft.ApiManagement/service/privateLinkResources/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/privateLinkResources/read\",\n \"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Cache/redisEnterprise/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write\",\n \"Microsoft.Cache/redisEnterprise/privateLinkResources/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action\",\n \"Microsoft.CognitiveServices/accounts/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write\",\n \"Microsoft.CognitiveServices/accounts/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforMySQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write\",\n \"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read\",\n \"Microsoft.DocumentDB/databaseAccounts/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/write\",\n \"Microsoft.KeyVault/vaults/privateLinkResources/read\",\n \"Microsoft.KeyVault/vaults/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/registries/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/write\",\n \"Microsoft.Storage/storageAccounts/privateLinkResources/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnections/read\",\n \"Microsoft.Sql/servers/privateEndpointConnections/write\",\n \"Microsoft.Sql/servers/privateLinkResources/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/write\",\n \"Microsoft.EventHub/namespaces/privateLinkResources/read\",\n \"Microsoft.EventHub/namespaces/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/write\",\n \"Microsoft.Search/searchServices/sharedPrivateLinkResources/read\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/write\",\n \"Microsoft.Insights/privatelinkscopes/privateLinkResources/read\",\n \"Microsoft.Insights/privatelinkscopes/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/write\",\n \"Microsoft.Network/privateLinkServices/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/write\",\n \"Microsoft.Network/applicationGateways/privateLinkResources/read\",\n \"Microsoft.Network/applicationGateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-29T22:43:58.7323849Z\",\n \"updatedOn\": \"2025-01-29T21:07:16.6125101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b556d68e-0be0-4f35-a333-ad7ee1ce17ea\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role required by a Managed Identity for Azure Container Storage operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Resources/subscriptions/providers/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-06T18:09:47.8933525Z\",\n \"updatedOn\": \"2024-03-21T21:58:56.1897725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and manage its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.6502598Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95dd08a6-00bd-4661-84bf-f6726f83a4d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95dd08a6-00bd-4661-84bf-f6726f83a4d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and grants access to its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.882353Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95de85bd-744d-4664-9dde-11430bc34793\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95de85bd-744d-4664-9dde-11430bc34793\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Locations/operationStatuses/write\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.AzureStackHCI/clusters/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:44.8716461Z\",\n \"updatedOn\": \"2025-09-25T18:20:47.1023449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d3f1697-4507-4d08-bb4a-477695db5f82\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d3f1697-4507-4d08-bb4a-477695db5f82\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/233ca253-b031-42ff-9fba-87ef12d6b55f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"233ca253-b031-42ff-9fba-87ef12d6b55f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/action\",\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f54b6d04-23c6-443e-b462-9c16ab7b4a52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f54b6d04-23c6-443e-b462-9c16ab7b4a52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Can create/delete ResourceGuard \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.DataProtection/*/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/subscriptions/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Savings plan Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase savings plans\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.BillingBenefits/savingsPlanOrders/write\",\n \"Microsoft.BIllingBenefits/register/action\",\n \"Microsoft.Support/supporttickets/write\",\n \"Microsoft.Billing/billingProperty/read\",\n \"Microsoft.CostManagement/benefitRecommendations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"updatedOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read\",\n \"Microsoft.Network/expressRouteCrossConnections/*/read\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionManager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*\",\n \"Microsoft.Network/expressRouteCrossConnections/*\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [\n \"Microsoft.Network/expressRouteCrossConnections/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/399c3b2b-64c2-4ff1-af34-571db925b068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"399c3b2b-64c2-4ff1-af34-571db925b068\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/write\",\n \"Microsoft.Security/pricings/securityoperators/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-20T15:36:16.6580488Z\",\n \"updatedOn\": \"2024-12-05T16:14:33.0969374Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e93ba01-8f92-4c7a-b12a-801e3df23824\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e93ba01-8f92-4c7a-b12a-801e3df23824\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*\",\n \"Microsoft.ApiCenter/deletedServices/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1026818Z\",\n \"updatedOn\": \"2025-06-27T17:59:17.7305662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd24193f-ef65-44e5-8a7e-6fa6e03f7713\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cba8790-29c5-48e5-bab1-c7541b01cb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Compliance Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing API compliance in Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ede9aaa3-4627-494e-be13-4aa7c256148d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Historical Weather Data Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Historical Weather Data Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:24.6069385Z\",\n \"updatedOn\": \"2024-08-08T17:08:36.118249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b192c1-773c-4543-bfb0-6c59254b74a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b192c1-773c-4543-bfb0-6c59254b74a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database VmCluster Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all VmCluster resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudExadataInfrastructures/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4654513Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9ce8739-6fa2-4123-a0a2-0ef41a67806f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9ce8739-6fa2-4123-a0a2-0ef41a67806f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Reader Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/resourceAnchors/read\",\n \"Oracle.Database/networkAnchors/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2025-08-21T18:37:52.3681201Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d623d097-b882-4e1e-a26f-ac60e31065a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d623d097-b882-4e1e-a26f-ac60e31065a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Owner Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-04T21:25:06.0488389Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4562aac9-b209-4bd7-a144-6d7f3bb516f4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4562aac9-b209-4bd7-a144-6d7f3bb516f4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle Subscriptions Manager Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle Subscriptions resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/write\",\n \"Oracle.Database/oracleSubscriptions/*/delete\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-05T15:59:48.0147406Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4caf51ec-f9f5-413f-8a94-b9f5fddba66b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4caf51ec-f9f5-413f-8a94-b9f5fddba66b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exadata Infrastructure Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Exadata Infrastructure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:26.7449799Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4cfdd23b-aece-4fd1-b614-ad3a06c53453\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4cfdd23b-aece-4fd1-b614-ad3a06c53453\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Catalog Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Catalog resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f27b7598-bc64-41f7-8a44-855ff16326c2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f27b7598-bc64-41f7-8a44-855ff16326c2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Config File Pattern Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read content of config file pattern for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.869223Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.869223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25211fc6-dc78-40b6-b205-e4ac934fd9fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25211fc6-dc78-40b6-b205-e4ac934fd9fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Hybrid Database Administrator - Read Only Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read only access to Azure hybrid database services resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/*/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/getTelemetry/action\",\n \"Microsoft.AzureArcData/sqlServerInstances/availabilityGroups/getDetailView/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"updatedOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d9c6a55-fc0e-4e21-ae6f-f7b095497342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d9c6a55-fc0e-4e21-ae6f-f7b095497342\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Business Applications Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List and update actions on a business applications system. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-04T08:02:29.5240808Z\",\n \"updatedOn\": \"2024-06-05T15:32:09.463486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure ContainerApps Session Executor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and execute sessions in a sessionPool\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/sessions/generatesessions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/interpreters/execute/action\",\n \"Microsoft.App/sessionPools/interpreters/read\",\n \"Microsoft.App/sessionPools/executions/*\",\n \"Microsoft.App/sessionPools/files/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-05T18:15:51.9984875Z\",\n \"updatedOn\": \"2024-11-01T09:37:25.3241262Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Edge Winfields federated subscription read access role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Edge Winfields role for read access on federated subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-11T23:06:49.0273732Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3701285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83ee7727-862c-4213-8ed8-2ce6c5d69a40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83ee7727-862c-4213-8ed8-2ce6c5d69a40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Federated Credential\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, update and delete federated credentials on user assigned managed identities in order to build a trust relationship between the managed identity, OpenID Connect (OIDC), and the service account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-12T00:30:33.7626424Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4504757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef318e2a-8334-4a05-9e4a-295a196c6a6e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef318e2a-8334-4a05-9e4a-295a196c6a6e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Crop Id Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Crop Id Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-19T09:07:57.429491Z\",\n \"updatedOn\": \"2024-05-15T15:18:59.4401968Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39138f76-04e6-41f0-ba6b-c411b59081a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39138f76-04e6-41f0-ba6b-c411b59081a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Events Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to scheduled event actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/scheduledevents/acknowledge/action\",\n \"Microsoft.Compute/VirtualMachines/read\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/AvailabilitySets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-23T15:07:32.157769Z\",\n \"updatedOn\": \"2024-05-03T21:25:12.6392452Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b67fe603-310e-4889-b9ee-8257d09d353d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b67fe603-310e-4889-b9ee-8257d09d353d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Recommendations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to call Compute Recommendations APIs provided by Compute Diagnostic Resource Provider service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/locations/placementScores/generate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-30T15:20:17.6310289Z\",\n \"updatedOn\": \"2024-07-02T15:07:54.755272Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e82342c9-ac7f-422b-af64-e426d2e12b2d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e82342c9-ac7f-422b-af64-e426d2e12b2d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Execution Instance List Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List instances for job executions in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91422e52-bb88-4415-bb4a-90f5b71f6dcb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91422e52-bb88-4415-bb4a-90f5b71f6dcb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for jobs in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/jobs/read\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/logstream/action\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b459aa1d-e3c8-436f-ae21-c0531140f43e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b459aa1d-e3c8-436f-ae21-c0531140f43e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T17:46:29.728767Z\",\n \"updatedOn\": \"2024-05-10T17:46:29.728767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05fdd44c-adc6-4aff-981c-61041f0c929a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05fdd44c-adc6-4aff-981c-61041f0c929a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-write access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"updatedOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a5eb8433-97a5-4a06-80b2-a877e1622c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a5eb8433-97a5-4a06-80b2-a877e1622c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/write\",\n \"Microsoft.Resources/deploymentStacks/read\",\n \"Microsoft.Resources/deploymentStacks/validate/action\",\n \"Microsoft.Resources/deploymentStacks/exportTemplate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2025-06-05T00:56:22.3468702Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf7f8882-3383-422a-806a-6526c631a88a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf7f8882-3383-422a-806a-6526c631a88a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, including those with deny assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adb29209-aa1d-457b-a786-c913953d2891\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adb29209-aa1d-457b-a786-c913953d2891\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Config Server Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Config Server in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configServers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"updatedOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/74252426-c508-480e-9345-4607bbebead4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"74252426-c508-480e-9345-4607bbebead4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Catalog Lister\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listing all repositories in an Azure Container Registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:09.4683575Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5848534Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2efddaa5-3f1f-4df3-97df-af3f13818f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2efddaa5-3f1f-4df3-97df-af3f13818f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.586855Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a1e307c-b015-4ebd-883e-5b7698a07328\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a1e307c-b015-4ebd-883e-5b7698a07328\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5818531Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b93aa761-3e63-49ed-ac28-beffa264f7ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b93aa761-3e63-49ed-ac28-beffa264f7ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DeID data. This role is in preview and subject to change\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"updatedOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78e4b983-1a0b-472e-8b7d-8d770f7c5890\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78e4b983-1a0b-472e-8b7d-8d770f7c5890\"\n },\n {\n \"properties\": {\n \"roleName\": \"Locks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Locks Operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"updatedOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28bf596f-4eb7-45ce-b5bc-6cf482fec137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28bf596f-4eb7-45ce-b5bc-6cf482fec137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Standby Container Group Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage standby container group pool resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/revisions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StandbyPool/Locations/OperationStatuses/read\",\n \"Microsoft.StandbyPool/Operations/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/delete\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/runtimeViews/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"updatedOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39fcb0de-8844-4706-b050-c28ddbe3ff83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39fcb0de-8844-4706-b050-c28ddbe3ff83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Artifacts Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for publishing gallery artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/*\",\n \"Microsoft.Compute/locations/capsOperations/read\",\n \"Microsoft.Compute/locations/communityGalleries/*\",\n \"Microsoft.Compute/locations/sharedGalleries/*\",\n \"Microsoft.Compute/images/*\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"updatedOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Viewer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant access to view all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T07:46:35.012434Z\",\n \"updatedOn\": \"2024-06-28T08:35:31.7949436Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5826735-177b-4a0d-a9a3-d0e4b4bda107\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5826735-177b-4a0d-a9a3-d0e4b4bda107\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant full access to manage all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T08:01:39.0551096Z\",\n \"updatedOn\": \"2024-06-28T08:35:33.2869473Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ccf8795-8983-4912-8036-1c45212c95e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ccf8795-8983-4912-8036-1c45212c95e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a3ab03bc-5350-42ff-b0d5-00207672db55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a3ab03bc-5350-42ff-b0d5-00207672db55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Connected InfraVMs\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role of Arc Integration for Azure Stack HCI Infrastructure Virtual Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:27.6822616Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3691302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c99c945f-8bd1-4fb1-a903-01460aae6068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c99c945f-8bd1-4fb1-a903-01460aae6068\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Delete resources during VM Restore. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/locations/diskOperations/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/checkNameAvailability/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"updatedOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce8971-25e3-42e3-ba33-6055438e3080\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce8971-25e3-42e3-ba33-6055438e3080\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight clusters, configuration, extensions, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXECUTESCRIPTACTIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/GETGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/LISTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATEENDPOINTCONNECTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATELINKRESOURCES/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESOLVEPRIVATELINKSERVICEID/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESTARTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/AUTOSCALE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/RESIZE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/PROMOTE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/UPDATEGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AVAILABLECLUSTERVERSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/BILLINGSPECS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CAPABILITIES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CHECKNAMEAVAILABILITY/ACTION\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/USAGES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/VALIDATECREATEREQUEST/ACTION\",\n \"MICROSOFT.HDINSIGHT/OPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/REGISTER/ACTION\",\n \"MICROSOFT.HDINSIGHT/RESOURCETYPES/READ\",\n \"MICROSOFT.HDINSIGHT/UNREGISTER/ACTION\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"updatedOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0847e196-2fd2-4c2f-a48c-fca6fd030f44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0847e196-2fd2-4c2f-a48c-fca6fd030f44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Compute Contributor Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Manage and configure Azure Operator Nexus infrastructure resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/classicAdministrators/operationstatuses/read\",\n \"Microsoft.Authorization/classicAdministrators/read\",\n \"Microsoft.Authorization/denyAssignments/read\",\n \"Microsoft.Authorization/diagnosticSettings/read\",\n \"Microsoft.Authorization/diagnosticSettingsCategories/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/operations/read\",\n \"Microsoft.Authorization/permissions/read\",\n \"Microsoft.Authorization/policyAssignments/read\",\n \"Microsoft.Authorization/policyAssignments/privateLinkAssociations/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read\",\n \"Microsoft.Authorization/policyDefinitions/read\",\n \"Microsoft.Authorization/policyExemptions/read\",\n \"Microsoft.Authorization/policySetDefinitions/read\",\n \"Microsoft.Authorization/providerOperations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleInstances/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleRequests/read\",\n \"Microsoft.Authorization/roleAssignmentSchedules/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleInstances/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleRequests/read\",\n \"Microsoft.Authorization/roleEligibilitySchedules/read\",\n \"Microsoft.Authorization/roleManagementPolicies/read\",\n \"Microsoft.Authorization/roleManagementPolicyAssignments/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.Insights/alertRules/activated/action\",\n \"Microsoft.Insights/alertRules/delete\",\n \"Microsoft.Insights/alertRules/incidents/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/alertRules/resolved/action\",\n \"Microsoft.Insights/alertRules/throttled/action\",\n \"Microsoft.Insights/alertRules/write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.ManagedNetworkFabric/networkFabricControllers/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkFabrics/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkRacks/join/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/cordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/delete\",\n \"Microsoft.NetworkCloud/bareMetalMachines/powerOff/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/read\",\n \"Microsoft.NetworkCloud/bareMetalMachines/reimage/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/replace/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/restart/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runDataExtracts/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runReadCommands/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/start/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/uncordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/write\",\n \"Microsoft.NetworkCloud/clusterManagers/delete\",\n \"Microsoft.NetworkCloud/clusterManagers/read\",\n \"Microsoft.NetworkCloud/clusterManagers/write\",\n \"Microsoft.NetworkCloud/clusters/bareMetalMachineKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/bmcKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/continueUpdateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/delete\",\n \"Microsoft.NetworkCloud/clusters/deploy/action\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/delete\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/read\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/write\",\n \"Microsoft.NetworkCloud/clusters/read\",\n \"Microsoft.NetworkCloud/clusters/scanRuntime/action\",\n \"Microsoft.NetworkCloud/clusters/updateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/write\",\n \"Microsoft.NetworkCloud/locations/operationStatuses/read\",\n \"Microsoft.NetworkCloud/operations/read\",\n \"Microsoft.NetworkCloud/rackSkus/read\",\n \"Microsoft.NetworkCloud/racks/delete\",\n \"Microsoft.NetworkCloud/racks/join/action\",\n \"Microsoft.NetworkCloud/racks/read\",\n \"Microsoft.NetworkCloud/racks/write\",\n \"Microsoft.NetworkCloud/register/action\",\n \"Microsoft.NetworkCloud/registeredSubscriptions/read\",\n \"Microsoft.NetworkCloud/storageAppliances/read\",\n \"Microsoft.NetworkCloud/unregister/action\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"updatedOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4aa368ec-fba9-4e93-81ed-396b3d461cc5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4aa368ec-fba9-4e93-81ed-396b3d461cc5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Instances Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to container groups provided by Azure Container Instances\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerInstance/containerGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"updatedOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d977122-f97e-4b4d-a52f-6b43003ddb4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d977122-f97e-4b4d-a52f-6b43003ddb4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read connectors and their associated resources, such as impacts and insights.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Insights/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"updatedOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cdbb904-5ff3-429d-8169-7d7818b91bd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cdbb904-5ff3-429d-8169-7d7818b91bd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Transparency Logs Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Transparency Log resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/transparencyLogs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"updatedOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Limited Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View home page.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41e04612-9dac-4699-a02b-c82ff2cc3fb5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41e04612-9dac-4699-a02b-c82ff2cc3fb5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Encryption Set Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/diskEncryptionSets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"updatedOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/136d308c-0937-4a49-9bd7-edfb42adbffc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"136d308c-0937-4a49-9bd7-edfb42adbffc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Field Imagery Solution Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Field Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-01T08:16:34.164867Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1af232de-e806-426f-8ca1-c36142449755\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1af232de-e806-426f-8ca1-c36142449755\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge Hardware Center Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an edge order administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-06T15:15:42.539443Z\",\n \"updatedOn\": \"2024-08-06T15:15:42.539443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9295f069-25d0-4f44-bb6a-3da70d11aa00\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9295f069-25d0-4f44-bb6a-3da70d11aa00\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-In Role that has all control plane permissions to work with Azure AI and its dependencies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.ContainerRegistry/registries/*\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.MachineLearningServices/workspaces/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Search/searchServices/write\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Search/searchServices/delete\",\n \"Microsoft.Search/searchServices/indexes/*\",\n \"Microsoft.Search/searchServices/listAdminKeys/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/*\",\n \"Microsoft.DataFactory/factories/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-07T23:50:52.3424998Z\",\n \"updatedOn\": \"2025-04-15T15:19:36.7198543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b78c5d69-af96-48a3-bf8d-a8b4d589de94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b78c5d69-af96-48a3-bf8d-a8b4d589de94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Image Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for reading gallery images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-09T07:40:21.6696134Z\",\n \"updatedOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cf7c76d2-98a3-4358-a134-615aa78bf44d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cf7c76d2-98a3-4358-a134-615aa78bf44d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, logstream and exec into Container Apps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/containerApps/logstream/action\",\n \"Microsoft.App/containerApps/exec/action\",\n \"Microsoft.App/containerApps/debug/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-11-13T16:12:37.8788949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f3bd1b5c-91fa-40e7-afe7-0c11d331232c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f3bd1b5c-91fa-40e7-afe7-0c11d331232c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/*/write\",\n \"Microsoft.App/managedEnvironments/*/delete\",\n \"Microsoft.App/managedEnvironments/*/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/57cc5028-e6a7-4284-868d-0611c5923f8d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"57cc5028-e6a7-4284-868d-0611c5923f8d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/write\",\n \"Microsoft.App/containerApps/*/delete\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.437978Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.437978Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/358470bc-b998-42bd-ab17-a7e34c199c0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"358470bc-b998-42bd-ab17-a7e34c199c0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps managedenvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b32c00b-7eff-4c22-93e6-93d11d72d2d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b32c00b-7eff-4c22-93e6-93d11d72d2d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/managedenvironments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/edd66693-d32a-450b-997d-0158c03976b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"edd66693-d32a-450b-997d-0158c03976b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps sessionpools.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af61e8fc-2633-4b95-bed3-421ad6826515\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af61e8fc-2633-4b95-bed3-421ad6826515\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps jobs, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.App/jobs/write\",\n \"Microsoft.App/jobs/delete\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps SessionPools, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/*/write\",\n \"Microsoft.App/sessionPools/*/delete\",\n \"Microsoft.App/sessionPools/*/action\",\n \"microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7669afb-68b2-44b4-9c5f-6d2a47fddda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7669afb-68b2-44b4-9c5f-6d2a47fddda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Durable Task role for all data access operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"updatedOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ad04412-c4d5-4796-b79c-f76d14c8d402\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ad04412-c4d5-4796-b79c-f76d14c8d402\"\n },\n {\n \"properties\": {\n \"roleName\": \"KubernetesRuntime Load Balancer Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete load balancers in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/loadBalancers/read\",\n \"Microsoft.KubernetesRuntime/loadBalancers/write\",\n \"Microsoft.KubernetesRuntime/loadBalancers/delete\",\n \"Microsoft.KubernetesRuntime/bgpPeers/read\",\n \"Microsoft.KubernetesRuntime/bgpPeers/write\",\n \"Microsoft.KubernetesRuntime/bgpPeers/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesRuntime/locations/operationStatuses/write\",\n \"Microsoft.KubernetesRuntime/services/write\",\n \"Microsoft.KubernetesRuntime/services/delete\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/write\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-26T15:01:39.6821551Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a5682fc-4f12-4b25-927e-e8cfed0c539e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a5682fc-4f12-4b25-927e-e8cfed0c539e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS Orchestrator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource group because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to create the supporting resources in the resource group of the private clouds attached virtual network and bind them to the attached virtual network. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/operationStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Network/virtualHubs/delete\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/networkIntentPolicies/read\",\n \"Microsoft.Network/networkIntentPolicies/delete\",\n \"Microsoft.Network/networkIntentPolicies/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualHubs/write\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/read\",\n \"Microsoft.Network/virtualHubs/bgpConnections/write\",\n \"Microsoft.Network/virtualHubs/bgpConnections/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{d715fb95a0f04f1c8be65ad2d2767f67, 4d97b98b1d4f4787a291c67834d212e7, 49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"updatedOn\": \"2025-02-13T20:38:23.7051408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Connector Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Service Connector.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceLinker/linkers/read\",\n \"Microsoft.ServiceLinker/linkers/delete\",\n \"Microsoft.ServiceLinker/linkers/write\",\n \"Microsoft.ServiceLinker/linkers/listConfigurations/action\",\n \"Microsoft.ServiceLinker/linkers/validateLinker/action\",\n \"Microsoft.ServiceLinker/dryruns/delete\",\n \"Microsoft.ServiceLinker/dryruns/write\",\n \"Microsoft.ServiceLinker/linkers/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/delete\",\n \"Microsoft.ServiceLinker/locations/connectors/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/validate/action\",\n \"Microsoft.ServiceLinker/locations/connectors/write\",\n \"Microsoft.ServiceLinker/locations/dryruns/delete\",\n \"Microsoft.ServiceLinker/locations/dryruns/write\",\n \"Microsoft.ServiceLinker/locations/operationStatuses/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-28T15:23:35.037597Z\",\n \"updatedOn\": \"2025-05-16T03:07:33.2225582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7003cd-07a9-490c-bfa5-23e40314f8d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7003cd-07a9-490c-bfa5-23e40314f8d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Approver Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all resources in Azure Virtual Enclaves and Approve approval requests within the Enclave\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/enclaveConnections/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/communities/communityEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/approvals/initiatorCallback/action\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T15:25:33.0231286Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.356225Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2142ea27-02ad-4094-bfea-2dbac6d24934\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2142ea27-02ad-4094-bfea-2dbac6d24934\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Update Agent\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide full access to all Azure Device Update agent operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"updatedOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a740172-0fc2-4039-972c-b31864cd47d6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a740172-0fc2-4039-972c-b31864cd47d6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Purge Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows permanent deletion of soft-deleted vaults.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/locations/operationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"updatedOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a68e7c17-0ab2-4c09-9a58-125dae29748c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a68e7c17-0ab2-4c09-9a58-125dae29748c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to perform all Face APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"updatedOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, start, and stop Container Apps jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/jobs/logstream/action\",\n \"Microsoft.App/jobs/exec/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"updatedOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) This role allows full access to Azure Operator Nexus Network Cloud resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NetworkCloud/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\"\n },\n {\n \"properties\": {\n \"roleName\": \"CloudTest Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on CloudTest Accounts, CloudTest Pools, 1ES Hosted Pools and 1ES Images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CloudTest/*/read\",\n \"Microsoft.CloudTest/hostedpools/write\",\n \"Microsoft.CloudTest/hostedpools/delete\",\n \"Microsoft.CloudTest/images/write\",\n \"Microsoft.CloudTest/images/delete\",\n \"Microsoft.CloudTest/images/cancel/action\",\n \"Microsoft.CloudTest/images/refresh/action\",\n \"Microsoft.CloudTest/pools/write\",\n \"Microsoft.CloudTest/pools/delete\",\n \"Microsoft.CloudTest/accounts/write\",\n \"Microsoft.CloudTest/accounts/delete\",\n \"Microsoft.CloudTest/pools/leases/action\",\n \"Microsoft.CloudTest/pools/leases/complete/action\",\n \"Microsoft.CloudTest/pools/leases/extend/action\",\n \"Microsoft.CloudTest/hostedpools/leases/action\",\n \"Microsoft.CloudTest/hostedpools/leases/complete/action\",\n \"Microsoft.CloudTest/hostedpools/leases/extend/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2025-08-14T01:17:34.3715766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e9d0bd4-5aab-4f91-92df-9def33fe287c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e9d0bd4-5aab-4f91-92df-9def33fe287c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Automanage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Automanage Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automanage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d6517c1-e434-405c-9f3f-e0ae65085d76\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d6517c1-e434-405c-9f3f-e0ae65085d76\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Bot Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"To perform actions on the bots by copilot studio platform and extensibility team\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.BotService/listAuthServiceProviders/action\",\n \"Microsoft.BotService/listauthserviceproviders/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/read\",\n \"Microsoft.BotService/botServices/write\",\n \"Microsoft.BotService/botServices/delete\",\n \"Microsoft.BotService/botServices/channels/write\",\n \"Microsoft.BotService/botServices/channels/read\",\n \"Microsoft.BotService/botServices/channels/listchannelwithkeys/action\",\n \"Microsoft.BotService/botServices/channels/delete\",\n \"Microsoft.BotService/botServices/channels/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/connections/read\",\n \"Microsoft.BotService/botServices/connections/write\",\n \"Microsoft.BotService/botServices/connections/delete\",\n \"Microsoft.BotService/botServices/connections/listwithsecrets/write\",\n \"Microsoft.BotService/botServices/connections/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/createemailsigninurl/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.BotService/botServices/joinPerimeter/action\",\n \"Microsoft.BotService/botServices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/checknameavailability/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/hostsettings/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/delete\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/delete\",\n \"Microsoft.BotService/listqnamakerendpointkeys/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterConfigurations/reconcile/action\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/delete\",\n \"Microsoft.BotService/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.BotService/botServices/channels/regeneratekeys/action\",\n \"Microsoft.BotService/botServices/Connections/listWithSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-12T05:29:14.6965924Z\",\n \"updatedOn\": \"2025-01-30T16:45:30.6156198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/175b81b9-6e0d-490a-85e4-0d422273c10c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"175b81b9-6e0d-490a-85e4-0d422273c10c\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for all management operations, except purge, for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fe86443c-f201-4fc4-9d2a-ac61149fbda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fe86443c-f201-4fc4-9d2a-ac61149fbda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Managed Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy and manage your Service Fabric Managed Cluster resources. Includes managed clusters, node types, application types, application type versions, applications, and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/managedclusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-17T15:06:28.2939568Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83f80186-3729-438c-ad2d-39e94d718838\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83f80186-3729-438c-ad2d-39e94d718838\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Data Importer and Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to import images into a registry through the registry import operation. Provides the ability to list repositories, view images and tags, get manifests, and pull images. Does not provide permissions for importing images through configuring registry transfer pipelines such as import and export pipelines. Does not provide permissions for importing through configuring Artifact Cache or Sync rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/importImage/action\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-19T02:48:17.8131685Z\",\n \"updatedOn\": \"2025-04-25T08:31:50.8322354Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/577a9874-89fd-4f24-9dbd-b5034d0ad23a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"577a9874-89fd-4f24-9dbd-b5034d0ad23a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Service Orchestration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants the required permissions to Azure Batch Resource Provider to manage compute and other backing resources in the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/read\",\n \"Microsoft.AzureFleet/fleets/write\",\n \"Microsoft.AzureFleet/fleets/read\",\n \"Microsoft.AzureFleet/fleets/delete\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/approveRollingUpgrade/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/deallocate/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete/action\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimage/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimageall/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/restart/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/start/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/extensions/read\",\n \"microsoft.Compute/virtualMachineScaleSets/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualmachines/restart/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Network/networkWatchers/read\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T04:53:47.7198421Z\",\n \"updatedOn\": \"2025-02-12T16:18:23.8859317Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a35466a1-cfd6-450a-b35e-683fcdf30363\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a35466a1-cfd6-450a-b35e-683fcdf30363\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft PowerBI Tenant Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of tenant operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerBI/tenants/workspaces/read\",\n \"Microsoft.PowerBI/tenants/workspaces/delete\",\n \"Microsoft.PowerBI/tenants/read\",\n \"Microsoft.PowerBI/tenants/delete\",\n \"Microsoft.PowerBI/tenants/write\",\n \"Microsoft.PowerBI/tenants/workspaces/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"updatedOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8c87871d-6201-42da-abb1-1c0c985ff71c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8c87871d-6201-42da-abb1-1c0c985ff71c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage your Service Fabric Cluster resources. Includes clusters, application types, application type versions, applications, and services. You will need additional permissions to deploy and manage the cluster's underlying resources such as virtual machine scale sets, storage accounts, networks, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/clusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-01T15:07:22.3648709Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6efc156-f0da-4e90-a50a-8c000140b017\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6efc156-f0da-4e90-a50a-8c000140b017\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6e0c8711-85a0-4490-8365-8ec13c4560b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6e0c8711-85a0-4490-8365-8ec13c4560b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/streamingjobs/Read\",\n \"Microsoft.StreamAnalytics/streamingjobs/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/Read\",\n \"Microsoft.StreamAnalytics/clusters/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/ListStreamingJobs/action\",\n \"Microsoft.StreamAnalytics/locations/*/Read\",\n \"Microsoft.StreamAnalytics/operations/Read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dfc38e8-6ce7-447f-807c-029c65262c5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dfc38e8-6ce7-447f-807c-029c65262c5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Worker\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by worker applications to interact with the Durable Task service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/execute/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-04T12:40:48.3980573Z\",\n \"updatedOn\": \"2025-07-10T20:34:53.5413918Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80d0d6b0-f522-40a4-8886-a5a11720c375\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80d0d6b0-f522-40a4-8886-a5a11720c375\"\n },\n {\n \"properties\": {\n \"roleName\": \"Portal Dashboard Writer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can write an Azure Portal Dashboard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Portal/dashboards/read\",\n \"Microsoft.Portal/dashboards/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-08T15:25:11.3964685Z\",\n \"updatedOn\": \"2025-07-23T23:16:02.9942117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78eacb5e-e318-4560-85a9-e6a724ca60c9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78eacb5e-e318-4560-85a9-e6a724ca60c9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Owner allowing to review and modify Landing Zone Account, Landing Zone Configurations, as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Reader allowing to read Landing Zone Account, Landing Zone Configurations and Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2718b1f7-eb07-424e-8868-0137541392a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2718b1f7-eb07-424e-8868-0137541392a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Windows365.CloudPcDelegatedMsis Writer User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role to perform Write operations on CloudPcDelegatedMsis resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Windows365/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": \"dipakmahajan\",\n \"updatedBy\": \"dipakmahajan\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21bffb94-04c0-4ed0-b676-68bb926e832b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21bffb94-04c0-4ed0-b676-68bb926e832b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Job Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit and manage jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/batchAccounts/applications/read\",\n \"Microsoft.Batch/batchAccounts/applications/versions/read\",\n \"Microsoft.Batch/batchAccounts/pools/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48e5e92e-a480-4e71-aa9c-2778f4c13781\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48e5e92e-a480-4e71-aa9c-2778f4c13781\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources including pools and jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2025-08-07T11:36:35.1603929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11076f67-66f6-4be0-8f6b-f0609fd05cc9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11076f67-66f6-4be0-8f6b-f0609fd05cc9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Batch resources, including Batch accounts, pools and jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2025-08-07T12:06:49.3936883Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29fe4964-1e60-436b-bd3a-77fd4c178b3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29fe4964-1e60-436b-bd3a-77fd4c178b3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to manage Batch pools and jobs but not to modify accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/batchAccounts/read\",\n \"Microsoft.Batch/batchAccounts/applications/*\",\n \"Microsoft.Batch/batchAccounts/certificates/*\",\n \"Microsoft.Batch/batchAccounts/certificateOperationResults/*\",\n \"Microsoft.Batch/batchAccounts/pools/*\",\n \"Microsoft.Batch/batchAccounts/poolOperationResults/*\",\n \"Microsoft.Batch/locations/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aaa78f1-f7de-44ca-8722-c64a23943cae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aaa78f1-f7de-44ca-8722-c64a23943cae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and files. This role is used by the data scanner of Dfender CSPM.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-11-06T16:01:17.0833766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Managed Grafana Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure Managed Grafana resources, without providing access to the workspaces themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/grafana/write\",\n \"Microsoft.Dashboard/grafana/delete\",\n \"Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/action\",\n \"Microsoft.Dashboard/locations/operationStatuses/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/delete\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/write\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/write\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T19:05:56.9094034Z\",\n \"updatedOn\": \"2025-05-16T00:34:45.2747678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows to call data plane APIs, but not any control plane APIs for Microsoft Cognitive Services. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"updatedOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19c28022-e58e-450d-a464-0b2a53034789\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19c28022-e58e-450d-a464-0b2a53034789\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to Container Apps ConnectedEnvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-18T03:26:58.612812Z\",\n \"updatedOn\": \"2024-10-18T03:26:58.612812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd80684d-2f5f-4130-892a-0955546282de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd80684d-2f5f-4130-892a-0955546282de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/nodes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"updatedOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Experiment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, run, and see details for experiments, onboard targets, and manage capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2875737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7c2e40b7-25eb-482a-82cb-78ba06cb46d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7c2e40b7-25eb-482a-82cb-78ba06cb46d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view targets, capabilities, experiments, and experiment details.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:35.5075532Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29e2da8a-229c-4157-8ae8-cc72fc506b74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29e2da8a-229c-4157-8ae8-cc72fc506b74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can run and see details for experiments but cannot create experiments or manage targets and capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:07.6428446Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2476916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a40e87e-6645-48e0-b27a-0b115d849a20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a40e87e-6645-48e0-b27a-0b115d849a20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Connectors Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Connectors resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff478a4e-8633-416e-91bc-ec33ce7c9516\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff478a4e-8633-416e-91bc-ec33ce7c9516\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ConnectedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/connectedEnvironments/*\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/*/write\",\n \"Microsoft.App/connectedEnvironments/*/delete\",\n \"Microsoft.App/connectedEnvironments/*/action\",\n \"Microsoft.App/connectedEnvironments/daprComponents/listSecrets/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f4fe6fc-f04f-4d97-8528-8bc18c848dca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f4fe6fc-f04f-4d97-8528-8bc18c848dca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Contributor and Data Access Configuration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to create, list, and update container registries and registry configuration properties. Provides permissions to configure data access such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/write\",\n \"Microsoft.ContainerRegistry/registries/delete\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/regenerateCredential/action\",\n \"Microsoft.ContainerRegistry/registries/generateCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/write\",\n \"Microsoft.ContainerRegistry/registries/replications/delete\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/delete\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/write\",\n \"Microsoft.ContainerRegistry/registries/tokens/delete\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/write\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/delete\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/write\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/delete\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/deactivate/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/write\",\n \"Microsoft.ContainerRegistry/registries/webhooks/delete\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/ping/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.ContainerRegistry/locations/operationResults/read\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/privateEndpoints/privateLinkServiceProxies/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"updatedOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bc748fc-213d-45c1-8d91-9da5725539b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bc748fc-213d-45c1-8d91-9da5725539b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Health Safeguards Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in all available Health Safeguards\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalAnchoring/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalCodesValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalConflictDetection/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalEvidenceVerification/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalProvenance/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalSemanticValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/DetectHallucinationsAndOmissions/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/HealthAdaptedFiltering/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-25T13:47:32.4836018Z\",\n \"updatedOn\": \"2024-12-09T16:09:07.9062467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/566f0da3-e2a5-4393-9089-763f8bab8fb6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"566f0da3-e2a5-4393-9089-763f8bab8fb6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Configuration Reader and Data Access Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to list container registries and registry configuration properties. Provides permissions to list data access configuration such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"updatedOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69b07be0-09bf-439a-b9a6-e73de851bd59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69b07be0-09bf-439a-b9a6-e73de851bd59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Transfer Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to transfer, import, and export artifacts through configuring registry transfer pipelines that involve intermediary storage accounts and key vaults. Does not provide permissions to push or pull images. Does not provide permissions to create, manage, or list storage accounts or key vaults. Does not provide permissions to perform role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/exportPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/read\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/write\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"updatedOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization App Attach Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to manage app attach resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/write\",\n \"Microsoft.DesktopVirtualization/appattachpackages/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"updatedOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/97dfb3ce-e936-462c-9425-9cdb67e66d45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"97dfb3ce-e936-462c-9425-9cdb67e66d45\"\n },\n {\n \"properties\": {\n \"roleName\": \"HybridCompute Machine ListAccessDetails Action In-Built Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"In-Built Role definition that grants permissions to execute the listAccessDetails action on HybridCompute Machines\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/listAccessDetails/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-08T16:19:16.7242676Z\",\n \"updatedOn\": \"2025-03-12T16:00:45.5699939Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9701b4d-e6e7-4657-91cd-360a0881d224\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9701b4d-e6e7-4657-91cd-360a0881d224\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage App Service Environments but not the App Service Plans or Websites that it hosts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Web/hostingEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"updatedOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Subscription Level Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud subscription level permissions needed to activate Containers plan\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-14T10:01:45.877748Z\",\n \"updatedOn\": \"2024-12-12T11:16:08.7763533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ada52afe-776a-4b4d-a8f2-55670d3d8178\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ada52afe-776a-4b4d-a8f2-55670d3d8178\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quantum Workspace Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Quantum/Workspaces/read\",\n \"Microsoft.Quantum/locations/offerings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Quantum/Workspaces/jobs/read\",\n \"Microsoft.Quantum/Workspaces/jobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"updatedOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1410b24-3e69-4857-8f86-4d0a2e603250\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1410b24-3e69-4857-8f86-4d0a2e603250\"\n },\n {\n \"properties\": {\n \"roleName\": \"Communication and Email Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete Communications and Email Service resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Communication/CheckNameAvailability/action\",\n \"Microsoft.Communication/Locations/OperationStatuses/read\",\n \"Microsoft.Communication/Locations/OperationStatuses/write\",\n \"Microsoft.Communication/Operations/read\",\n \"Microsoft.Communication/CommunicationServices/read\",\n \"Microsoft.Communication/CommunicationServices/write\",\n \"Microsoft.Communication/CommunicationServices/delete\",\n \"Microsoft.Communication/CommunicationServices/ListKeys/action\",\n \"Microsoft.Communication/CommunicationServices/RegenerateKey/action\",\n \"Microsoft.Communication/CommunicationServices/LinkNotificationHub/action\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/read\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/write\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/delete\",\n \"Microsoft.Communication/EmailServices/read\",\n \"Microsoft.Communication/EmailServices/write\",\n \"Microsoft.Communication/EmailServices/delete\",\n \"Microsoft.Communication/EmailServices/Domains/read\",\n \"Microsoft.Communication/EmailServices/Domains/write\",\n \"Microsoft.Communication/EmailServices/Domains/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/read\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/write\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/delete\",\n \"Microsoft.Communication/EmailServices/Domains/InitiateVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/CancelVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"updatedOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/09976791-48a7-449e-bb21-39d1a415f350\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"09976791-48a7-449e-bb21-39d1a415f350\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Autonomous Database Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Autonomous Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/autonomousDatabases/*/read\",\n \"Oracle.Database/autonomousDatabases/*/write\",\n \"Oracle.Database/autonomousDatabases/*/delete\",\n \"Oracle.Database/autonomousDatabases/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-03T16:00:22.0003479Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59c05558-2358-462d-ba19-afbd7118936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59c05558-2358-462d-ba19-afbd7118936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Safety Evaluator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can perform all actions under workspace evaluations and simulations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/evaluations/*\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"updatedOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11102f94-c441-49e6-a78b-ef80e0188abc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11102f94-c441-49e6-a78b-ef80e0188abc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Tasks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to configure, read, list, trigger, or cancel Container Registry Tasks, Task Runs, Task Logs, Quick Runs, Quick Builds, and Task Agent Pools. Permissions granted for Tasks management can be used for full registry data plane permissions including reading/writing/deleting container images in registries. Permissions granted for Tasks management can also be used to run customer authored build directives and run scripts to build software artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/agentpools/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/write\",\n \"Microsoft.ContainerRegistry/registries/agentpools/delete\",\n \"Microsoft.ContainerRegistry/registries/agentpools/listQueueStatus/action\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationResults/status/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/write\",\n \"Microsoft.ContainerRegistry/registries/tasks/delete\",\n \"Microsoft.ContainerRegistry/registries/tasks/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/scheduleRun/action\",\n \"Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/read\",\n \"Microsoft.ContainerRegistry/registries/runs/write\",\n \"Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/cancel/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/read\",\n \"Microsoft.ContainerRegistry/registries/taskruns/write\",\n \"Microsoft.ContainerRegistry/registries/taskruns/delete\",\n \"Microsoft.ContainerRegistry/registries/taskruns/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/operationStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"updatedOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb382eab-e894-4461-af04-94435c366c3f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb382eab-e894-4461-af04-94435c366c3f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Backup Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permissions to backup identity to manage RPC snapshots\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/restorePointCollections/read\",\n \"Microsoft.Compute/restorePointCollections/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T12:02:58.1197573Z\",\n \"updatedOn\": \"2025-03-17T15:14:48.6639401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/afc680e2-a938-412d-b213-9a49efa7fb83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"afc680e2-a938-412d-b213-9a49efa7fb83\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS on Fleet VIS Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to inject address prefix changes of the private clouds attached virtual network to SDN and support peering sync feature. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.BareMetal/peeringSettings/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Authorization/roleAssignments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2025-01-13T16:06:06.5931961Z\",\n \"updatedOn\": \"2025-06-11T06:31:53.4195138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49fc33c1-886f-4b21-a00e-1d9993234734\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49fc33c1-886f-4b21-a00e-1d9993234734\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Management Copilot User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables users access to Edge Management Copilot.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeManagement/locations/chat/action\",\n \"Microsoft.EdgeManagement/troubleshoot/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T02:53:10.7767692Z\",\n \"updatedOn\": \"2025-09-01T15:03:56.0546394Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53e48117-a530-4075-bcbe-d91913e3bdb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53e48117-a530-4075-bcbe-d91913e3bdb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all Durable Task Scheduler data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/read\",\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T21:39:28.7653514Z\",\n \"updatedOn\": \"2025-07-10T20:34:54.3629229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Edge Machine Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Edge Machine Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"updatedOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a6f9009-515c-4455-b170-143e4c9ce229\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a6f9009-515c-4455-b170-143e4c9ce229\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\",\n \"Microsoft.OnlineExperimentation/workspaces/write\",\n \"Microsoft.OnlineExperimentation/workspaces/delete\",\n \"Microsoft.OnlineExperimentation/workspaces/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.7573167Z\",\n \"updatedOn\": \"2025-02-14T17:38:48.3796504Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53747cdd-e97c-477a-948c-b587d0e514b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53747cdd-e97c-477a-948c-b587d0e514b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"updatedOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1363e94d-546f-4fe9-8434-b0eefb292d59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1363e94d-546f-4fe9-8434-b0eefb292d59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Target Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard targets and manage capabilities but cannot create, run, or see details for experiments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"updatedOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59a618e3-3c9a-406e-9f03-1a20dd1c55f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59a618e3-3c9a-406e-9f03-1a20dd1c55f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Auto Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Auto Actions resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/OperationStatuses/write\",\n \"Microsoft.ComputeSchedule/autoActions/write\",\n \"Microsoft.ComputeSchedule/autoActions/delete\",\n \"Microsoft.ComputeSchedule/autoActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/disable/action\",\n \"Microsoft.ComputeSchedule/autoActions/enable/action\",\n \"Microsoft.ComputeSchedule/autoActions/listResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/listResources/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"updatedOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d01690-9418-4783-8ca2-9f0f1791783d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d01690-9418-4783-8ca2-9f0f1791783d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Onboarding Discovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write or delete the discovery and it's child resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DeviceOnboarding/discoveryServices/*\",\n \"Microsoft.DeviceOnboarding/locations/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"updatedOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a227fb39-f479-404b-96fd-0176f5d88ab4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a227fb39-f479-404b-96fd-0176f5d88ab4\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:00:59.904969Z\",\n \"updatedOn\": \"2025-02-24T16:00:59.904969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31ef6312-5b0c-4ce9-8c5d-587a91344fe7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31ef6312-5b0c-4ce9-8c5d-587a91344fe7\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\",\n \"Microsoft.Compute/sshpublickeys/write\",\n \"Microsoft.Compute/sshpublickeys/delete\",\n \"Microsoft.Compute/sshpublickeys/generatekeypair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"updatedOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Agent Pool Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for agentpool related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/write\",\n \"Microsoft.ContainerService/managedClusters/agentPools/delete\",\n \"Microsoft.ContainerService/managedClusters/agentPools/upgradeNodeImageVersion/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/abort/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"updatedOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b7f3653-4324-473a-9165-bc55e4d04ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b7f3653-4324-473a-9165-bc55e4d04ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Serverless Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Serverless resources and thier connections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.web/sites/publish/action\",\n \"microsoft.web/sites/slots/publish/action\",\n \"microsoft.web/sites/config/list/action\",\n \"microsoft.web/sites/slots/config/list/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T09:38:08.4219917Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ac31b4-936a-4046-a6d2-ba6f8a757bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ac31b4-936a-4046-a6d2-ba6f8a757bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dedicated Host Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for DedicatedHosts Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/hostGroups/read\",\n \"Microsoft.Compute/hostGroups/write\",\n \"Microsoft.Compute/hostGroups/delete\",\n \"Microsoft.Compute/hostGroups/hosts/read\",\n \"Microsoft.Compute/hostGroups/hosts/write\",\n \"Microsoft.Compute/hostGroups/hosts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Fleet Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Compute Fleet resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureFleet/fleets/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2bed379c-9fba-455b-99e4-6b911073bcf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2bed379c-9fba-455b-99e4-6b911073bcf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Credential Access Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane get credentials operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/getCredentials/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"updatedOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1df7cd83-1d3f-41df-95b0-53b30d963369\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1df7cd83-1d3f-41df-95b0-53b30d963369\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Federated Identity Credential Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity Federated Identity Credentials(FIC)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"updatedOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e559ce2-48d7-4b27-9128-fa1b247f1308\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e559ce2-48d7-4b27-9128-fa1b247f1308\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides full access to manage all Azure File Sync (Storage Sync Service) resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/register/action\",\n \"Microsoft.StorageSync/unregister/action\",\n \"Microsoft.StorageSync/locations/*\",\n \"Microsoft.StorageSync/deployments/preflight/action\",\n \"Microsoft.StorageSync/storageSyncServices/*\",\n \"Microsoft.StorageSync/operations/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:11:32.1254077Z\",\n \"updatedOn\": \"2025-05-21T16:06:38.6938985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92b92042-07d9-4307-87f7-36a593fc5850\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to Azure File Sync service (Storage Sync Service).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:26:47.840119Z\",\n \"updatedOn\": \"2025-03-27T21:26:47.840119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/754c1a27-40dc-4708-8ad4-2bffdeee09e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"754c1a27-40dc-4708-8ad4-2bffdeee09e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Cluster API Provider\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions to allow cluster API to manage nodes, networks and disks for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-28T17:59:48.0497955Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5098891Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88366f10-ed47-4cc0-9fab-c8a06148393e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88366f10-ed47-4cc0-9fab-c8a06148393e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions for all management operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"updatedOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c7a01fe-5518-4a42-93c2-658e45441691\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c7a01fe-5518-4a42-93c2-658e45441691\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale Storage Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale Storage Vaults\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exascaleDbStorageVaults/write\",\n \"Oracle.Database/exascaleDbStorageVaults/delete\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3733644Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2643111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a00ed373-f085-4b75-a950-53eacdc52ac0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a00ed373-f085-4b75-a950-53eacdc52ac0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"updatedOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58b80de8-4b34-424c-9e47-23faf0f7cfe2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58b80de8-4b34-424c-9e47-23faf0f7cfe2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Flux Configurations Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Flux Configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/write\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/delete\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"updatedOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61eb6405-5f4a-440b-ad03-fe06c5c85e44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61eb6405-5f4a-440b-ad03-fe06c5c85e44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Issue Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all issues data and update issues settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AlertsManagement/Issues/*\",\n \"microsoft.monitor/accounts/issues/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:12.3898424Z\",\n \"updatedOn\": \"2025-08-08T06:45:21.8923687Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d7ecc5c-f27b-43cf-883f-46409d445502\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d7ecc5c-f27b-43cf-883f-46409d445502\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Credential Sets in Container Registry. This role doesn't affect the needed permissions for storing content inside Azure Key Vault. This role also doesn't grant permissions to manage Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/write\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/delete\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f094fb07-0703-4400-ad6a-e16dd8000e14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f094fb07-0703-4400-ad6a-e16dd8000e14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale VmCluster Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale VmClusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/exadbVmClusters/*/write\",\n \"Oracle.Database/exadbVmClusters/*/delete\",\n \"Oracle.Database/exadbVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0869d06d-e3d1-4472-8764-1bb71b2bdaf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0869d06d-e3d1-4472-8764-1bb71b2bdaf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Credential Sets in Container Registry. This permission doesn't allow permission to see content inside Azure Key vault only the content inside Container Registry. This permission doesn't grant permission to read Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29093635-9924-4f2c-913b-650a12949526\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29093635-9924-4f2c-913b-650a12949526\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Cache Rules in Container Registry. This permission doesn't grant permission to read Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c357b964-0002-4b64-a50d-7a28f02edc52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c357b964-0002-4b64-a50d-7a28f02edc52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Cache Rules in Container Registry. This role doesn't grant permissions to manage Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/write\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/delete\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df87f177-bb12-4db1-9793-a413691eff94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df87f177-bb12-4db1-9793-a413691eff94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Account resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/accounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2593f4c7-8bf4-4fff-9804-2ee069b41902\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2593f4c7-8bf4-4fff-9804-2ee069b41902\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Enterprise Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Enterprise Policy resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/enterprisePolicies/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/babe7770-cdbc-4f46-9bd7-b90b34842946\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"babe7770-cdbc-4f46-9bd7-b90b34842946\"\n },\n {\n \"properties\": {\n \"roleName\": \"Usage Billing Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.UsageBilling/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/33cdeeac-0940-4f85-9317-7e2432c17289\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"33cdeeac-0940-4f85-9317-7e2432c17289\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Solution External Validator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to fetch targets, solution templates, solutions and update the external validation status\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/targets/read\",\n \"Microsoft.Edge/solutionTemplates/read\",\n \"Microsoft.Edge/solutionTemplates/versions/read\",\n \"Microsoft.Edge/targets/solutions/versions/read\",\n \"Microsoft.Edge/targets/updateExternalValidationStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db9875ba-bd2b-4e98-934d-0daa549a07f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db9875ba-bd2b-4e98-934d-0daa549a07f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Project Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/accounts/*/read\",\n \"Microsoft.CognitiveServices/accounts/projects/*\",\n \"Microsoft.CognitiveServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.5915009Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eadc314b-1a2d-4efa-be10-5d325db5065e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Dashboards with Grafana Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage dashboards with Grafana.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/dashboards/read\",\n \"Microsoft.Dashboard/dashboards/write\",\n \"Microsoft.Dashboard/dashboards/delete\",\n \"Microsoft.Dashboard/locations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"updatedOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0618ae3d-2930-4bb7-aa00-718db34ee9f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0618ae3d-2930-4bb7-aa00-718db34ee9f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage AI projects and accounts. Grants conditional assignment of the Azure AI User role to other user principles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-05-01T00:11:10.589501Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.589501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e47c6f54-e4a2-4754-9501-8e0985b135e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e47c6f54-e4a2-4754-9501-8e0985b135e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Secrets Store Extension Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, create and modify secretsync and secretproviderclass objects. Register and deregister the provider from the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecretSyncController/register/action\",\n \"Microsoft.SecretSyncController/unregister/action\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/read\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/write\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/delete\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/read\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/write\",\n \"Microsoft.SecretSyncController/operations/read\",\n \"Microsoft.SecretSyncController/secretSyncs/read\",\n \"Microsoft.SecretSyncController/secretSyncs/write\",\n \"Microsoft.SecretSyncController/secretSyncs/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"updatedOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c227a58-cff3-4b51-9fa3-51bdafb6ca55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c227a58-cff3-4b51-9fa3-51bdafb6ca55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants reader access to AI projects, reader access to AI accounts, and data actions for an AI project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"updatedOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53ca6127-db72-4b80-b1b0-d745d6d5456d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53ca6127-db72-4b80-b1b0-d745d6d5456d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Control Plane Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables the control plane operator to read resources necessary for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.113071Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.113071Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0ff367d-66d8-445e-917c-583feb0ef0d4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0ff367d-66d8-445e-917c-583feb0ef0d4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Azure resources needed by Azure Kubernetes Fleet Manager hub agents.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/trafficManagerProfiles/read\",\n \"Microsoft.Network/trafficManagerProfiles/write\",\n \"Microsoft.Network/trafficManagerProfiles/delete\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/read\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/write\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-05T15:00:30.7938727Z\",\n \"updatedOn\": \"2025-05-23T17:06:06.3537994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de2b316d-7a2c-4143-b4cd-c148f6a355a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de2b316d-7a2c-4143-b4cd-c148f6a355a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration IT Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to manage the IT Admin operations for Workload Orchestration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/eventGridFilters/delete\",\n \"Microsoft.Edge/contexts/eventGridFilters/read\",\n \"Microsoft.Edge/contexts/eventGridFilters/write\",\n \"Microsoft.Edge/contexts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"updatedOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63304235-eaf4-4c15-8e93-46c483611231\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63304235-eaf4-4c15-8e93-46c483611231\"\n },\n {\n \"properties\": {\n \"roleName\": \"Arc Gateway Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Arc Gateway Resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-08T18:19:27.614475Z\",\n \"updatedOn\": \"2025-05-08T18:19:27.614475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6e92014-8af2-414d-9948-9b1abf559285\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6e92014-8af2-414d-9948-9b1abf559285\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Machine Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for machine related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/deleteMachines/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"updatedOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e253927-1f29-4d89-baa2-c3a549eff423\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e253927-1f29-4d89-baa2-c3a549eff423\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/DevicePools/read\",\n \"Microsoft.AzureStackHCI/DevicePools/ClaimDevices/action\",\n \"Microsoft.AzureStackHCI/DevicePools/ReleaseDevices/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:48.828656Z\",\n \"updatedOn\": \"2025-05-15T08:48:48.828656Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adc3c795-c41e-4a89-a478-0b321783324c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adc3c795-c41e-4a89-a478-0b321783324c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/Read/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/Jobs/Read/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"updatedOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5f569efd-4da5-4123-99cd-d42fbb2a836e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5f569efd-4da5-4123-99cd-d42fbb2a836e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all monitoring data, update permissions for monitoring settings and permissions to deploy and remediate Azure Monitor alert policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PolicyInsights/remediations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"updatedOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47be4a87-7950-4631-9daf-b664a405f074\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47be4a87-7950-4631-9daf-b664a405f074\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for a file or Azure file share that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"updatedOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage table that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"updatedOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/965033a5-c8eb-4f35-b82f-fef460a3606d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"965033a5-c8eb-4f35-b82f-fef460a3606d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage queue that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"updatedOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ee386e9-84f0-448e-80a6-f185f6533131\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ee386e9-84f0-448e-80a6-f185f6533131\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteCreate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDelete/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-23T15:34:55.7571301Z\",\n \"updatedOn\": \"2025-06-06T16:43:20.1338695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6fbca9a8-3561-41fd-8b20-6576043c1076\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6fbca9a8-3561-41fd-8b20-6576043c1076\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Machine Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Machine Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/delete\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/delete\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\",\n \"Microsoft.HybridCompute/machines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-28T15:24:16.9803048Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.7881209Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"AI Model Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for AI access to AI services and resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/versions/read\",\n \"Microsoft.MachineLearningServices/workspaces/datastores/read\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/artifacts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-11T15:26:11.6009304Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9beb50-e28c-4879-8472-24c9d328085f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9beb50-e28c-4879-8472-24c9d328085f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to read Azure Kubernetes Service namespace resources. In-cluster namespace access further requires assignment of Azure Kubernetes Service RBAC roles to the namespace resource for an Entra ID enabled cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/listCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"updatedOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9f76ca8-b262-4b10-8ed2-09cf0948aa35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9f76ca8-b262-4b10-8ed2-09cf0948aa35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Azure Kubernetes Service namespace resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"updatedOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/289d8817-ee69-43f1-a0af-43a45505b488\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"289d8817-ee69-43f1-a0af-43a45505b488\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))\"\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4834641Z\",\n \"updatedOn\": \"2025-07-03T17:24:32.4630198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c6569b6-f23e-4295-9b90-bd4cc4ff3292\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevOps Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on Managed DevOps Pools\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevOpsInfrastructure/register/action\",\n \"Microsoft.DevOpsInfrastructure/unregister/action\",\n \"Microsoft.DevOpsInfrastructure/*/read\",\n \"Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write\",\n \"Microsoft.DevOpsInfrastructure/pools/write\",\n \"Microsoft.DevOpsInfrastructure/pools/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4784655Z\",\n \"updatedOn\": \"2025-07-17T00:34:35.8546315Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76153a9e-0edb-49bc-8e01-93c47e6b5180\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view billing information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"updatedOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/32c34659-0f83-4a4c-80f2-63a244f8ae0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"32c34659-0f83-4a4c-80f2-63a244f8ae0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view sensitive security information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"updatedOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Edge Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role for managing operations in azure stack edge\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/downloadUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/generateCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/getExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/installUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/listDCAccessCode/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/scanForUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/update/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/uploadCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"updatedOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12b8206a-0216-4469-908d-a3e2025fe085\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12b8206a-0216-4469-908d-a3e2025fe085\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grounding with Bing User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enable Approved Microsoft Applications to connect to Bing to retrieve and ground responses using real-time data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Bing/accounts/useGrounding/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T15:16:52.842097Z\",\n \"updatedOn\": \"2025-06-25T15:16:52.842097Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2016c9ed-c18d-4120-93d7-178e583efe92\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2016c9ed-c18d-4120-93d7-178e583efe92\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Advisor Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission to delete and write access for suppressions, configurations and assmessments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/suppressions/write\",\n \"Microsoft.Advisor/suppressions/delete\",\n \"Microsoft.Advisor/recommendations/suppressions/write\",\n \"Microsoft.Advisor/recommendations/suppressions/delete\",\n \"Microsoft.Advisor/assessments/write\",\n \"Microsoft.Advisor/configurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T19:21:21.1733164Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.2108089Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a41f41-6dce-4ea7-8a34-8e095ddba55c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a41f41-6dce-4ea7-8a34-8e095ddba55c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Resource Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Resource Admin\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"updatedOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/548d7e7c-65ee-412b-ae37-2dbb419d4207\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"548d7e7c-65ee-412b-ae37-2dbb419d4207\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Bulk Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to perform bulk operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/bulkOperator/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/bulkOperator/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"updatedOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Administrator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/checkNameAvailability/action\",\n \"Microsoft.Discovery/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830}))\"\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-23T16:53:36.843759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a2b6e6c-472e-4b39-8878-a26eb63d75c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a2b6e6c-472e-4b39-8878-a26eb63d75c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants readonly permissions to view Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bb7c424-af4e-436b-bfcc-8779c8934c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bb7c424-af4e-436b-bfcc-8779c8934c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view and operate on most Discovery platform resources, including workspaces, supercomputers, storages, agents, bookshelves, data containers, models, tools, workflows, and investigations, as well as perform data plane actions, but does not allow creating, updating, or deleting core resources such as workspaces, supercomputers, storages, bookshelves, node pools, or projects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Discovery/workspaces/read\",\n \"Microsoft.Discovery/supercomputers/read\",\n \"Microsoft.Discovery/storages/read\",\n \"Microsoft.Discovery/agents/*\",\n \"Microsoft.Discovery/bookshelves/read\",\n \"Microsoft.Discovery/dataContainers/*\",\n \"Microsoft.Discovery/dataContainers/dataAssets/*\",\n \"Microsoft.Discovery/models/*\",\n \"Microsoft.Discovery/supercomputers/nodePools/read\",\n \"Microsoft.Discovery/tools/*\",\n \"Microsoft.Discovery/workflows/*\",\n \"Microsoft.Discovery/workspaces/projects/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.Discovery/workspaces/write\",\n \"Microsoft.Discovery/workspaces/delete\",\n \"Microsoft.Discovery/supercomputers/write\",\n \"Microsoft.Discovery/supercomputers/delete\",\n \"Microsoft.Discovery/storages/write\",\n \"Microsoft.Discovery/storages/delete\",\n \"Microsoft.Discovery/bookshelves/write\",\n \"Microsoft.Discovery/bookshelves/delete\",\n \"Microsoft.Discovery/supercomputers/nodePools/write\",\n \"Microsoft.Discovery/supercomputers/nodePools/delete\",\n \"Microsoft.Discovery/workspaces/projects/write\",\n \"Microsoft.Discovery/workspaces/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2814036Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/01288891-85ee-45a7-b367-9db3b752fc65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"01288891-85ee-45a7-b367-9db3b752fc65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, edit and delete AIO resources. Manage all resources, including instance and its downstream resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DeviceRegistry/Assets/*\",\n \"Microsoft.DeviceRegistry/AssetEndpointProfiles/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Assets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Devices/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredAssets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredDevices/*\",\n \"Microsoft.DeviceRegistry/SchemaRegistries/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T19:55:14.5761643Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"User can Azure arc connect and deploy Azure IoT Operations securely.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.DeviceRegistry/register/action\",\n \"Microsoft.DeviceRegistry/schemaRegistries/read\",\n \"Microsoft.DeviceRegistry/schemaRegistries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/*/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T20:10:17.4373209Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write connectors and have basic customer permissions like reading authorizations, alert rules and resourceGroups\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"updatedOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c459b115-f629-486b-b359-35feb5568b83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c459b115-f629-486b-b359-35feb5568b83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Virtual Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"updatedOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1abf4029-2200-4343-800c-e4c4c01eddbd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1abf4029-2200-4343-800c-e4c4c01eddbd\"\n },\n {\n \"properties\": {\n \"roleName\": \"NginxPlus Contributor service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Nginx.NginxPlus Control Plane operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NGINX.NGINXPLUS/register/action\",\n \"NGINX.NGINXPLUS/unregister/action\",\n \"NGINX.NGINXPLUS/locations/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Delete\",\n \"NGINX.NGINXPLUS/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-11T15:44:56.6598995Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.5007488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61aed14c-6c9a-4ed5-aa44-49fc5e96a167\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61aed14c-6c9a-4ed5-aa44-49fc5e96a167\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure CosmosDB Fleets and related child resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/fleets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/35ffec73-9cb8-4593-8718-40d5bc4b7f6f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"35ffec73-9cb8-4593-8718-40d5bc4b7f6f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Apis contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows all actions on healthcareapis provider resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HealthcareApis/services/*\",\n \"Microsoft.HealthcareApis/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29f61507-bdfb-4987-b629-20033be2d6c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29f61507-bdfb-4987-b629-20033be2d6c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Datadog Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Datadog Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Datadog/register/action\",\n \"Microsoft.Datadog/unregister/action\",\n \"Microsoft.Datadog/agreements/read\",\n \"Microsoft.Datadog/agreements/write\",\n \"Microsoft.Datadog/locations/read\",\n \"Microsoft.Datadog/locations/operationStatuses/read\",\n \"Microsoft.Datadog/locations/operationStatuses/write\",\n \"Microsoft.Datadog/monitors/read\",\n \"Microsoft.Datadog/monitors/write\",\n \"Microsoft.Datadog/monitors/delete\",\n \"Microsoft.Datadog/monitors/listApiKeys/action\",\n \"Microsoft.Datadog/monitors/getDefaultKey/action\",\n \"Microsoft.Datadog/monitors/setDefaultKey/action\",\n \"Microsoft.Datadog/monitors/refreshSetPasswordLink/action\",\n \"Microsoft.Datadog/monitors/listLinkedResources/action\",\n \"Microsoft.Datadog/monitors/listHosts/read\",\n \"Microsoft.Datadog/monitors/listLinkedResources/read\",\n \"Microsoft.Datadog/monitors/listMonitoredResources/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/read\",\n \"Microsoft.Datadog/monitors/tagRules/read\",\n \"Microsoft.Datadog/monitors/tagRules/write\",\n \"Microsoft.Datadog/registeredSubscriptions/read\",\n \"Microsoft.Datadog/subscriptionStatuses/read\",\n \"Microsoft.Datadog/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3027767Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81b67e46-ef5b-4404-bddd-090985bb4a28\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81b67e46-ef5b-4404-bddd-090985bb4a28\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Elastic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Elastic/getOrganizationApiKey/action\",\n \"Microsoft.Elastic/checkNameAvailability/action\",\n \"Microsoft.Elastic/register/action\",\n \"Microsoft.Elastic/locations/read\",\n \"Microsoft.Elastic/locations/operationStatuses/read\",\n \"Microsoft.Elastic/locations/operationStatuses/write\",\n \"Microsoft.Elastic/monitors/read\",\n \"Microsoft.Elastic/monitors/write\",\n \"Microsoft.Elastic/monitors/delete\",\n \"Microsoft.Elastic/monitors/listMonitoredResources/action\",\n \"Microsoft.Elastic/monitors/listVMHost/action\",\n \"Microsoft.Elastic/monitors/createOrUpdateExternalUser/action\",\n \"Microsoft.Elastic/monitors/listAllTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/listAssociatedTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/createAndAssociateIPFilter/action\",\n \"Microsoft.Elastic/monitors/createAndAssociatePLFilter/action\",\n \"Microsoft.Elastic/monitors/associateTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachAndDeleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/deleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/listUpgradableVersions/action\",\n \"Microsoft.Elastic/monitors/getBillingInfo/action\",\n \"Microsoft.Elastic/monitors/listConnectedPartnerResources/action\",\n \"Microsoft.Elastic/monitors/upgrade/action\",\n \"Microsoft.Elastic/monitors/vmIngestionDetails/action\",\n \"Microsoft.Elastic/monitors/vmCollectionUpdate/action\",\n \"Microsoft.Elastic/monitors/listDeploymentInfo/action\",\n \"Microsoft.Elastic/monitors/resubscribe/action\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/read\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/getStatus/action\",\n \"Microsoft.Elastic/monitors/tagRules/read\",\n \"Microsoft.Elastic/monitors/tagRules/write\",\n \"Microsoft.Elastic/registeredSubscriptions/read\",\n \"Microsoft.Elastic/elasticVersions/read\",\n \"Microsoft.Elastic/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3017765Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.4997487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d68eeb8d-afae-4932-a331-203b7957e509\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d68eeb8d-afae-4932-a331-203b7957e509\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Elastic resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Elastic/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/225efd4d-4ca0-42a1-ae53-5f233ba23c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"225efd4d-4ca0-42a1-ae53-5f233ba23c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Newrelic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Newrelic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NewRelic.Observability/register/action\",\n \"NewRelic.Observability/unregister/action\",\n \"NewRelic.Observability/accounts/read\",\n \"NewRelic.Observability/plans/read\",\n \"NewRelic.Observability/organizations/read\",\n \"NewRelic.Observability/locations/read\",\n \"NewRelic.Observability/locations/operationStatuses/read\",\n \"NewRelic.Observability/locations/operationStatuses/write\",\n \"NewRelic.Observability/monitors/read\",\n \"NewRelic.Observability/monitors/write\",\n \"NewRelic.Observability/monitors/delete\",\n \"NewRelic.Observability/monitors/monitoredResources/action\",\n \"NewRelic.Observability/monitors/vmHostPayloads/action\",\n \"NewRelic.Observability/monitors/listAppServices/action\",\n \"NewRelic.Observability/monitors/listHosts/action\",\n \"NewRelic.Observability/monitors/refreshIngestionKey/action\",\n \"NewRelic.Observability/monitors/getMetricRules/action\",\n \"NewRelic.Observability/monitors/getMetricStatus/action\",\n \"NewRelic.Observability/monitors/switchBilling/action\",\n \"NewRelic.Observability/monitors/latestLinkedSaaS/action\",\n \"NewRelic.Observability/monitors/linkSaaS/action\",\n \"NewRelic.Observability/monitors/resubscribe/action\",\n \"NewRelic.Observability/monitors/getBillingInfo/action\",\n \"NewRelic.Observability/monitors/listConnectedPartnerResources/action\",\n \"NewRelic.Observability/monitors/listLinkedResources/action\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/read\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/write\",\n \"NewRelic.Observability/monitors/tagRules/read\",\n \"NewRelic.Observability/monitors/tagRules/write\",\n \"NewRelic.Observability/registeredSubscriptions/read\",\n \"NewRelic.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a60da355-bdec-443f-8d42-a03f0422f04d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a60da355-bdec-443f-8d42-a03f0422f04d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Enrollments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the creation and modification of policy enrollments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T16:55:07.415008Z\",\n \"updatedOn\": \"2025-07-16T16:55:07.415008Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/285ce6d6-fa11-43bd-94ef-42a9b3740bfd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"285ce6d6-fa11-43bd-94ef-42a9b3740bfd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dynatrace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dynatrace Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Dynatrace.Observability/checkNameAvailability/action\",\n \"Dynatrace.Observability/register/action\",\n \"Dynatrace.Observability/unregister/action\",\n \"Dynatrace.Observability/getMarketplaceSaaSResourceDetails/action\",\n \"Dynatrace.Observability/locations/read\",\n \"Dynatrace.Observability/locations/operationStatuses/read\",\n \"Dynatrace.Observability/locations/operationStatuses/write\",\n \"Dynatrace.Observability/monitors/read\",\n \"Dynatrace.Observability/monitors/write\",\n \"Dynatrace.Observability/monitors/delete\",\n \"Dynatrace.Observability/monitors/listMonitoredResources/action\",\n \"Dynatrace.Observability/monitors/getVMHostPayload/action\",\n \"Dynatrace.Observability/monitors/listHosts/action\",\n \"Dynatrace.Observability/monitors/listAppServices/action\",\n \"Dynatrace.Observability/monitors/getSSODetails/action\",\n \"Dynatrace.Observability/monitors/listLinkableEnvironments/action\",\n \"Dynatrace.Observability/monitors/getMetricStatus/action\",\n \"Dynatrace.Observability/monitors/manageAgentInstallation/action\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/read\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/read\",\n \"Dynatrace.Observability/monitors/tagRules/read\",\n \"Dynatrace.Observability/monitors/tagRules/write\",\n \"Dynatrace.Observability/registeredSubscriptions/read\",\n \"Dynatrace.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-17T04:54:12.9049103Z\",\n \"updatedOn\": \"2025-08-01T11:55:53.7346372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa96a588-3fac-4adb-bfb2-f8404ece07e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa96a588-3fac-4adb-bfb2-f8404ece07e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.OffAzureSpringBoot Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Microsoft.OffAzureSpringBoot Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OffAzureSpringBoot/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-18T10:13:03.6807059Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79732128-7761-4733-aebf-35590da9f29b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79732128-7761-4733-aebf-35590da9f29b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexus network fabric resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.ManagedNetworkFabric/*/action\",\n \"Microsoft.ManagedNetworkFabric/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/46c70067-0f50-457f-8137-2449c90de518\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"46c70067-0f50-457f-8137-2449c90de518\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Identity Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexusidentity resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NexusIdentity/*/read\",\n \"Microsoft.NexusIdentity/*/write\",\n \"Microsoft.NexusIdentity/*/action\",\n \"Microsoft.NexusIdentity/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/374a1cc6-96cb-4946-8d8b-a41054c8ae97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"374a1cc6-96cb-4946-8d8b-a41054c8ae97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Conversation Session User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows sending a message to the agent and receive a response, using the conversation session API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ConversationSession/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"updatedOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b3eb788f-5426-48bd-821d-561701ede368\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b3eb788f-5426-48bd-821d-561701ede368\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Analytics Storage Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write telemetry data from the Fleet Analytics Synapse workspace to customer-provided storage accounts or Fabric Lakehouses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T01:43:25.8457961Z\",\n \"updatedOn\": \"2025-08-28T01:46:02.2595107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf41e52e-617f-4981-8b7a-47431bd4e011\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf41e52e-617f-4981-8b7a-47431bd4e011\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Data Transfer Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete pipelines, connections, and flows in Azure Data Transfer. Also perform any appropriate control plane operations for managing Azure Data Transfer resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureDataTransfer/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"updatedOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eded264d-1796-4e25-8500-a78427f8a316\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eded264d-1796-4e25-8500-a78427f8a316\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Video Indexer Account resources and generate access tokens for data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/checknameavailability/action\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/read\",\n \"Microsoft.VideoIndexer/accounts/write\",\n \"Microsoft.VideoIndexer/accounts/delete\",\n \"Microsoft.VideoIndexer/accounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/read\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/write\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/delete\",\n \"Microsoft.VideoIndexer/accounts/privateLinkResources/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/write\",\n \"Microsoft.VideoIndexer/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-07-28T15:04:33.545254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f99eaab-6f59-4877-adf5-1cacd22e20b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f99eaab-6f59-4877-adf5-1cacd22e20b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity DUPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Deleted Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/deletedUnifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-08-21T13:32:13.8007194Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4eb044f-76b9-47af-92f9-1d95c4c14ab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4eb044f-76b9-47af-92f9-1d95c4c14ab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all Sites related resources but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurationReferences/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59f98be6-0817-488b-831e-36a353c8000b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59f98be6-0817-488b-831e-36a353c8000b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Edge Sites Owner role - Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/sites/write\",\n \"Microsoft.Edge/sites/delete\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/write\",\n \"Microsoft.Edge/configurations/delete\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/write\",\n \"Microsoft.Edge/configurations/networkConfigurations/delete\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/write\",\n \"Microsoft.Edge/configurations/securityConfigurations/delete\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/write\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/delete\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/write\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/delete\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/write\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/delete\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/write\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/delete\",\n \"Microsoft.Edge/configurationReferences/read\",\n \"Microsoft.Edge/configurationReferences/write\",\n \"Microsoft.Edge/configurationReferences/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1cd7e4da-2789-457f-adbe-3e9e84037a93\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1cd7e4da-2789-457f-adbe-3e9e84037a93\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr PureStorage Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all PureStorage related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"PureStorage.Block/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85546f1f-f28b-4cb3-b852-73e422a96897\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85546f1f-f28b-4cb3-b852-73e422a96897\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dell Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Dell related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Dell.Storage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d683b71b-2b91-4fc1-a43e-b53b3d85bed9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d683b71b-2b91-4fc1-a43e-b53b3d85bed9\"\n },\n {\n \"properties\": {\n \"roleName\": \"SupportPlan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor role for Enterprise Support Resource Provider\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EnterpriseSupport/services/delete\",\n \"Microsoft.EnterpriseSupport/services/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T21:45:45.323115Z\",\n \"updatedOn\": \"2025-07-30T21:45:45.323115Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d6f52ba-a7de-4c56-a58f-522154514fba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d6f52ba-a7de-4c56-a58f-522154514fba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Spring Apps Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-31T11:03:44.7831528Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4037dd68-1cc7-4a64-8765-3a79963a9940\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4037dd68-1cc7-4a64-8765-3a79963a9940\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Networking Outbound Rules Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-in role that can authorize users to access and update the managed network settings of a machine learning workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/delete\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/batchOutboundRules/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25cabde7-1a6c-4350-8877-cb6fe59f1399\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25cabde7-1a6c-4350-8877-cb6fe59f1399\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity UPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/unifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5108882Z\",\n \"updatedOn\": \"2025-08-21T13:32:14.8037229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"LambdaTest.HyperExecute Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all LambdaTest.HyperExecute related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"LambdaTest.HyperExecute/checkNameAvailability/action\",\n \"LambdaTest.HyperExecute/register/action\",\n \"LambdaTest.HyperExecute/unregister/action\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/read\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/write\",\n \"LambdaTest.HyperExecute/operations/read\",\n \"LambdaTest.HyperExecute/organizations/read\",\n \"LambdaTest.HyperExecute/organizations/write\",\n \"LambdaTest.HyperExecute/organizations/delete\",\n \"LambdaTest.HyperExecute/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44a00263-b2a0-45d5-a618-5d8d11709349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44a00263-b2a0-45d5-a618-5d8d11709349\"\n },\n {\n \"properties\": {\n \"roleName\": \"ArizeAi.ObservabilityEval Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all ArizeAi.ObservabilityEval related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"ArizeAi.ObservabilityEval/checkNameAvailability/action\",\n \"ArizeAi.ObservabilityEval/register/action\",\n \"ArizeAi.ObservabilityEval/unregister/action\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/read\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/write\",\n \"ArizeAi.ObservabilityEval/operations/read\",\n \"ArizeAi.ObservabilityEval/organizations/read\",\n \"ArizeAi.ObservabilityEval/organizations/write\",\n \"ArizeAi.ObservabilityEval/organizations/delete\",\n \"ArizeAi.ObservabilityEval/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dca88c6f-5090-44cd-a0ff-a88f337b12a5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dca88c6f-5090-44cd-a0ff-a88f337b12a5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Pinecone.VectorDb Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Pinecone.VectorDb related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Pinecone.VectorDb/checkNameAvailability/action\",\n \"Pinecone.VectorDb/register/action\",\n \"Pinecone.VectorDb/unregister/action\",\n \"Pinecone.VectorDb/locations/operationStatuses/read\",\n \"Pinecone.VectorDb/locations/operationStatuses/write\",\n \"Pinecone.VectorDb/operations/read\",\n \"Pinecone.VectorDb/organizations/read\",\n \"Pinecone.VectorDb/organizations/write\",\n \"Pinecone.VectorDb/organizations/delete\",\n \"Pinecone.VectorDb/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd799a69-ffc8-4aa8-9701-b51f686857d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd799a69-ffc8-4aa8-9701-b51f686857d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.WeightsAndBiases Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Microsoft.WeightsAndBiases related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WeightsAndBiases/checkNameAvailability/action\",\n \"Microsoft.WeightsAndBiases/register/action\",\n \"Microsoft.WeightsAndBiases/unregister/action\",\n \"Microsoft.WeightsAndBiases/instances/read\",\n \"Microsoft.WeightsAndBiases/instances/write\",\n \"Microsoft.WeightsAndBiases/instances/delete\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/read\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/write\",\n \"Microsoft.WeightsAndBiases/operations/read\",\n \"Microsoft.WeightsAndBiases/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:57.794372Z\",\n \"updatedOn\": \"2025-08-06T15:22:57.794372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/246fffca-69ee-4945-bbf1-2a867dce4fda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"246fffca-69ee-4945-bbf1-2a867dce4fda\"\n },\n {\n \"properties\": {\n \"roleName\": \"Recurring Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Recurring Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"updatedOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/376d0802-aca8-4c2d-83a5-c88630f396fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"376d0802-aca8-4c2d-83a5-c88630f396fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\",\n \"/providers/Microsoft.Management/serviceGroups\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-09-18T10:30:29.9987541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d2e8fe82-9212-490f-af3e-34bb52d87d3d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d2e8fe82-9212-490f-af3e-34bb52d87d3d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff09793b-be48-49f6-ad96-70d32039c0b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff09793b-be48-49f6-ad96-70d32039c0b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c914561b-1575-4601-af9c-a1356bf59818\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c914561b-1575-4601-af9c-a1356bf59818\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"updatedOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e131102b-11a5-4ff4-8508-ed922132b74c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e131102b-11a5-4ff4-8508-ed922132b74c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Order Partner Inventory Manager Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage inventory metadata and inventory links associated with Edge Order Partner scenarios. Enables configuration and control of inventory resources for tracking and fulfillment purposes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageLink/action\",\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageInventoryMetadata/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-12T15:18:36.5429246Z\",\n \"updatedOn\": \"2025-09-05T06:37:32.5466384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f24a559b-c2fc-4409-b96e-9af4b0c28ad6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f24a559b-c2fc-4409-b96e-9af4b0c28ad6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender For Container Registries Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registries\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T15:27:47.0452902Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5c82243-e78e-43f9-8428-793bba85b28e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5c82243-e78e-43f9-8428-793bba85b28e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Change Safety Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage all Microsoft.ChangeSafety resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ChangeSafety/changeStates/read\",\n \"Microsoft.ChangeSafety/changeStates/write\",\n \"Microsoft.ChangeSafety/changeStates/delete\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/read\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/write\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/delete\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/read\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/write\",\n \"Microsoft.ChangeSafety/safeRollouts/read\",\n \"Microsoft.ChangeSafety/safeRollouts/write\",\n \"Microsoft.ChangeSafety/safeRollouts/delete\",\n \"Microsoft.ChangeSafety/safeRollouts/steps/read\",\n \"Microsoft.ChangeSafety/stageMaps/read\",\n \"Microsoft.ChangeSafety/stageMaps/write\",\n \"Microsoft.ChangeSafety/stageMaps/delete\",\n \"Microsoft.ChangeSafety/validations/read\",\n \"Microsoft.ChangeSafety/validations/write\",\n \"Microsoft.ChangeSafety/validations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"updatedOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Clinical Coder Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in Clinical Coder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/AIActions/ClinicalCoder/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"updatedOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0a94e7a-d791-4571-b2e0-8bdd8f867544\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0a94e7a-d791-4571-b2e0-8bdd8f867544\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Data Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Data Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.operationalinsights/workspaces/read\",\n \"Microsoft.operationalinsights/workspaces/write\",\n \"Microsoft.operationalinsights/workspaces/query/read\",\n \"Microsoft.operationalinsights/workspaces/tables/write\",\n \"Microsoft.operationalinsights/workspaces/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-22T09:09:13.51896Z\",\n \"updatedOn\": \"2025-08-22T09:09:13.51896Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40ead2a5-466e-4039-8a80-325542d9d2dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40ead2a5-466e-4039-8a80-325542d9d2dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Local Disconnected Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Local Disconnected Operations Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/disconnectedOperations/*/read\",\n \"Microsoft.Edge/disconnectedOperations/*/write\",\n \"Microsoft.Edge/disconnectedOperations/*/delete\",\n \"Microsoft.Edge/winfields/*/read\",\n \"Microsoft.Edge/winfields/*/write\",\n \"Microsoft.Edge/winfields/*/delete\",\n \"Microsoft.Edge/winfields/*/action\",\n \"Microsoft.Edge/disconnectedOperations/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/478d20ba-a53e-4946-b33c-8078a92f2d0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"478d20ba-a53e-4946-b33c-8078a92f2d0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Workload Orchestration Administrator Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/*\",\n \"Microsoft.Edge/configTemplates/*\",\n \"Microsoft.Edge/solutionTemplates/*\",\n \"Microsoft.Edge/configurations/*\",\n \"Microsoft.Edge/configurationreferences/*\",\n \"Microsoft.Edge/schemas/*\",\n \"Microsoft.Edge/schemaReferences/*\",\n \"Microsoft.Edge/targets/*\",\n \"Microsoft.Edge/jobs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"updatedOn\": \"2025-09-04T04:15:37.014131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cbb820e9-e561-45bb-84c2-ef45d0a13f7d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cbb820e9-e561-45bb-84c2-ef45d0a13f7d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View firmware images but not upload them or perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*/read\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"updatedOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a94a2fd-3c4f-45d1-847d-6585ba88af94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a94a2fd-3c4f-45d1-847d-6585ba88af94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read, write, destructive and scripting actions on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"updatedOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04f6c337-ffae-414c-b00f-3e80c9ab8a2c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04f6c337-ffae-414c-b00f-3e80c9ab8a2c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Script Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows execution and management of scripts on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scripteval/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptevalsha/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptexists/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptflush/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptload/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:39:28.929238Z\",\n \"updatedOn\": \"2025-08-27T17:39:28.929238Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7021ea36-e168-4bc0-af53-88de51d20665\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7021ea36-e168-4bc0-af53-88de51d20665\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d9cd91b9-dada-4fa9-9406-454c4659c137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d9cd91b9-dada-4fa9-9406-454c4659c137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/append/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/del/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/expire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpersist/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hsetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/msetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psetex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readwrite/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/set/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setrange/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smove/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/spop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunionstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unlink/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangestore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebylex/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyrank/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyscore/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunionstore/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1694e55a-2496-4d07-b005-7259aa3fcbe8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1694e55a-2496-4d07-b005-7259aa3fcbe8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"updatedOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca62263b-07d5-4b48-b437-088803f5c2ff\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca62263b-07d5-4b48-b437-088803f5c2ff\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"updatedOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1fd5d8bf-9037-4ede-89bf-680f798e2765\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1fd5d8bf-9037-4ede-89bf-680f798e2765\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:38:33.2080873Z\",\n \"updatedOn\": \"2025-09-11T12:26:00.2449399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Contributor and Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Contributor and Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:53:37.3243745Z\",\n \"updatedOn\": \"2025-09-18T08:00:00.7910377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/625a1cea-653b-4a19-bd3a-df1d66ab6637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"625a1cea-653b-4a19-bd3a-df1d66ab6637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T15:23:46.8702579Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78b7345a-1e1b-483a-ac62-62228c6ea89d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78b7345a-1e1b-483a-ac62-62228c6ea89d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Azure Monitor Pipeline resources, providing full read and write access to pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/679dc20a-52e8-4ac0-a23c-3b557dfb1e24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"679dc20a-52e8-4ac0-a23c-3b557dfb1e24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Azure Monitor Pipeline resources, including pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to all SRE Agent data, including chats, incidents, logs, and configurations. Does not permit interaction with the agent.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.0394523Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b156ac-253f-4a1a-9851-96d62b71b047\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b156ac-253f-4a1a-9851-96d62b71b047\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Connectivity contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.HybridConnectivity contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/listIngressGatewayCredentials/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/delete\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/testPermissions/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/write\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/delete\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/syncNow/action\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.251471Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.251471Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0f57965-de58-41bc-ba76-2aaab4d09f30\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0f57965-de58-41bc-ba76-2aaab4d09f30\"\n },\n {\n \"properties\": {\n \"roleName\": \"Aws Connector contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AwsConnector contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/delete\",\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/write\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/delete\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/write\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/delete\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/write\",\n \"Microsoft.AwsConnector/apiGatewayStages/delete\",\n \"Microsoft.AwsConnector/apiGatewayStages/write\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/delete\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/write\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/delete\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/write\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/delete\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/write\",\n \"Microsoft.AwsConnector/cloudFormationStacks/delete\",\n \"Microsoft.AwsConnector/cloudFormationStacks/write\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/delete\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/write\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/delete\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/write\",\n \"Microsoft.AwsConnector/cloudTrailTrails/delete\",\n \"Microsoft.AwsConnector/cloudTrailTrails/write\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/delete\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/write\",\n \"Microsoft.AwsConnector/codeBuildProjects/delete\",\n \"Microsoft.AwsConnector/codeBuildProjects/write\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/delete\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/write\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/delete\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/write\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/delete\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/write\",\n \"Microsoft.AwsConnector/daxClusters/delete\",\n \"Microsoft.AwsConnector/daxClusters/write\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/delete\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/write\",\n \"Microsoft.AwsConnector/dynamoDBTables/delete\",\n \"Microsoft.AwsConnector/dynamoDBTables/write\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/delete\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/write\",\n \"Microsoft.AwsConnector/ec2Addresses/delete\",\n \"Microsoft.AwsConnector/ec2Addresses/write\",\n \"Microsoft.AwsConnector/ec2FlowLogs/delete\",\n \"Microsoft.AwsConnector/ec2FlowLogs/write\",\n \"Microsoft.AwsConnector/ec2Images/delete\",\n \"Microsoft.AwsConnector/ec2Images/write\",\n \"Microsoft.AwsConnector/ec2Instances/delete\",\n \"Microsoft.AwsConnector/ec2Instances/start/action\",\n \"Microsoft.AwsConnector/ec2Instances/stop/action\",\n \"Microsoft.AwsConnector/ec2Instances/write\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/delete\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/write\",\n \"Microsoft.AwsConnector/ec2Ipams/delete\",\n \"Microsoft.AwsConnector/ec2Ipams/write\",\n \"Microsoft.AwsConnector/ec2KeyPairs/delete\",\n \"Microsoft.AwsConnector/ec2KeyPairs/write\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/delete\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/write\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/delete\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/write\",\n \"Microsoft.AwsConnector/ec2RouteTables/delete\",\n \"Microsoft.AwsConnector/ec2RouteTables/write\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/delete\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/write\",\n \"Microsoft.AwsConnector/ec2Snapshots/delete\",\n \"Microsoft.AwsConnector/ec2Snapshots/write\",\n \"Microsoft.AwsConnector/ec2Subnets/delete\",\n \"Microsoft.AwsConnector/ec2Subnets/write\",\n \"Microsoft.AwsConnector/ec2Volumes/delete\",\n \"Microsoft.AwsConnector/ec2Volumes/write\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/delete\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/write\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/delete\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/write\",\n \"Microsoft.AwsConnector/ec2Vpcs/delete\",\n \"Microsoft.AwsConnector/ec2Vpcs/write\",\n \"Microsoft.AwsConnector/ecrImageDetails/delete\",\n \"Microsoft.AwsConnector/ecrImageDetails/write\",\n \"Microsoft.AwsConnector/ecrRepositories/delete\",\n \"Microsoft.AwsConnector/ecrRepositories/write\",\n \"Microsoft.AwsConnector/ecsClusters/delete\",\n \"Microsoft.AwsConnector/ecsClusters/write\",\n \"Microsoft.AwsConnector/ecsServices/delete\",\n \"Microsoft.AwsConnector/ecsServices/write\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/delete\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/write\",\n \"Microsoft.AwsConnector/efsFileSystems/delete\",\n \"Microsoft.AwsConnector/efsFileSystems/write\",\n \"Microsoft.AwsConnector/efsMountTargets/delete\",\n \"Microsoft.AwsConnector/efsMountTargets/write\",\n \"Microsoft.AwsConnector/eksClusters/delete\",\n \"Microsoft.AwsConnector/eksClusters/write\",\n \"Microsoft.AwsConnector/eksNodegroups/delete\",\n \"Microsoft.AwsConnector/eksNodegroups/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/write\",\n \"Microsoft.AwsConnector/elasticsearchDomains/delete\",\n \"Microsoft.AwsConnector/elasticsearchDomains/write\",\n \"Microsoft.AwsConnector/emrClusters/delete\",\n \"Microsoft.AwsConnector/emrClusters/write\",\n \"Microsoft.AwsConnector/guardDutyDetectors/delete\",\n \"Microsoft.AwsConnector/guardDutyDetectors/write\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/write\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/write\",\n \"Microsoft.AwsConnector/iamGroups/delete\",\n \"Microsoft.AwsConnector/iamGroups/write\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/delete\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/write\",\n \"Microsoft.AwsConnector/iamManagedPolicies/delete\",\n \"Microsoft.AwsConnector/iamManagedPolicies/write\",\n \"Microsoft.AwsConnector/iamMFADevices/delete\",\n \"Microsoft.AwsConnector/iamMFADevices/write\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/delete\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/write\",\n \"Microsoft.AwsConnector/iamPolicyVersions/delete\",\n \"Microsoft.AwsConnector/iamPolicyVersions/write\",\n \"Microsoft.AwsConnector/iamRoles/delete\",\n \"Microsoft.AwsConnector/iamRoles/write\",\n \"Microsoft.AwsConnector/iamServerCertificates/delete\",\n \"Microsoft.AwsConnector/iamServerCertificates/write\",\n \"Microsoft.AwsConnector/iamUserPolicies/delete\",\n \"Microsoft.AwsConnector/iamUserPolicies/write\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/delete\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/write\",\n \"Microsoft.AwsConnector/kmsAliases/delete\",\n \"Microsoft.AwsConnector/kmsAliases/write\",\n \"Microsoft.AwsConnector/kmsKeys/delete\",\n \"Microsoft.AwsConnector/kmsKeys/write\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/write\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/write\",\n \"Microsoft.AwsConnector/lambdaFunctions/delete\",\n \"Microsoft.AwsConnector/lambdaFunctions/write\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/delete\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/write\",\n \"Microsoft.AwsConnector/lightsailBuckets/delete\",\n \"Microsoft.AwsConnector/lightsailBuckets/write\",\n \"Microsoft.AwsConnector/lightsailInstances/delete\",\n \"Microsoft.AwsConnector/lightsailInstances/write\",\n \"Microsoft.AwsConnector/Locations/OperationStatuses/write\",\n \"Microsoft.AwsConnector/logsLogGroups/delete\",\n \"Microsoft.AwsConnector/logsLogGroups/write\",\n \"Microsoft.AwsConnector/logsLogStreams/delete\",\n \"Microsoft.AwsConnector/logsLogStreams/write\",\n \"Microsoft.AwsConnector/logsMetricFilters/delete\",\n \"Microsoft.AwsConnector/logsMetricFilters/write\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/delete\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/write\",\n \"Microsoft.AwsConnector/macie2JobSummaries/delete\",\n \"Microsoft.AwsConnector/macie2JobSummaries/write\",\n \"Microsoft.AwsConnector/macieAllowLists/delete\",\n \"Microsoft.AwsConnector/macieAllowLists/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/write\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/delete\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/write\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/delete\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/write\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/delete\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/write\",\n \"Microsoft.AwsConnector/organizationsAccounts/delete\",\n \"Microsoft.AwsConnector/organizationsAccounts/write\",\n \"Microsoft.AwsConnector/organizationsOrganizations/delete\",\n \"Microsoft.AwsConnector/organizationsOrganizations/write\",\n \"Microsoft.AwsConnector/rdsDBClusters/delete\",\n \"Microsoft.AwsConnector/rdsDBClusters/write\",\n \"Microsoft.AwsConnector/rdsDBInstances/delete\",\n \"Microsoft.AwsConnector/rdsDBInstances/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/write\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/delete\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/write\",\n \"Microsoft.AwsConnector/rdsExportTasks/delete\",\n \"Microsoft.AwsConnector/rdsExportTasks/write\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/delete\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/write\",\n \"Microsoft.AwsConnector/redshiftClusters/delete\",\n \"Microsoft.AwsConnector/redshiftClusters/write\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/delete\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/write\",\n \"Microsoft.AwsConnector/route53HostedZones/delete\",\n \"Microsoft.AwsConnector/route53HostedZones/write\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/delete\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/write\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/delete\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/write\",\n \"Microsoft.AwsConnector/s3AccessPoints/delete\",\n \"Microsoft.AwsConnector/s3AccessPoints/write\",\n \"Microsoft.AwsConnector/s3BucketPolicies/delete\",\n \"Microsoft.AwsConnector/s3BucketPolicies/write\",\n \"Microsoft.AwsConnector/s3Buckets/delete\",\n \"Microsoft.AwsConnector/s3Buckets/write\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/delete\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/write\",\n \"Microsoft.AwsConnector/sageMakerApps/delete\",\n \"Microsoft.AwsConnector/sageMakerApps/write\",\n \"Microsoft.AwsConnector/sageMakerDevices/delete\",\n \"Microsoft.AwsConnector/sageMakerDevices/write\",\n \"Microsoft.AwsConnector/sageMakerImages/delete\",\n \"Microsoft.AwsConnector/sageMakerImages/write\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/delete\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/write\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/delete\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/write\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/delete\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/write\",\n \"Microsoft.AwsConnector/snsSubscriptions/delete\",\n \"Microsoft.AwsConnector/snsSubscriptions/write\",\n \"Microsoft.AwsConnector/snsTopics/delete\",\n \"Microsoft.AwsConnector/snsTopics/write\",\n \"Microsoft.AwsConnector/sqsQueues/delete\",\n \"Microsoft.AwsConnector/sqsQueues/write\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/delete\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/write\",\n \"Microsoft.AwsConnector/ssmParameters/delete\",\n \"Microsoft.AwsConnector/ssmParameters/write\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/delete\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/write\",\n \"Microsoft.AwsConnector/wafv2IPSets/delete\",\n \"Microsoft.AwsConnector/wafv2IPSets/write\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/delete\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/write\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/delete\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/write\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/delete\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/98c206fe-ea1b-4578-93f8-83a99a5628fc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"98c206fe-ea1b-4578-93f8-83a99a5628fc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB MI Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin-level access for managed identities on files/directories in Azure file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a235d3ee-5935-4cfb-8cc5-a3303ad5995e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Common Edge Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Common Edge Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/connectivityStatuses/delete\",\n \"Microsoft.Edge/connectivityStatuses/write\",\n \"Microsoft.Edge/locations/operationStatuses/write\",\n \"Microsoft.Edge/updates/delete\",\n \"Microsoft.Edge/updates/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b256d512-9a3a-4a96-9366-9f54f900e58b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b256d512-9a3a-4a96-9366-9f54f900e58b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Upload and analyze firmware images but not perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/register/action\",\n \"Microsoft.IoTFirmwareDefense/unregister/action\",\n \"Microsoft.IoTFirmwareDefense/workspaces/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53b2724d-1e51-44fa-b586-bcace0c82609\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53b2724d-1e51-44fa-b586-bcace0c82609\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Standard User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to interact with the SRE Agent to triage incidents and run diagnostics.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\",\n \"Microsoft.App/agents/threads/write\",\n \"Microsoft.App/agents/graph/write\",\n \"Microsoft.App/agents/memory/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8379721Z\",\n \"updatedOn\": \"2025-09-16T15:14:52.3167343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d84a65a-63b2-4343-bbb6-31105d857bc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d84a65a-63b2-4343-bbb6-31105d857bc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full control of the agent—manage chats, incident response plans, and agent run modes; approve and execute commands.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/*/read\",\n \"Microsoft.App/agents/*/write\",\n \"Microsoft.App/agents/*/delete\",\n \"Microsoft.App/agents/threads/approve/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8389733Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e79298df-d852-4c6d-84f9-5d13249d1e55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e79298df-d852-4c6d-84f9-5d13249d1e55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Kubernetes Fleet Manager as well as the Kubernetes config file to connect to the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/listCredentials/action\",\n \"Microsoft.ContainerService/fleets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"updatedOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/850c5848-fc51-4a9a-8823-f220370626e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"850c5848-fc51-4a9a-8823-f220370626e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Data Reader can query and search the logs it is allowed to view over Log Analytics workspaces and tables\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"updatedOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b03c2da-16b3-4a49-8834-0f8130efdd3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b03c2da-16b3-4a49-8834-0f8130efdd3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dynamics 365 Customer Insights Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables Diagnostic Logging setup for Customer Insights instances.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.D365CustomerInsights/instances/write\",\n \"Microsoft.D365CustomerInsights/instances/providers/Microsoft.Insights/diagnosticSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"updatedOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Blob Data Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions - Storage Task to list & perform operations on the Storage Account blobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/runAsSuperUser/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/immutableStorage/runAsSuperUser/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4bad4d9e-2a13-4888-94bb-c8432f6f3040\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4bad4d9e-2a13-4888-94bb-c8432f6f3040\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Task Assignment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions assigner to create a Task Assignment on their target Storage Account, with RBAC privileges for Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/reports/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/write\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/delete\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/reports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040}))\"\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77789c21-1643-48a2-8f27-47f858540b51\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77789c21-1643-48a2-8f27-47f858540b51\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Native Dynatrace Agent Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage Dynatrace Agent on compute resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/55077723-1b30-4603-a70b-68de134cfa20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"55077723-1b30-4603-a70b-68de134cfa20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions author to create, read, update, and delete Storage Actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StorageActions/storageTasks/read\",\n \"Microsoft.StorageActions/storageTasks/write\",\n \"Microsoft.StorageActions/storageTasks/delete\",\n \"Microsoft.StorageActions/storageTasks/storageTaskAssignments/read\",\n \"Microsoft.StorageActions/storageTasks/reports/read\",\n \"Microsoft.StorageActions/locations/previewActions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Essential Machine Management Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can managed Essential Machine Management resources for subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/dataCollectionRules/read\",\n \"Microsoft.Insights/dataCollectionRules/write\",\n \"Microsoft.Monitor/accounts/write\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.ManagedOps/managedOps/read\",\n \"Microsoft.ManagedOps/managedOps/write\",\n \"Microsoft.ManagedOps/managedOps/delete\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationsManagement/solutions/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/metricAlerts/write\",\n \"Microsoft.Insights/metricAlerts/read\",\n \"Microsoft.Security/pricings/write\",\n \"Microsoft.Security/pricings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"updatedOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34013b0a-565b-43aa-8755-1b7c286f6cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34013b0a-565b-43aa-8755-1b7c286f6cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/da9adf61-39cd-41d5-87a0-30b21f7270d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"da9adf61-39cd-41d5-87a0-30b21f7270d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numsub/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numpat/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/publish/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56e95fdc-3337-468d-b964-30d07f2a2018\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56e95fdc-3337-468d-b964-30d07f2a2018\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tenant Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Entra ID Tenants.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [],\n \"createdOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"updatedOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a7c2fa1-6f28-41a4-86b8-e74937c63222\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a7c2fa1-6f28-41a4-86b8-e74937c63222\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin access equivalent to storage account key for end users over SMB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-30T15:23:51.084353Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Supercomputer Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Supercomputer Infrastructure resources, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SupercomputerInfrastructure/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"updatedOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68899692-f960-4247-af28-82f55b357997\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68899692-f960-4247-af28-82f55b357997\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "//subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions?api-version=2022-05-01-preview", + "EncodedRequestUri": "Ly9zdWJzY3JpcHRpb25zLzY5NmVhZDE5LTg2NmQtNGU5ZC05OWU1LWYwNjFlNGMzNGI4NC9wcm92aWRlcnMvTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZURlZmluaXRpb25zP2FwaS12ZXJzaW9uPTIwMjItMDUtMDEtcHJldmlldw==", + "RequestMethod": "GET", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "7eba5950-5e3f-43d7-92fd-98bbcaa1b7a8" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Management.Authorization.AuthorizationManagementClient/8.1.0" + ] + }, + "RequestBody": "", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Pragma": [ + "no-cache" + ], + "x-ms-request-id": [ + "09f88767-ec63-4f39-9186-6636ef2bdf2f" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubDomains" + ], + "x-ms-operation-identifier": [ + "tenantId=de6dc80f-16c3-4606-90e9-b7386b466695,objectId=69c9e264-690c-43c9-aba4-a195a62f1929/northeurope/fc858e8f-5415-434d-9eb4-5e219a9dd3a1" + ], + "x-ms-ratelimit-remaining-subscription-reads": [ + "249" + ], + "x-ms-ratelimit-remaining-subscription-global-reads": [ + "3749" + ], + "x-ms-correlation-request-id": [ + "b2fc1dc2-a015-4c49-ba6e-3dea2cf7b7e9" + ], + "x-ms-routing-request-id": [ + "NORTHEUROPE:20251004T101955Z:b2fc1dc2-a015-4c49-ba6e-3dea2cf7b7e9" + ], + "X-Cache": [ + "CONFIG_NOCACHE" + ], + "X-MSEdge-Ref": [ + "Ref A: E5FCA2CD75354634962FFB9E1BAB0BD0 Ref B: DUB241062304062 Ref C: 2025-10-04T10:19:54Z" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:54 GMT" + ], + "Content-Length": [ + "993823" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Expires": [ + "-1" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"value\": [\n {\n \"properties\": {\n \"roleName\": \"AcrPush\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr push\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-29T17:52:32.5201177Z\",\n \"updatedOn\": \"2021-11-11T20:13:07.4993029Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8311e382-0749-4cb8-b61a-304f252e45ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service and the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8650193Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.3179618Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"312a565d-c81f-4fd8-895a-4e21e48d571c\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrPull\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr pull\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-22T19:01:56.8227182Z\",\n \"updatedOn\": \"2021-11-11T20:13:08.8779328Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f951dda-4ed3-4680-a7ca-43fe172d538d\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrImageSigner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Planned DEPRECATION on March 31, 2028. Grant the signing permission for content trust. As content trust is being deprecated and will be completely removed on March 31, 2028, this role will also be removed. Refer to https://aka.ms/acr/dctdeprecation for details and transition guidance.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/sign/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/trustedCollections/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-15T23:23:08.4038322Z\",\n \"updatedOn\": \"2025-10-03T10:06:29.6549664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cef56e8-d556-48e5-a04f-b8e64114680f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cef56e8-d556-48e5-a04f-b8e64114680f\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrDelete\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr delete\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-11T20:19:31.6682804Z\",\n \"updatedOn\": \"2021-11-11T20:13:09.9631744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2f4ef07-c644-48eb-af81-4b1b4947fb11\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:27:39.9596835Z\",\n \"updatedOn\": \"2021-11-11T20:13:10.3188052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cdda3590-29a3-44f6-95f2-9f980659eb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cdda3590-29a3-44f6-95f2-9f980659eb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"AcrQuarantineWriter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"acr quarantine data writer\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/quarantine/read\",\n \"Microsoft.ContainerRegistry/registries/quarantine/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/read\",\n \"Microsoft.ContainerRegistry/registries/quarantinedArtifacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-16T00:26:37.587182Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.3488079Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d4ff99-41c3-41a8-9f60-21dfdad59608\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage service but not the APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/backup/action\",\n \"Microsoft.ApiManagement/service/delete\",\n \"Microsoft.ApiManagement/service/managedeployments/action\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/restore/action\",\n \"Microsoft.ApiManagement/service/updatecertificate/action\",\n \"Microsoft.ApiManagement/service/updatehostname/action\",\n \"Microsoft.ApiManagement/service/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:03:42.1194019Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.5244023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e022efe7-f5ba-4159-bbe4-b44f577e9b61\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to service and APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/*/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.ApiManagement/service/users/keys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-11-09T00:26:45.1540473Z\",\n \"updatedOn\": \"2021-11-11T20:13:11.8704466Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"71522526-b88f-4d52-b57f-d31fc3546d0d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Component Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Application Insights components\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:12.6428401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae349356-3a1b-4a5e-921d-050484c6347e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae349356-3a1b-4a5e-921d-050484c6347e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Insights Snapshot Debugger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives user permission to use Application Insights Snapshot Debugger features\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T21:25:12.3728747Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.0034435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08954f03-6346-4c2e-81c0-ec3a5cfae23b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08954f03-6346-4c2e-81c0-ec3a5cfae23b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read the attestation provider properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-25T19:42:59.157671Z\",\n \"updatedOn\": \"2024-07-11T17:43:35.9489411Z\",\n \"createdBy\": null,\n \"updatedBy\": \"SYSTEM\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd1bd22b-8476-40bc-a0bc-69b95687b9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd1bd22b-8476-40bc-a0bc-69b95687b9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Job Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Manage Jobs using Automation Runbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:52:41.0020018Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.706566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fe576fe-1146-4730-92eb-48519fa6bf9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fe576fe-1146-4730-92eb-48519fa6bf9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Runbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Runbook properties - to be able to create Jobs of the runbook.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-19T20:47:49.5640674Z\",\n \"updatedOn\": \"2021-11-11T20:13:13.8815461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5fb5aef8-1081-4b8e-bb16-9d5d0385bab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Automation Operators are able to start, stop, suspend, and resume jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read\",\n \"Microsoft.Automation/automationAccounts/jobs/read\",\n \"Microsoft.Automation/automationAccounts/jobs/resume/action\",\n \"Microsoft.Automation/automationAccounts/jobs/stop/action\",\n \"Microsoft.Automation/automationAccounts/jobs/streams/read\",\n \"Microsoft.Automation/automationAccounts/jobs/suspend/action\",\n \"Microsoft.Automation/automationAccounts/jobs/write\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/read\",\n \"Microsoft.Automation/automationAccounts/jobSchedules/write\",\n \"Microsoft.Automation/automationAccounts/linkedWorkspace/read\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/schedules/read\",\n \"Microsoft.Automation/automationAccounts/schedules/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Automation/automationAccounts/jobs/output/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-08-18T01:05:03.391613Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.0515408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d3881f73-407a-4167-8283-e981cbba0404\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d3881f73-407a-4167-8283-e981cbba0404\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create and manage an Avere vFXT cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/proximityPlacementGroups/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/disks/*\",\n \"Microsoft.Network/*/read\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/*/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:00:58.9207889Z\",\n \"updatedOn\": \"2021-11-11T20:13:14.2265665Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f8fab4f-1852-4a58-a46a-8eaf358af14a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f8fab4f-1852-4a58-a46a-8eaf358af14a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Avere Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Avere vFXT cluster to manage the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-03-18T20:02:38.3399857Z\",\n \"updatedOn\": \"2021-11-11T20:13:15.1065886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c025889f-8102-4ebf-b32c-fc0c6f0c6bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action\",\n \"Microsoft.ContainerService/managedClusters/accessProfiles/listCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/runcommand/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T21:38:18.5953853Z\",\n \"updatedOn\": \"2022-05-17T01:51:12.0390652Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-15T22:04:53.4037241Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.4351976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4abbcc35-e782-43d8-92c5-2d3f1bd2253f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4abbcc35-e782-43d8-92c5-2d3f1bd2253f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-05T19:47:03.472307Z\",\n \"updatedOn\": \"2021-11-11T20:13:20.9582685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"423170ca-a8f6-4b0f-8487-9e4eb8f49bfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Registration Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Stack registrations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStack/edgeSubscriptions/read\",\n \"Microsoft.AzureStack/registrations/products/*/action\",\n \"Microsoft.AzureStack/registrations/products/read\",\n \"Microsoft.AzureStack/registrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-11-13T23:42:06.2161827Z\",\n \"updatedOn\": \"2021-11-11T20:13:23.295782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f12a6df-dd06-4f3e-bcb1-ce8be600526a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f12a6df-dd06-4f3e-bcb1-ce8be600526a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backups, but can't delete vaults and give access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*\",\n \"Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/*\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/Vaults/usages/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/vaults/operationStatus/read\",\n \"Microsoft.RecoveryServices/vaults/operationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/delete\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/write\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/write\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/locations/checkNameAvailability/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/SuspendBackups/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:12:15.7321344Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2904248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e467623-bb1f-42f4-a55d-6e525e11384b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e467623-bb1f-42f4-a55d-6e525e11384b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to billing data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Billing/*/read\",\n \"Microsoft.Commerce/*/read\",\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T02:13:38.9054151Z\",\n \"updatedOn\": \"2021-11-11T20:13:24.5342563Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view backup services, but can't make changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/read\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupconfig/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:18:41.3893065Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.9723749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a795c7a0-d4a2-40c1-ae25-d81f01202912\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a795c7a0-d4a2-40c1-ae25-d81f01202912\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blockchain Member Node Access (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Blockchain Member nodes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T10:33:01.9604839Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.055892Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31a002a1-acaf-453e-8a5b-297c9ca1ea24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31a002a1-acaf-453e-8a5b-297c9ca1ea24\"\n },\n {\n \"properties\": {\n \"roleName\": \"BizTalk Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage BizTalk services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BizTalkServices/BizTalk/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:25.2359269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e3c6656-6cfa-4708-81fe-0de47ac73342\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T08:06:49.788929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"426e0c7f-0c7e-4658-b36f-ff54d6c29b45\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-06T16:25:55.5514166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ec156ff8-a8d1-4d15-830c-5b80698ca432\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Cdn/profiles/CheckResourceUsage/action\",\n \"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f96442b-4075-438f-813d-ad51ab4019af\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicNetwork/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.4433301Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b34d265f-36f7-4a0d-a4d4-e158ca92e90f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic storage accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.6183566Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86e8f5dc-a6e9-4c67-9d15-de283e8eac25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86e8f5dc-a6e9-4c67-9d15-de283e8eac25\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicStorage/storageAccounts/listkeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:22:52.14611Z\",\n \"updatedOn\": \"2021-11-11T20:13:26.9796021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/985d6b00-f706-48f5-a6fe-d0ca12fb668d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"985d6b00-f706-48f5-a6fe-d0ca12fb668d\"\n },\n {\n \"properties\": {\n \"roleName\": \"ClearDB MySQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage ClearDB MySQL databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"successbricks.cleardb/databases/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.1646373Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9106cda0-8a86-4e81-b686-29a22c54effe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9106cda0-8a86-4e81-b686-29a22c54effe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Classic Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/domainNames/*\",\n \"Microsoft.ClassicCompute/virtualMachines/*\",\n \"Microsoft.ClassicNetwork/networkSecurityGroups/join/action\",\n \"Microsoft.ClassicNetwork/reservedIps/link/action\",\n \"Microsoft.ClassicNetwork/reservedIps/read\",\n \"Microsoft.ClassicNetwork/virtualNetworks/join/action\",\n \"Microsoft.ClassicNetwork/virtualNetworks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/disks/read\",\n \"Microsoft.ClassicStorage/storageAccounts/images/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-04-25T00:37:56.5416086Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.3446332Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d73bb868-a0df-4d4d-bd69-98a00b01fccb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d73bb868-a0df-4d4d-bd69-98a00b01fccb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and list keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:23:43.7701274Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.5316443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a97b65f3-24c7-4388-baec-2e87135dc908\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read Cognitive Services data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-13T20:02:12.6849986Z\",\n \"updatedOn\": \"2024-10-10T18:41:31.3351912Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b59867f0-fa02-499b-be73-45a86b5b3e1c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create, read, update, delete and manage keys of Cognitive Services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-08T23:18:39.2257848Z\",\n \"updatedOn\": \"2021-11-11T20:13:27.911623Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosBackupOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can submit restore request for a Cosmos DB database or a container for an account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/databaseAccounts/backup/action\",\n \"Microsoft.DocumentDB/databaseAccounts/restore/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-07T19:47:14.965156Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.4333692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7b14f2-5adf-42da-9f96-f2ee17bab5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7b14f2-5adf-42da-9f96-f2ee17bab5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [\n \"Microsoft.Authorization/*/Delete\",\n \"Microsoft.Authorization/*/Write\",\n \"Microsoft.Authorization/elevateAccess/Action\",\n \"Microsoft.Blueprint/blueprintAssignments/write\",\n \"Microsoft.Blueprint/blueprintAssignments/delete\",\n \"Microsoft.Compute/galleries/share/action\",\n \"Microsoft.Purview/consents/write\",\n \"Microsoft.Purview/consents/delete\",\n \"Microsoft.Resources/deploymentStacks/manageDenySetting/action\",\n \"Microsoft.Subscription/cancel/action\",\n \"Microsoft.Subscription/enable/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2024-11-19T20:03:30.321264Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b24988ac-6180-42a0-ab88-20f7382dd24c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Account Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read Azure Cosmos DB Accounts data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDB/*/read\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlykeys/action\",\n \"Microsoft.Insights/MetricDefinitions/read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-10-30T17:53:54.6005577Z\",\n \"updatedOn\": \"2021-11-11T20:13:28.7911765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbdf93bf-df7d-467e-a4d2-9458aa1360c8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbdf93bf-df7d-467e-a4d2-9458aa1360c8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view costs and manage cost configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*\",\n \"Microsoft.CostManagement/*\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.4851851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434105ed-43f6-45c7-a02f-909b2ba83430\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434105ed-43f6-45c7-a02f-909b2ba83430\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cost Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view cost data and configuration (e.g. budgets, exports)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Consumption/*/read\",\n \"Microsoft.CostManagement/*/read\",\n \"Microsoft.Billing/billingPeriods/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Billing/billingProperty/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-14T16:09:22.8834827Z\",\n \"updatedOn\": \"2021-11-11T20:13:29.66018Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/72fafb9e-0641-4937-9268-a91bfd8191a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"72fafb9e-0641-4937-9268-a91bfd8191a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage everything under Data Box Service except giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Databox/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:28:42.714021Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.3737856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/add466c9-e687-43fc-8d98-dfcf8d720be5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"add466c9-e687-43fc-8d98-dfcf8d720be5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Box Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Data Box Service except creating order or editing order details and giving access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Databox/*/read\",\n \"Microsoft.Databox/jobs/listsecrets/action\",\n \"Microsoft.Databox/jobs/listcredentials/action\",\n \"Microsoft.Databox/locations/availableSkus/action\",\n \"Microsoft.Databox/locations/validateInputs/action\",\n \"Microsoft.Databox/locations/regionConfiguration/action\",\n \"Microsoft.Databox/locations/validateAddress/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T08:26:21.9284772Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.5546117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Factory Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage data factories, as well as child resources within them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DataFactory/dataFactories/*\",\n \"Microsoft.DataFactory/factories/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.EventGrid/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:30.7420174Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"673868aa-7521-48a0-acc6-0f60742d39f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Purger\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can purge analytics data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/components/*/read\",\n \"Microsoft.Insights/components/purge/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/purge/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-04-30T22:39:49.61677Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.2788395Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"150f5e0c-0603-4f03-8c7f-cf70034c4e90\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Lake Analytics Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.BigAnalytics/accounts/*\",\n \"Microsoft.DataLakeAnalytics/accounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.BigAnalytics/accounts/Delete\",\n \"Microsoft.BigAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.BigAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/TakeOwnership/action\",\n \"Microsoft.DataLakeAnalytics/accounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/storageAccounts/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/firewallRules/Delete\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Write\",\n \"Microsoft.DataLakeAnalytics/accounts/computePolicies/Delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-20T00:33:29.3115234Z\",\n \"updatedOn\": \"2021-11-11T20:13:31.4688491Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47b7735b-770e-4598-a7da-8b91488b4c88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47b7735b-770e-4598-a7da-8b91488b4c88\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevTest Labs User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.DevTestLab/*/read\",\n \"Microsoft.DevTestLab/labs/claimAnyVm/action\",\n \"Microsoft.DevTestLab/labs/createEnvironment/action\",\n \"Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action\",\n \"Microsoft.DevTestLab/labs/formulas/delete\",\n \"Microsoft.DevTestLab/labs/formulas/read\",\n \"Microsoft.DevTestLab/labs/formulas/write\",\n \"Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/claim/action\",\n \"Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action\",\n \"Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkInterfaces/*/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/publicIPAddresses/*/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/virtualMachines/vmSizes/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-08T21:52:45.0657582Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.1746507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76283e04-6283-4c54-8f91-bcf1374a3c64\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76283e04-6283-4c54-8f91-bcf1374a3c64\"\n },\n {\n \"properties\": {\n \"roleName\": \"DocumentDB Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DocumentDB accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.3496502Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bd9cd88-fe45-4216-938b-f97437e15450\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bd9cd88-fe45-4216-938b-f97437e15450\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/dnsZones/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:32.5233957Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"befefa01-2a29-4197-83a8-272ff33ce314\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid event subscription operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/*\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-08T23:27:28.3130743Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.4166738Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"428e0ff0-5e57-4d9c-a221-2c70d0e0a443\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid EventSubscription Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read EventGrid event subscriptions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-10-09T17:29:28.1417894Z\",\n \"updatedOn\": \"2021-11-11T20:13:33.7846748Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2414bbcf-6497-4faf-8c65-045460748405\"\n },\n {\n \"properties\": {\n \"roleName\": \"Graph Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage all aspects of the Enterprise Graph - Ontology, Schema mapping, Conflation and Conversational AI and Ingestions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/conflation/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/sourceschema/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/intentclassification/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ingestion/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/read\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/ontology/write\",\n \"Microsoft.EnterpriseKnowledgeGraph/services/delete\",\n \"Microsoft.EnterpriseKnowledgeGraph/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:07:22.5844236Z\",\n \"updatedOn\": \"2021-11-11T20:13:34.6707886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b60367af-1334-4454-b71e-769d9a4f83d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b60367af-1334-4454-b71e-769d9a4f83d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AAD/*/read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.AAD/domainServices/oucontainer/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-12T22:42:51.7451109Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.3921342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d8d5a11-05d3-4bda-a417-a08778121c7c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Intelligent Systems Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Intelligent Systems accounts, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.IntelligentSystems/accounts/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:35.9371582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"03a6d094-3444-4b3d-88af-7477090a9e5e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage key vaults, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/hsmPools/*\",\n \"Microsoft.KeyVault/managedHsms/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-02-25T17:08:28.5184971Z\",\n \"updatedOn\": \"2021-11-11T20:13:36.1170988Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f25e0fa2-a7c8-4377-a976-54943a77a395\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f25e0fa2-a7c8-4377-a976-54943a77a395\"\n },\n {\n \"properties\": {\n \"roleName\": \"Knowledge Consumer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Knowledge Read permission to consume Enterprise Graph Knowledge using entity search and graph query\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EnterpriseKnowledgeGraph/services/knowledge/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-02-23T21:23:31.4037552Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.0021342Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ee361c5d-f7b5-4119-b4b6-892157c8f64c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ee361c5d-f7b5-4119-b4b6-892157c8f64c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Creator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create new labs under your Azure Lab Accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.LabServices/labAccounts/*/read\",\n \"Microsoft.LabServices/labAccounts/createLab/action\",\n \"Microsoft.LabServices/labAccounts/getPricingAndAvailability/action\",\n \"Microsoft.LabServices/labAccounts/getRestrictionsAndUsage/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-01-18T23:38:58.1036141Z\",\n \"updatedOn\": \"2021-11-11T20:13:37.1821588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b97fb8bc-a8b2-4522-a38b-dd33c7e65ead\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-02T00:20:28.1449012Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c42c96-874c-492b-b04d-ab87d138a893\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/extensions/*\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.Compute/virtualMachines/extensions/*\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/*\",\n \"Microsoft.OperationsManagement/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-25T21:51:45.3174711Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92aaf0da-9dab-42b6-94a3-d43ce8d16293\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, enable and disable logic app.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*/read\",\n \"Microsoft.Insights/metricAlerts/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.Insights/metricDefinitions/*/read\",\n \"Microsoft.Logic/*/read\",\n \"Microsoft.Logic/workflows/disable/action\",\n \"Microsoft.Logic/workflows/enable/action\",\n \"Microsoft.Logic/workflows/validate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*/read\",\n \"Microsoft.Web/connections/*/read\",\n \"Microsoft.Web/customApis/*/read\",\n \"Microsoft.Web/serverFarms/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.0573444Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"515c2055-d9d4-4321-b1b9-bd0c9a0f79fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic App Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage logic app, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicStorage/storageAccounts/listKeys/action\",\n \"Microsoft.ClassicStorage/storageAccounts/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logdefinitions/*\",\n \"Microsoft.Insights/metricDefinitions/*\",\n \"Microsoft.Logic/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/functions/listSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-04-28T21:33:30.4656007Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.2523833Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"87a39d53-fc1b-424a-814c-f7e04687dc9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and perform actions on Managed Application resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/read\",\n \"Microsoft.Solutions/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-07-27T00:59:33.7988813Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.5973763Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7393b34-138c-406f-901b-d8cf2b17e6ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7393b34-138c-406f-901b-d8cf2b17e6ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Publisher Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the publisher to read resources in the managed resource group for Managed Application and request JIT access for additional operations. This role is only used by the Managed Application service to provide access to publishers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Solutions/jitRequests/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-09-06T00:33:58.3651522Z\",\n \"updatedOn\": \"2025-05-01T17:14:44.1844267Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9331d33-8a36-4f8c-b097-4f54124fdb44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9331d33-8a36-4f8c-b097-4f54124fdb44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and Assign User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/*/assign/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:52:04.3924594Z\",\n \"updatedOn\": \"2021-11-11T20:13:38.9523759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1a07417-d97a-45cb-824c-7a7467783830\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1a07417-d97a-45cb-824c-7a7467783830\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/revokeTokens/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-14T19:53:42.8804692Z\",\n \"updatedOn\": \"2024-03-29T00:22:59.7937695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e40ec5ca-96e0-45a2-b4ff-59039f2c2b59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/delete\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/delete\",\n \"Microsoft.Management/managementGroups/subscriptions/write\",\n \"Microsoft.Management/managementGroups/write\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:28:29.0523964Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Management Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Management Group Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Management/managementGroups/subscriptions/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-06-22T00:31:03.4295347Z\",\n \"updatedOn\": \"2022-09-19T15:10:03.437789Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ac63b705-f282-497d-ac71-919bf39d939d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ac63b705-f282-497d-ac71-919bf39d939d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:19:52.4939376Z\",\n \"updatedOn\": \"2025-06-18T13:42:52.3891983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/43d0d8ad-25c7-4714-9337-8ba259a9fe05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"43d0d8ad-25c7-4714-9337-8ba259a9fe05\"\n },\n {\n \"properties\": {\n \"roleName\": \"Network Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage networks, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:44.6328966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d97b98b-1d4f-4787-a291-c67834d212e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"New Relic APM Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"NewRelic.APM/accounts/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.7178576Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d28c62d-5b37-4476-8438-e587778df237\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d28c62d-5b37-4476-8438-e587778df237\"\n },\n {\n \"properties\": {\n \"roleName\": \"Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:45.8978856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e3af657-a8ff-443c-a75c-2fe8c4bcb635\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:47.8628684Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"acdd72a7-3385-48ef-bd42-f606fba81ae7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Redis Cache Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Redis caches, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cache/register/action\",\n \"Microsoft.Cache/redis/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.0528671Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e0f68234-74aa-48ed-b826-c38b57376e17\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reader and Data Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/ListAccountSas/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-03-27T23:20:46.1498906Z\",\n \"updatedOn\": \"2021-11-11T20:13:48.2278951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c12c1c16-33a1-487b-954d-41c89c60f349\"\n },\n {\n \"properties\": {\n \"roleName\": \"Resource Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/policyassignments/*\",\n \"Microsoft.Authorization/policydefinitions/*\",\n \"Microsoft.Authorization/policyexemptions/*\",\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/policysetdefinitions/*\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-08-25T19:08:01.3861639Z\",\n \"updatedOn\": \"2025-03-25T15:25:05.1731507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36243c78-bf99-498c-9df9-86d9f8d28608\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36243c78-bf99-498c-9df9-86d9f8d28608\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduler Job Collections Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Scheduler job collections, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Scheduler/jobcollections/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:49.8429293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"188a0f2f-5c9e-469b-ae67-2aa5ce574b94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Search services, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Search/searchServices/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.0229309Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ca78c08-252a-4471-8644-bb5ff32d4ba0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Manager (Legacy)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is a legacy role. Please use Security Administrator instead\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ClassicCompute/*/read\",\n \"Microsoft.ClassicCompute/virtualMachines/*/write\",\n \"Microsoft.ClassicNetwork/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-22T17:45:15.8986455Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.5729549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e3d13bf0-dd5a-482e-ba6b-9b8433878d10\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e3d13bf0-dd5a-482e-ba6b-9b8433878d10\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Reader Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*/read\",\n \"Microsoft.IoTSecurity/*/read\",\n \"Microsoft.Support/*/read\",\n \"Microsoft.Security/iotDefenderSettings/packageDownloads/action\",\n \"Microsoft.Security/iotDefenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Security/iotSensors/downloadResetPassword/action\",\n \"Microsoft.IoTSecurity/defenderSettings/packageDownloads/action\",\n \"Microsoft.IoTSecurity/defenderSettings/downloadManagerActivation/action\",\n \"Microsoft.Management/managementGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:48:49.0516559Z\",\n \"updatedOn\": \"2021-11-11T20:13:50.7479015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39bc4728-0917-49c7-9d2c-d95423bc2eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39bc4728-0917-49c7-9d2c-d95423bc2eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, but not delete them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:41.1420864Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.28294Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Site Recovery service except vault creation and role assignment\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/*\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/*\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/*\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/*\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/*\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/*\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/*\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/vaults/replicationOperationStatus/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:46:17.4592776Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.4579503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6670b86e-a3f7-4917-ac9b-5d6ab1be4567\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6670b86e-a3f7-4917-ac9b-5d6ab1be4567\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you failover and failback but not perform other Site Recovery management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/locations/allocateStamp/action\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/action\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/*\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/action\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/action\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/*\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:47:50.1341148Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.6263418Z\",\n \"createdBy\": null,\n \"updatedBy\": \"\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494ae006-db33-4328-bf46-533a6560a3ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494ae006-db33-4328-bf46-533a6560a3ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you locate and read properties of spatial anchors in your account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:42.9271004Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.8013467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d51204f-eb77-4b1c-b86a-2ec626c49413\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d51204f-eb77-4b1c-b86a-2ec626c49413\"\n },\n {\n \"properties\": {\n \"roleName\": \"Site Recovery Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Site Recovery status but not perform other management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.RecoveryServices/locations/allocatedStamp/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/refreshContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/vaults/replicationAlertSettings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationEvents/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read\",\n \"Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read\",\n \"Microsoft.RecoveryServices/vaults/replicationJobs/read\",\n \"Microsoft.RecoveryServices/vaults/replicationPolicies/read\",\n \"Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/read\",\n \"Microsoft.RecoveryServices/vaults/replicationVaultSettings/read\",\n \"Microsoft.RecoveryServices/Vaults/storageConfig/read\",\n \"Microsoft.RecoveryServices/Vaults/tokenInfo/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/vaultTokens/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-19T13:35:40.0093634Z\",\n \"updatedOn\": \"2021-11-11T20:13:52.9763366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dbaa88c4-0c30-4179-9fb3-46319faa6149\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dbaa88c4-0c30-4179-9fb3-46319faa6149\"\n },\n {\n \"properties\": {\n \"roleName\": \"Spatial Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage spatial anchors in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/create/action\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/delete\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/query/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read\",\n \"Microsoft.MixedReality/SpatialAnchorsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-21T17:57:43.5489832Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.166325Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/70bbe301-9835-447d-afdd-19eb3167307c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"70bbe301-9835-447d-afdd-19eb3167307c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Managed Instance Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/*\",\n \"Microsoft.Network/routeTables/*\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/locations/instanceFailoverGroups/*\",\n \"Microsoft.Sql/managedInstances/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/*\",\n \"Microsoft.Network/virtualNetworks/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-10T22:57:14.2937983Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.3513507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4939a1f6-9ae0-4e48-a1e0-f2cbe897382d\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL DB Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/databases/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/write\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/action\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:53.5363219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9b7fa17d-e63e-47b0-bb0a-15c516ac86ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Security Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the security-related policies of SQL servers and databases, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/administratorAzureAsyncOperation/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/read\",\n \"Microsoft.Sql/managedInstances/serverConfigurationOptions/write\",\n \"Microsoft.Sql/locations/serverConfigurationOptionAzureAsyncOperation/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/read\",\n \"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings/write\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/read\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/read\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/transparentDataEncryption/*\",\n \"Microsoft.Sql/servers/databases/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/firewallRules/*\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/sqlvulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/*\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*\",\n \"Microsoft.Security/sqlVulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/administrators/read\",\n \"Microsoft.Sql/servers/administrators/read\",\n \"Microsoft.Sql/servers/databases/ledgerDigestUploads/*\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsAzureAsyncOperation/read\",\n \"Microsoft.Sql/locations/ledgerDigestUploadsOperationResults/read\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-16T18:44:40.4607572Z\",\n \"updatedOn\": \"2025-10-01T18:55:10.630521Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"056cd41c-7e88-42e1-933e-88ba6a50c9c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.2363539Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"17d1049b-9a84-46fb-8f53-869881c3d3ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"SQL Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Sql/locations/*/read\",\n \"Microsoft.Sql/servers/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\"\n ],\n \"notActions\": [\n \"Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/managedInstances/securityAlertPolicies/*\",\n \"Microsoft.Sql/managedInstances/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditingSettings/*\",\n \"Microsoft.Sql/servers/databases/auditRecords/read\",\n \"Microsoft.Sql/servers/databases/currentSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/dataMaskingPolicies/*\",\n \"Microsoft.Sql/servers/databases/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/databases/securityMetrics/*\",\n \"Microsoft.Sql/servers/databases/sensitivityLabels/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*\",\n \"Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*\",\n \"Microsoft.Sql/servers/devOpsAuditingSettings/*\",\n \"Microsoft.Sql/servers/extendedAuditingSettings/*\",\n \"Microsoft.Sql/servers/securityAlertPolicies/*\",\n \"Microsoft.Sql/servers/vulnerabilityAssessments/*\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/delete\",\n \"Microsoft.Sql/servers/azureADOnlyAuthentications/write\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/delete\",\n \"Microsoft.Sql/servers/externalPolicyBasedAuthorizations/write\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-04-28T23:10:45.2206234Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Key Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/regeneratekey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-04-13T18:26:11.577057Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.7697481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81a9662b-bebf-436f-a333-f67b29880f12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81a9662b-bebf-436f-a333-f67b29880f12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:54.9397456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba92f5b4-2d11-453d-a403-e96b0029c9fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-12-04T07:02:58.2775257Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.1225062Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7e6dc6d-f1e8-4753-8033-0f276bb0955b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage blob containers and data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.2975076Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a2b9908-6ea1-4ae2-8e65-a410df84e7d1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/write\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.4725469Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/974c5e8b-45b9-4653-ba55-5f855dd0fb88\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"974c5e8b-45b9-4653-ba55-5f855dd0fb88\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Processor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for peek, receive, and delete access to Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\",\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:27:04.8947111Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.6575408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a0f0c08-91a1-4084-bc3d-661d67233fed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a0f0c08-91a1-4084-bc3d-661d67233fed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Message Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for sending of Azure Storage queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-01-28T22:28:34.7459724Z\",\n \"updatedOn\": \"2021-11-11T20:13:55.8325508Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6a89b2d-59bc-44d0-9896-0f6e12d7b80a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage queues and queue messages\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/queues/messages/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-12-21T00:01:24.7972312Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.0178497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19e7f393-937e-4f77-808e-94535e297925\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19e7f393-937e-4f77-808e-94535e297925\"\n },\n {\n \"properties\": {\n \"roleName\": \"Support Request Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create and manage Support requests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-06-22T22:25:37.8053068Z\",\n \"updatedOn\": \"2021-11-11T20:13:56.7444481Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Traffic Manager Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Traffic Manager profiles, but does not let you control who has access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/trafficManagerProfiles/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-10-15T23:33:25.9730842Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.2744497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b10055-b0c7-44c2-b00f-c7b5b3550cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"User Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage user access to Azure resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Authorization/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2021-11-11T20:13:57.7932023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18d7d88d-d35e-4fb5-a5c3-7773c20a72d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/availabilitySets/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/virtualMachines/*\",\n \"Microsoft.Compute/virtualMachineScaleSets/*\",\n \"Microsoft.Compute/cloudServices/*\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/hostgroups/write\",\n \"Microsoft.Compute/hostgroups/hosts/write\",\n \"Microsoft.DevTestLab/schedules/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/applicationGateways/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/loadBalancers/probes/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/locations/*\",\n \"Microsoft.Network/networkInterfaces/*\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.RecoveryServices/locations/*\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/write\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.RecoveryServices/Vaults/write\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SerialConsole/serialPorts/connect/action\",\n \"Microsoft.SqlVirtualMachine/*\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-06-02T00:18:27.3542698Z\",\n \"updatedOn\": \"2025-02-06T01:34:42.8731411Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9980e02c-c2be-4d73-94e8-173b1dc7cf3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web Plan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the web plans for websites, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/hostingEnvironments/Join/Action\",\n \"Microsoft.Insights/autoscalesettings/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-02-02T21:55:09.8806423Z\",\n \"updatedOn\": \"2022-09-05T15:10:54.6819807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Website Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage websites (not web plans), but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/listSitesAssignedToHostName/read\",\n \"Microsoft.Web/register/action\",\n \"Microsoft.Web/serverFarms/join/action\",\n \"Microsoft.Web/serverFarms/read\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2015-05-12T23:10:23.6193952Z\",\n \"updatedOn\": \"2024-08-05T15:09:29.7130534Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de139f84-1756-47ae-9be6-808fbbe84772\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:33:36.7445745Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.2005807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"090c5cfd-751d-490a-894a-3ce6f1109419\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-16T21:34:29.8656362Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.3721538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f526a384-b230-433a-b45c-95f59c4a2dec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Attestation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read write or delete the attestation provider instance\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-19T00:24:09.3354177Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.7271218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf86eb8-f7b4-4cce-96e4-18cddf81d86e\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read and modify HDInsight cluster configurations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/*/read\",\n \"Microsoft.HDInsight/clusters/getGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/updateGatewaySettings/action\",\n \"Microsoft.HDInsight/clusters/configurations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-20T00:03:01.7110732Z\",\n \"updatedOn\": \"2021-11-11T20:13:59.905218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61ed4efc-fab3-44fd-b111-e24485cc132a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cosmos DB Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\"\n ],\n \"notActions\": [\n \"Microsoft.DocumentDB/databaseAccounts/copyJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/dataTransferJobs/*\",\n \"Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/regenerateKey/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listKeys/*\",\n \"Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/write\",\n \"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbRoleDefinitions/delete\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/write\",\n \"Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-26T17:01:17.0169383Z\",\n \"updatedOn\": \"2025-06-06T07:02:41.174245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/230815da-be43-4aae-9cb4-875f7bd000aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"230815da-be43-4aae-9cb4-875f7bd000aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete, and re-onboard Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T21:39:32.3132923Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.2548257Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48b40c6e-82e0-4eb3-90d5-19e40f49b624\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48b40c6e-82e0-4eb3-90d5-19e40f49b624\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard new Hybrid servers to the Hybrid Resource Provider.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-04-29T22:36:28.1873756Z\",\n \"updatedOn\": \"2021-11-11T20:14:00.4308999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d1e5ee4-7c68-4a71-ac8b-0739630a3dfb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/consumergroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:25:21.1056666Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.3225169Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a638d3c7-ab3a-418d-83e6-5f17a39d4fde\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Event Hubs Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to Azure Event Hubs resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/*/eventhubs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:26:12.4673714Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.4925583Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2b629674-e913-4c01-ae53-ef4638d8f975\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for receive access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:01.6343849Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.6629685Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Service Bus Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Service Bus resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceBus/*/queues/read\",\n \"Microsoft.ServiceBus/*/topics/read\",\n \"Microsoft.ServiceBus/*/topics/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceBus/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-05-10T06:43:46.7046934Z\",\n \"updatedOn\": \"2021-11-11T20:14:01.8479199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a216fc-b8fb-44d8-bc22-1f3c2cd27a39\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure File Share over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:19:31.8620471Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.3642909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aba4ae5f-2193-4029-9191-0cb91df5e314\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aba4ae5f-2193-4029-9191-0cb91df5e314\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-01T20:54:35.483431Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.5443323Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Private DNS Zone Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage private DNS zone resources, but not the virtual networks they are linked to.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/privateDnsZones/*\",\n \"Microsoft.Network/privateDnsOperationResults/*\",\n \"Microsoft.Network/privateDnsOperationStatuses/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-10T19:31:15.5645518Z\",\n \"updatedOn\": \"2021-11-11T20:14:04.7342851Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b12aa53e-6015-4669-85d0-8515ebb3ae7f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Blob Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key which can be used to sign SAS tokens\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-07-23T00:51:16.3376761Z\",\n \"updatedOn\": \"2021-11-11T20:14:05.4321714Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db58b8e5-c6ad-4a2a-8342-4190687cbf4a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db58b8e5-c6ad-4a2a-8342-4190687cbf4a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to use the applications in an application group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DesktopVirtualization/applicationGroups/useApplications/action\",\n \"Microsoft.DesktopVirtualization/appAttachPackages/useApplications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T00:29:03.8727621Z\",\n \"updatedOn\": \"2023-06-15T23:55:51.3849931Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Share Elevated Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-07T01:35:36.9935457Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.1571744Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7264617-510b-434b-a828-9731dc254ea7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7264617-510b-434b-a828-9731dc254ea7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage blueprint definitions, but not assign them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprints/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:55:16.9683949Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.5171828Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41077137-e803-4205-871c-5a86e6a753b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41077137-e803-4205-871c-5a86e6a753b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Blueprint Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can assign existing published blueprints, but cannot create new blueprints. NOTE: this only works if the assignment is done with a user-assigned managed identity.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Blueprint/blueprintAssignments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-14T21:56:48.7897875Z\",\n \"updatedOn\": \"2021-11-11T20:14:06.6971401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/437d2ced-4a38-4302-8479-ed2bcb43d090\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"437d2ced-4a38-4302-8479-ed2bcb43d090\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:39:03.8725173Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ab8e14d6-4a74-4a29-9ba8-549422addade\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ab8e14d6-4a74-4a29-9ba8-549422addade\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Responder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:54:07.6467264Z\",\n \"updatedOn\": \"2024-04-03T15:49:45.0145489Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e150937-b8fe-4cfb-8069-0eaf05ecd056\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e150937-b8fe-4cfb-8069-0eaf05ecd056\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/myworkbooks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/templateSpecs/*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T16:58:50.1132117Z\",\n \"updatedOn\": \"2022-08-01T18:55:21.5434692Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d289c81-5878-46d4-8554-54e1e3d8b5cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d289c81-5878-46d4-8554-54e1e3d8b5cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Insights Data Writer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to resource policies and write access to resource component policy events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyassignments/read\",\n \"Microsoft.Authorization/policydefinitions/read\",\n \"Microsoft.Authorization/policyexemptions/read\",\n \"Microsoft.Authorization/policysetdefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.PolicyInsights/checkDataPolicyCompliance/action\",\n \"Microsoft.PolicyInsights/policyEvents/logDataEvents/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-19T19:35:20.9504127Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.4235132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66bb4e9e-b016-4a94-8249-4c0511c2be84\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66bb4e9e-b016-4a94-8249-4c0511c2be84\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR AccessKey Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read SignalR Service Access Keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*/read\",\n \"Microsoft.SignalRService/SignalR/listkeys/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:33:19.6236874Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.613486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04165923-9d83-45d5-8227-78b77b0a687e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04165923-9d83-45d5-8227-78b77b0a687e\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR/Web PubSub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete SignalR service resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SignalRService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-09-20T09:58:09.0009662Z\",\n \"updatedOn\": \"2021-11-11T20:14:09.7884765Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/write\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/delete\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.HybridCompute/machines/addExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:15:07.137287Z\",\n \"updatedOn\": \"2025-04-24T23:16:22.0803758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b64e21ea-ac4e-4cdf-9dc9-5b892992bee7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Services Registration assignment Delete Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedServices/registrationAssignments/read\",\n \"Microsoft.ManagedServices/registrationAssignments/delete\",\n \"Microsoft.ManagedServices/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T22:33:33.1183469Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.23364Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91c1777a-f3dc-4fae-b103-61d183457e46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91c1777a-f3dc-4fae-b103-61d183457e46\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\",\n \"Microsoft.AppConfiguration/configurationStores/*/write\",\n \"Microsoft.AppConfiguration/configurationStores/*/delete\",\n \"Microsoft.AppConfiguration/configurationStores/*/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/useSasAuth/action\"\n ]\n }\n ],\n \"createdOn\": \"2019-10-25T18:41:40.1185063Z\",\n \"updatedOn\": \"2024-10-25T19:38:13.5062377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to App Configuration data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppConfiguration/configurationStores/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-25T18:45:33.7975332Z\",\n \"updatedOn\": \"2021-11-11T20:14:11.5885341Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"516239f1-63e1-4d78-a4de-a74fb236a071\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Cluster - Azure Arc Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role definition to authorize any user/service to create connectedClusters resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-11-18T17:00:02.2087147Z\",\n \"updatedOn\": \"2024-10-31T01:30:51.0732973Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34e09817-6cbe-4d01-b1a2-e0eac5743d41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34e09817-6cbe-4d01-b1a2-e0eac5743d41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-13T00:08:08.6679591Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.6454147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a22b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a22b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you read and test a KB only.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:26:12.3329439Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.8254033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"466ccd10-b268-4a11-b098-b4849f024126\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services QnA Maker Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let’s you create, edit, import and export a KB. You cannot publish or delete a KB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-17T18:27:30.6434556Z\",\n \"updatedOn\": \"2021-11-11T20:14:14.9961559Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4cc2bf9-21be-47a1-bdf1-5c5804381025\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experimentadmin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/experiment/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/emergencystop/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/write\",\n \"Microsoft.Experimentation/experimentWorkspaces/delete\",\n \"Microsoft.Experimentation/experimentWorkspaces/admin/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-12-18T22:46:33.1116612Z\",\n \"updatedOn\": \"2021-11-11T20:14:15.1811577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f646f1b-fa08-80eb-a33b-edd6ce5c915c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f646f1b-fa08-80eb-a33b-edd6ce5c915c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/convert/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:15:31.3450348Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.7621737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3df8b902-2a6f-47c7-8cc5-360e9b272a7e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3df8b902-2a6f-47c7-8cc5-360e9b272a7e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Remote Rendering Client\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/render/read\",\n \"Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-01-23T18:32:52.7069824Z\",\n \"updatedOn\": \"2021-11-11T20:14:16.9421512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d39065c4-c120-43c9-ab0a-63eed9795f0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d39065c4-c120-43c9-ab0a-63eed9795f0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Application Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating managed application resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.Solutions/applications/*\",\n \"Microsoft.Solutions/register/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-08T03:39:11.8933879Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.1271536Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/641177b8-a67a-45b9-a033-47bc880bb21e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"641177b8-a67a-45b9-a033-47bc880bb21e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Assessment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you push assessments to Security Center\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-13T08:23:47.7656161Z\",\n \"updatedOn\": \"2021-11-11T20:14:19.3021974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/612c2aa1-cb24-443b-ac28-3ab7272de6f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"612c2aa1-cb24-443b-ac28-3ab7272de6f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tag Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage tags on entities, without providing access to the entities themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/tags/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-18T23:19:19.2977644Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.0172041Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a9ae827-6dc8-4573-8ac7-8239d42aa03f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a9ae827-6dc8-4573-8ac7-8239d42aa03f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows developers to create and update workflows, integration accounts and API connections in integration service environments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/read\",\n \"Microsoft.Logic/integrationServiceEnvironments/*/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:09:00.5627875Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.1871986Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7aa55d3-1abb-444a-a5ca-5e51e485d6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Integration Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage integration service environments, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Logic/integrationServiceEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-20T21:10:44.4008319Z\",\n \"updatedOn\": \"2021-11-11T20:14:20.3622058Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a41e2c5b-bd99-4a07-88f4-9bf657a760b8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerService/locations/*\",\n \"Microsoft.ContainerService/managedClusters/*\",\n \"Microsoft.ContainerService/managedclustersnapshots/*\",\n \"Microsoft.ContainerService/snapshots/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/deploymentSafeguards/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-02-27T19:27:15.073997Z\",\n \"updatedOn\": \"2025-07-22T15:11:45.9409312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only role for Digital Twins data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/read\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/read\",\n \"Microsoft.DigitalTwins/eventroutes/read\",\n \"Microsoft.DigitalTwins/jobs/import/read\",\n \"Microsoft.DigitalTwins/jobs/imports/read\",\n \"Microsoft.DigitalTwins/jobs/deletions/read\",\n \"Microsoft.DigitalTwins/models/read\",\n \"Microsoft.DigitalTwins/query/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:48:14.7057381Z\",\n \"updatedOn\": \"2024-01-10T19:29:11.1291888Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d57506d4-4c8d-48b1-8587-93c323f6a5a3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d57506d4-4c8d-48b1-8587-93c323f6a5a3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Digital Twins Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access role for Digital Twins data-plane\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DigitalTwins/digitaltwins/*\",\n \"Microsoft.DigitalTwins/digitaltwins/commands/*\",\n \"Microsoft.DigitalTwins/digitaltwins/relationships/*\",\n \"Microsoft.DigitalTwins/eventroutes/*\",\n \"Microsoft.DigitalTwins/jobs/*\",\n \"Microsoft.DigitalTwins/models/*\",\n \"Microsoft.DigitalTwins/query/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-10T23:49:33.782193Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcd981a7-7f74-457b-83e1-cceb9e632ffe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hierarchy Settings Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to edit and delete Hierarchy Settings\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Management/managementGroups/settings/write\",\n \"Microsoft.Management/managementGroups/settings/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-13T23:55:11.0212387Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.0882347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/350f8d15-c687-4448-8ae1-157740a3936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"350f8d15-c687-4448-8ae1-157740a3936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal full access to FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/*\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-03-17T18:35:04.4949547Z\",\n \"updatedOn\": \"2023-08-18T22:59:42.5066274Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a1fc7df-4bf1-4951-a576-89034ee01acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and export FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:45:01.9764073Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.7992557Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3db33094-8700-4567-8da5-1501d4e7e843\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:49:04.8353499Z\",\n \"updatedOn\": \"2021-11-11T20:14:23.9692275Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c8d0bbc-75d3-4935-991f-5f3c56d81508\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and write FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-17T18:55:35.2413335Z\",\n \"updatedOn\": \"2023-07-25T15:17:34.7618105Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f88fce4-5892-4214-ae73-ba5294559913\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-03-25T18:05:14.8375678Z\",\n \"updatedOn\": \"2021-11-11T20:14:24.504239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49632ef5-d9ac-41f4-b8e7-bbe587fa74a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for Azure Object Understanding.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-04-22T19:15:09.0697923Z\",\n \"updatedOn\": \"2021-11-11T20:14:26.8743132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dd61c23-6743-42fe-a388-d8bdd41cb745\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dd61c23-6743-42fe-a388-d8bdd41cb745\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read, write, and delete access to map related data from an Azure maps account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/*/read\",\n \"Microsoft.Maps/accounts/*/write\",\n \"Microsoft.Maps/accounts/*/delete\",\n \"Microsoft.Maps/accounts/*/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-07T20:55:05.064541Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.3092598Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the ability to view, create, edit, or delete projects.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-08T23:47:07.0779345Z\",\n \"updatedOn\": \"2021-11-11T20:14:28.8342655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1ff6cc2-c111-46fe-8896-e0ef812ad9f3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Publish, unpublish or export models. Deployment can view the project but can’t update.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/classify/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/detect/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:31:05.952862Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.0142669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c4089e1-6d96-4d2f-b296-c1bc7137275f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can’t update anything other than training images and tags.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:33:20.8278896Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.1892871Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88424f51-ebe7-446f-bc41-7fa16989e96c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only actions in the project. Readers can’t create or update the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:34:18.5328818Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.3642707Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"93586559-c37d-4a6b-ba08-b9f0940c2d73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Custom Vision Trainer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can’t create or delete the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read\"\n ]\n }\n ],\n \"createdOn\": \"2020-05-09T01:35:13.8147804Z\",\n \"updatedOn\": \"2021-11-11T20:14:29.5442713Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a5ae4ab-0d65-4eeb-be61-29fc9b54394b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. Cannot manage key vault resources or manage role assignments. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:46.2349235Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.2542755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00482a5a-887f-4fb3-b363-3b7fe8e74483\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00482a5a-887f-4fb3-b363-3b7fe8e74483\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform cryptographic operations using keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/update/action\",\n \"Microsoft.KeyVault/vaults/keys/backup/action\",\n \"Microsoft.KeyVault/vaults/keys/encrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/decrypt/action\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\",\n \"Microsoft.KeyVault/vaults/keys/sign/action\",\n \"Microsoft.KeyVault/vaults/keys/verify/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0699268Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.6042921Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12338af0-0e69-4776-bea7-57ae8d297424\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12338af0-0e69-4776-bea7-57ae8d297424\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the secrets of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.1449242Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.779347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b86a8fe4-44ce-4948-aee5-eccb2c155cd7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b86a8fe4-44ce-4948-aee5-eccb2c155cd7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Secrets User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read secret contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2049241Z\",\n \"updatedOn\": \"2021-11-11T20:14:30.9542829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4633458b-17de-408a-b874-0445c86b69e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4633458b-17de-408a-b874-0445c86b69e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificates Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the certificates of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificatecas/*\",\n \"Microsoft.KeyVault/vaults/certificates/*\",\n \"Microsoft.KeyVault/vaults/certificatecontacts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2499247Z\",\n \"updatedOn\": \"2023-06-09T18:51:51.8587772Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4417e6f-fecd-4de8-b567-7b0420556985\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4417e6f-fecd-4de8-b567-7b0420556985\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of key vaults and its certificates, keys, and secrets. Cannot read sensitive values such as secret contents or key material. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.2949294Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.3043292Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21090545-7ca7-4776-b22c-e363652d74d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21090545-7ca7-4776-b22c-e363652d74d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Encryption User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/read\",\n \"Microsoft.KeyVault/vaults/keys/wrap/action\",\n \"Microsoft.KeyVault/vaults/keys/unwrap/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-20T20:55:19.239847Z\",\n \"updatedOn\": \"2021-11-11T20:14:31.8443056Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e147488a-f6f5-4113-8e2d-b22465e65bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e147488a-f6f5-4113-8e2d-b22465e65bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources in cluster/namespace, except secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/read\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/read\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/read\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/read\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/read\",\n \"Microsoft.Kubernetes/connectedClusters/pods/read\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/read\",\n \"Microsoft.Kubernetes/connectedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:51:12.8801199Z\",\n \"updatedOn\": \"2021-11-11T20:14:33.8193353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63f0a09d-1495-4db4-a681-037d84835eb4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63f0a09d-1495-4db4-a681-037d84835eb4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:53:50.6749823Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.0043462Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b999177-9696-4545-85c7-50de3797e5a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b999177-9696-4545-85c7-50de3797e5a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:55:30.9910462Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.1743694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8393591c-06b9-48a2-a542-1bd6b377f6a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8393591c-06b9-48a2-a542-1bd6b377f6a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Kubernetes Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read\",\n \"Microsoft.Kubernetes/connectedClusters/apps/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/apps/statefulsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/cronjobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/batch/jobs/*\",\n \"Microsoft.Kubernetes/connectedClusters/configmaps/*\",\n \"Microsoft.Kubernetes/connectedClusters/endpoints/*\",\n \"Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/events/read\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/deployments/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/extensions/replicasets/*\",\n \"Microsoft.Kubernetes/connectedClusters/limitranges/read\",\n \"Microsoft.Kubernetes/connectedClusters/namespaces/read\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/*\",\n \"Microsoft.Kubernetes/connectedClusters/pods/*\",\n \"Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/replicationcontrollers/*\",\n \"Microsoft.Kubernetes/connectedClusters/resourcequotas/read\",\n \"Microsoft.Kubernetes/connectedClusters/secrets/*\",\n \"Microsoft.Kubernetes/connectedClusters/serviceaccounts/*\",\n \"Microsoft.Kubernetes/connectedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-06-12T20:57:06.0391177Z\",\n \"updatedOn\": \"2021-11-11T20:14:34.3593384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dffb1e0c-446f-4dde-a09f-99eb5cc68b96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dffb1e0c-446f-4dde-a09f-99eb5cc68b96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources in the cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:47:24.4071415Z\",\n \"updatedOn\": \"2022-10-13T01:31:35.5535817Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.ContainerService/managedClusters/resourcequotas/write\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/delete\",\n \"Microsoft.ContainerService/managedClusters/namespaces/write\",\n \"Microsoft.ContainerService/managedClusters/namespaces/delete\"\n ]\n }\n ],\n \"createdOn\": \"2020-07-02T17:50:30.4020311Z\",\n \"updatedOn\": \"2023-05-09T19:55:25.9025082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3498e952-d568-435e-9b2c-8d77e338d7f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3498e952-d568-435e-9b2c-8d77e338d7f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/read\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/read\",\n \"Microsoft.ContainerService/managedClusters/configmaps/read\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/endpoints/read\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/read\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/managedClusters/pods/read\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/read\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/read\",\n \"Microsoft.ContainerService/managedClusters/services/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:53:05.5728294Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.286456Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7f6c6a51-bcf8-42ba-9220-52d62157d7db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7f6c6a51-bcf8-42ba-9220-52d62157d7db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/managedClusters/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/managedClusters/apps/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/apps/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/apps/statefulsets/*\",\n \"Microsoft.ContainerService/managedClusters/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/managedClusters/batch/cronjobs/*\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/read\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/write\",\n \"Microsoft.ContainerService/managedClusters/coordination.k8s.io/leases/delete\",\n \"Microsoft.ContainerService/managedClusters/discovery.k8s.io/endpointslices/read\",\n \"Microsoft.ContainerService/managedClusters/batch/jobs/*\",\n \"Microsoft.ContainerService/managedClusters/configmaps/*\",\n \"Microsoft.ContainerService/managedClusters/endpoints/*\",\n \"Microsoft.ContainerService/managedClusters/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/managedClusters/events/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/deployments/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/extensions/replicasets/*\",\n \"Microsoft.ContainerService/managedClusters/limitranges/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/pods/read\",\n \"Microsoft.ContainerService/managedClusters/metrics.k8s.io/nodes/read\",\n \"Microsoft.ContainerService/managedClusters/namespaces/read\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/managedClusters/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/managedClusters/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/managedClusters/pods/*\",\n \"Microsoft.ContainerService/managedClusters/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/managedClusters/replicationcontrollers/*\",\n \"Microsoft.ContainerService/managedClusters/resourcequotas/read\",\n \"Microsoft.ContainerService/managedClusters/secrets/*\",\n \"Microsoft.ContainerService/managedClusters/serviceaccounts/*\",\n \"Microsoft.ContainerService/managedClusters/services/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-02T17:54:51.9644983Z\",\n \"updatedOn\": \"2023-04-24T15:06:51.2854555Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Services Hub Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.ServicesHub/connectors/write\",\n \"Microsoft.ServicesHub/connectors/read\",\n \"Microsoft.ServicesHub/connectors/delete\",\n \"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action\",\n \"Microsoft.ServicesHub/supportOfferingEntitlement/read\",\n \"Microsoft.ServicesHub/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-20T17:57:22.0644902Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.5544021Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"82200a5b-e217-47a5-b665-6d8765ee745b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Understanding Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object understanding account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectUnderstandingAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-23T19:16:31.9929119Z\",\n \"updatedOn\": \"2021-11-11T20:14:37.9070085Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18777c0-1514-4662-8490-608db7d334b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18777c0-1514-4662-8490-608db7d334b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/clientToken/action\",\n \"Microsoft.SignalRService/SignalR/hub/*\",\n \"Microsoft.SignalRService/SignalR/group/*\",\n \"Microsoft.SignalRService/SignalR/clientConnection/*\",\n \"Microsoft.SignalRService/SignalR/user/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T09:35:32.2764751Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd53cd77-2268-407a-8f46-7e7863d0f521\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd53cd77-2268-407a-8f46-7e7863d0f521\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage data packages of a collaborative.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/*/read\",\n \"Microsoft.IndustryDataLifecycle/locations/dataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/receivedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/rejectDataPackage/action\",\n \"Microsoft.IndustryDataLifecycle/memberCollaboratives/sharedDataPackages/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/dataModels/*\",\n \"Microsoft.IndustryDataLifecycle/custodianCollaboratives/auditLogs/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-14T11:58:31.8973556Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.2428145Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/daa9e50b-21df-454c-94a6-a8050adab352\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"daa9e50b-21df-454c-94a6-a8050adab352\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management and content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:40:19.237361Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.7922672Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management and content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:56:22.352051Z\",\n \"updatedOn\": \"2021-11-11T20:14:40.9672678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/02ca0879-e8e4-47a5-a61e-5c618b76e64a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"02ca0879-e8e4-47a5-a61e-5c618b76e64a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to content operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:58:18.42555Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.1433368Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0378884a-3af5-44ab-8323-f5b22f9f3c98\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0378884a-3af5-44ab-8323-f5b22f9f3c98\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Content Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to content operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:02:43.3299181Z\",\n \"updatedOn\": \"2021-11-11T20:14:41.6754856Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1ee9a80-8b14-47f0-bdc2-f4a351625a7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to the project, including the system level configuration.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-10T07:46:47.5804491Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.6930781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cb43c632-a144-4ec5-977c-e80c4affc34a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Metrics Advisor User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-10T07:47:59.6195639Z\",\n \"updatedOn\": \"2021-11-11T20:14:43.8780761Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b20f47b-3825-43cb-8114-4bd2201156a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and list Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:31:38.027274Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c56ea50-c6b3-40a6-83c0-9d98858bc7d2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Schema Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Schema Registry groups and schemas.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EventHub/namespaces/schemagroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventHub/namespaces/schemas/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-13T06:48:26.6032931Z\",\n \"updatedOn\": \"2025-05-02T00:02:19.4953663Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5dffeca3-4936-4216-b2bc-10343a5abb25\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/list/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/search/action\",\n \"Microsoft.AgFoodPlatform/*/download/action\",\n \"Microsoft.AgFoodPlatform/*/overlap/action\",\n \"Microsoft.AgFoodPlatform/*/checkConsent/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:08.913882Z\",\n \"updatedOn\": \"2022-12-13T16:08:52.9655626Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ec7ccdc-f61e-41fe-9aaf-980df0a44eba\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*/action\",\n \"Microsoft.AgFoodPlatform/*/read\",\n \"Microsoft.AgFoodPlatform/*/write\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/farmers/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.7239169Z\",\n \"updatedOn\": \"2023-12-01T07:52:03.4961232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8508508a-4469-4e45-963b-2518ee0bb728\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Service Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides admin access to AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-14T10:21:09.8039209Z\",\n \"updatedOn\": \"2021-11-11T20:14:45.3613128Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f8da80de-1ff9-4747-ad80-a19b7f6079e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed HSM contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage managed HSM pools, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/managedHSMs/*\",\n \"Microsoft.KeyVault/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/read\",\n \"Microsoft.KeyVault/locations/deletedManagedHsms/purge/action\",\n \"Microsoft.KeyVault/locations/managedHsmOperationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-09-16T21:47:01.1291104Z\",\n \"updatedOn\": \"2022-03-08T00:35:44.4196909Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18500a29-7fe2-46b2-a342-b16a415e101d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-01T08:55:21.3980274Z\",\n \"updatedOn\": \"2021-11-11T20:14:47.547135Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b555d9b-b4a7-4f43-b330-627f0e5be8f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b555d9b-b4a7-4f43-b330-627f0e5be8f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR REST API Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/group/read\",\n \"Microsoft.SignalRService/SignalR/clientConnection/read\",\n \"Microsoft.SignalRService/SignalR/user/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:19:05.6463616Z\",\n \"updatedOn\": \"2021-11-11T20:14:48.790297Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddde6b66-c0df-4114-a159-3618637b3035\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddde6b66-c0df-4114-a159-3618637b3035\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure SignalR Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-13T09:20:32.150141Z\",\n \"updatedOn\": \"2023-08-23T15:13:25.5658287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e4f1700-ea5a-4f59-8f37-079cfe29dce3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e4f1700-ea5a-4f59-8f37-079cfe29dce3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Reservation Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase reservations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Compute/register/action\",\n \"Microsoft.Consumption/register/action\",\n \"Microsoft.Consumption/reservationRecommendationDetails/read\",\n \"Microsoft.Consumption/reservationRecommendations/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SQL/register/action\",\n \"Microsoft.Support/supporttickets/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-23T20:22:48.9217751Z\",\n \"updatedOn\": \"2022-04-14T02:20:54.5414624Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7b75c60-3036-4b75-91c3-6b41c27c1689\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7b75c60-3036-4b75-91c3-6b41c27c1689\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Metrics Writer (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you write metrics to AzureML workspace\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/metrics/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-10-27T16:55:19.566495Z\",\n \"updatedOn\": \"2021-11-11T20:14:49.8655015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"635dd51f-9968-44d3-b7fb-6d9a6bd613ae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Backup Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform backup and restore operations using Azure Backup on the storage account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/operations/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/delete\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/read\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/write\",\n \"Microsoft.Storage/storageAccounts/objectReplicationPolicies/restorePointMarkers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/restoreBlobRanges/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-02T23:32:50.4203469Z\",\n \"updatedOn\": \"2022-04-20T05:50:13.0184092Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Metric Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creation, writes and reads to the metric set via the metrics service APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/read\",\n \"Microsoft.Experimentation/experimentWorkspaces/experimentationGroups/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/metricwrite/action\",\n \"Microsoft.Experimentation/experimentWorkspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-10T20:07:53.7535885Z\",\n \"updatedOn\": \"2021-11-11T20:14:50.9524177Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6188b7c9-7d01-4f99-a59f-c88b630326c0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6188b7c9-7d01-4f99-a59f-c88b630326c0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Curator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\",\n \"Microsoft.ProjectBabylon/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:31:33.7988825Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.4929515Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9ef4ef9c-a049-46b0-82ab-dd8ac094c889\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9ef4ef9c-a049-46b0-82ab-dd8ac094c889\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:33:13.5342351Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.6729667Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8d896ba-346d-4f50-bc1d-7d1c84130446\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8d896ba-346d-4f50-bc1d-7d1c84130446\"\n },\n {\n \"properties\": {\n \"roleName\": \"Project Babylon Data Source Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProjectBabylon/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProjectBabylon/accounts/scan/read\",\n \"Microsoft.ProjectBabylon/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:34:01.8401954Z\",\n \"updatedOn\": \"2021-11-11T20:14:51.8529643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05b7651b-dc44-475e-b74d-df3db49fae0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05b7651b-dc44-475e-b74d-df3db49fae0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-03T23:26:00.2784962Z\",\n \"updatedOn\": \"2021-11-11T20:14:52.9432015Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca6382a4-1721-4bcf-a114-ff0c70227b6b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca6382a4-1721-4bcf-a114-ff0c70227b6b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:36:19.0140629Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.0407838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49a72310-ab8d-41df-bbb0-79b649203868\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49a72310-ab8d-41df-bbb0-79b649203868\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of Desktop Virtualization.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:37:16.2910337Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.2107872Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/082f0a83-3be5-4ba1-904c-961cca79b387\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"082f0a83-3be5-4ba1-904c-961cca79b387\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/*\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:38:29.6089216Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.3907854Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21efdde3-836f-432b-bf3d-3e8e734d4b2b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21efdde3-836f-432b-bf3d-3e8e734d4b2b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization User Session Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization User Session.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:16.9100273Z\",\n \"updatedOn\": \"2024-10-31T14:20:50.9460757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Session Host Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator of the Desktop Virtualization Session Host.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:39:53.2569741Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.7508042Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ad6aaab-ead9-4eaa-8ac5-da422f562408\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ad6aaab-ead9-4eaa-8ac5-da422f562408\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:33.1430834Z\",\n \"updatedOn\": \"2021-11-11T20:14:54.9257967Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ceadfde2-b300-400a-ab7b-6143895aa822\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ceadfde2-b300-400a-ab7b-6143895aa822\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Host Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Host Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:40:57.2976187Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.1057701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e307426c-f9b6-4e81-87de-d99efb3c32bc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e307426c-f9b6-4e81-87de-d99efb3c32bc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:18.0287398Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.2858006Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aebf23d0-b568-4e86-b8f9-fe83a2c6ab55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Application Group Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor of the Desktop Virtualization Application Group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/applicationgroups/*\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:38.6205531Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.4677136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86240b0e-9422-4c43-887b-b61143f32ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86240b0e-9422-4c43-887b-b61143f32ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader of the Desktop Virtualization Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/workspaces/read\",\n \"Microsoft.DesktopVirtualization/applicationgroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-11T21:41:58.1892707Z\",\n \"updatedOn\": \"2021-11-11T20:14:55.6577168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fa44ee9-7a7d-466b-9bb2-2bf446b1204d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Backup Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T07:39:03.8394514Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.0178737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3e5e47e6-65f7-47ef-90b5-e5dd4d455f24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to perform disk restore.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:31.8481619Z\",\n \"updatedOn\": \"2025-08-21T09:27:36.8531131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b50d9833-a0cb-478e-945f-707fcc997c13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b50d9833-a0cb-478e-945f-707fcc997c13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permission to backup vault to manage disk snapshots.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:18:51.4471411Z\",\n \"updatedOn\": \"2021-11-11T20:14:56.9158814Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7efff54f-a5b4-42b5-a1c5-5411624893ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7efff54f-a5b4-42b5-a1c5-5411624893ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Kubernetes connected cluster role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Kubernetes connected cluster role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.Kubernetes/connectedClusters/write\",\n \"Microsoft.Kubernetes/connectedClusters/delete\",\n \"Microsoft.Kubernetes/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-07T23:57:10.9923232Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.2039838Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5548b2cf-c94c-4228-90ba-30851930a12f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5548b2cf-c94c-4228-90ba-30851930a12f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Submission Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to create and manage submissions to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/delete\",\n \"Microsoft.SecurityDetonation/chambers/submissions/write\",\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/accesskeyview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/adminview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/analystview/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/publicview/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T09:35:36.5739297Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.3939604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a37b566d-3efa-4beb-a2f2-698963fa42ce\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a37b566d-3efa-4beb-a2f2-698963fa42ce\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/platforms/read\",\n \"Microsoft.SecurityDetonation/chambers/platforms/write\",\n \"Microsoft.SecurityDetonation/chambers/platforms/delete\",\n \"Microsoft.SecurityDetonation/chambers/platforms/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/read\",\n \"Microsoft.SecurityDetonation/chambers/workflows/write\",\n \"Microsoft.SecurityDetonation/chambers/workflows/delete\",\n \"Microsoft.SecurityDetonation/chambers/workflows/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/read\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/write\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/delete\",\n \"Microsoft.SecurityDetonation/chambers/toolsets/metadata/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/read\",\n \"Microsoft.SecurityDetonation/chambers/publishRequests/cancel/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-18T11:43:14.0858184Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.5639749Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/352470b3-6a9c-4686-b503-35deb827e500\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"352470b3-6a9c-4686-b503-35deb827e500\"\n },\n {\n \"properties\": {\n \"roleName\": \"Collaborative Runtime Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage resources created by AICS at runtime\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IndustryDataLifecycle/derivedModels/*\",\n \"Microsoft.IndustryDataLifecycle/pipelineSets/*\",\n \"Microsoft.IndustryDataLifecycle/modelMappings/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-19T10:00:27.3464971Z\",\n \"updatedOn\": \"2021-11-11T20:14:58.7442136Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a6f0e70-c033-4fb1-828c-08514e5f4102\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a6f0e70-c033-4fb1-828c-08514e5f4102\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosRestoreOperator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform restore action for Cosmos DB database account with continuous backup mode\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/restore/action\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/*/read\",\n \"Microsoft.DocumentDB/locations/restorableDatabaseAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-21T19:51:35.3884884Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.4892686Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5432c526-bc82-444a-b7ba-57c5b0b5b34f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5432c526-bc82-444a-b7ba-57c5b0b5b34f\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Converter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to convert data from legacy format to FHIR\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/convertData/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-22T19:39:01.1601069Z\",\n \"updatedOn\": \"2021-11-11T20:14:59.8605937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1705bd2-3a8f-45a5-8683-466fcfd5cc24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create quota requests, get quota request status, and create support tickets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/read\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimits/write\",\n \"Microsoft.Capacity/resourceProviders/locations/serviceLimitsRequests/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Quota/usages/read\",\n \"Microsoft.Quota/quotas/read\",\n \"Microsoft.Quota/quotas/write\",\n \"Microsoft.Quota/quotaRequests/read\",\n \"Microsoft.Quota/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-03T00:06:35.8404575Z\",\n \"updatedOn\": \"2022-12-07T21:46:59.0116853Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e5f05e5-9ab9-446b-b98d-1e2157c94125\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e5f05e5-9ab9-446b-b98d-1e2157c94125\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage EventGrid operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-02-08T18:46:18.8999557Z\",\n \"updatedOn\": \"2021-11-11T20:15:01.6867802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e241071-0855-49ea-94dc-649edcd759de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Detonation Chamber Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allowed to query submission info and files from Security Detonation Chamber\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SecurityDetonation/chambers/submissions/read\",\n \"Microsoft.SecurityDetonation/chambers/submissions/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-01T14:06:46.2814905Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.327409Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28241645-39f8-410b-ad48-87863e2951d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28241645-39f8-410b-ad48-87863e2951d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read ingestion jobs for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:20:47.0279813Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.5006082Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4a167cdf-cb95-4554-9203-2347fe489bd9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4a167cdf-cb95-4554-9203-2347fe489bd9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Object Anchors Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides user with ingestion capabilities for an object anchors account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/action\",\n \"Microsoft.MixedReality/ObjectAnchorsAccounts/ingest/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-02T01:42:02.0014737Z\",\n \"updatedOn\": \"2021-11-11T20:15:03.6855873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca0835dd-bacc-42dd-8ed2-ed5e7230d15b\"\n },\n {\n \"properties\": {\n \"roleName\": \"WorkloadBuilder Migration Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"WorkloadBuilder Migration Agent Role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WorkloadBuilder/migrationAgents/Read\",\n \"Microsoft.WorkloadBuilder/migrationAgents/Write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-11T17:07:20.0828003Z\",\n \"updatedOn\": \"2021-11-11T20:15:04.2456706Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d17ce0a2-0697-43bc-aac5-9113337ab61c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d17ce0a2-0697-43bc-aac5-9113337ab61c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-25T11:12:12.678601Z\",\n \"updatedOn\": \"2021-11-11T20:15:05.3368606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5537268-8956-4941-a8f0-646150406f0c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5537268-8956-4941-a8f0-646150406f0c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:49.7826633Z\",\n \"updatedOn\": \"2024-04-12T06:28:35.0285254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0e75ca1e-0464-4b4d-8b93-68208a576181\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Recognizer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/detect/action\",\n \"Microsoft.CognitiveServices/accounts/Face/verify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/identify/action\",\n \"Microsoft.CognitiveServices/accounts/Face/group/action\",\n \"Microsoft.CognitiveServices/accounts/Face/findsimilars/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/action\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/read\",\n \"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-31T01:51:41.3557295Z\",\n \"updatedOn\": \"2023-11-10T00:42:33.8288289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9894cab4-e18a-44aa-828b-cb588cd6f2d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Query Tester\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform query testing without creating a stream analytics job first\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/locations/TestQuery/action\",\n \"Microsoft.StreamAnalytics/locations/OperationResults/read\",\n \"Microsoft.StreamAnalytics/locations/SampleInput/action\",\n \"Microsoft.StreamAnalytics/locations/CompileQuery/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T17:33:24.572787Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.0481551Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf\"\n },\n {\n \"properties\": {\n \"roleName\": \"AnyBuild Builder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AnyBuild/clusters/build/write\",\n \"Microsoft.AnyBuild/clusters/build/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-20T22:07:00.4963853Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.4254134Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2138dac-4907-4679-a376-736901ed8ad8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2138dac-4907-4679-a376-736901ed8ad8\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to IoT Hub data-plane properties\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*/read\",\n \"Microsoft.Devices/IotHubs/fileUpload/notifications/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T18:03:29.8843192Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.6054154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b447c946-2db7-41ec-983d-d8bf3b1c77e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b447c946-2db7-41ec-983d-d8bf3b1c77e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Twin Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to all IoT Hub device and module twins.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/twins/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:10.1136903Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.7855063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/494bdba2-168f-4f31-a0a1-191d2f7c028c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"494bdba2-168f-4f31-a0a1-191d2f7c028c\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub device registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/devices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:36:47.5532704Z\",\n \"updatedOn\": \"2021-11-11T20:15:08.9804295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ea46cd5-c1b2-4a8e-910b-273211f9ce47\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ea46cd5-c1b2-4a8e-910b-273211f9ce47\"\n },\n {\n \"properties\": {\n \"roleName\": \"IoT Hub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to IoT Hub data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/IotHubs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-04-22T20:37:16.9927761Z\",\n \"updatedOn\": \"2021-11-11T20:15:09.1754206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4fc6c259-987e-4a07-842e-c321cc9d413f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4fc6c259-987e-4a07-842e-c321cc9d413f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Test Base Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let you view and download packages and test results.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/testResults/getVideoDownloadUrl/action\",\n \"Microsoft.TestBase/testBaseAccounts/packages/getDownloadUrl/action\",\n \"Microsoft.TestBase/*/read\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/write\",\n \"Microsoft.TestBase/testBaseAccounts/customerEvents/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-05-11T23:41:33.1038367Z\",\n \"updatedOn\": \"2021-11-11T20:15:10.8004347Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/15e0f5a1-3450-4248-8e25-e2afe88a9e85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"15e0f5a1-3450-4248-8e25-e2afe88a9e85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T20:26:13.4850461Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.3604371Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1407120a-92aa-4202-b7e9-c0e197c71c8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Index Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Azure Cognitive Search index data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Search/searchServices/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-01T22:15:16.5388472Z\",\n \"updatedOn\": \"2021-11-11T20:15:11.5504385Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ebe5a00-799e-43f5-93ac-243d3dce84a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:40:54.9150717Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.1005298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76199698-9eea-4c19-bc75-cec21354c6b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76199698-9eea-4c19-bc75-cec21354c6b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write and delete access to Azure Storage tables and entities\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/read\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/write\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/delete\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/add/action\",\n \"Microsoft.Storage/storageAccounts/tableServices/tables/entities/update/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-15T06:51:59.820761Z\",\n \"updatedOn\": \"2021-11-11T20:15:12.2854966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and search DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:58:30.1630494Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.0154948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a\"\n },\n {\n \"properties\": {\n \"roleName\": \"DICOM Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DICOM data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/dicomservices/resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-06-17T20:59:30.8659515Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.1904985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58a3b984-7adf-4c20-983a-32417c86fbc8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58a3b984-7adf-4c20-983a-32417c86fbc8\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-02T21:55:40.4847495Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6111233Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a91429-5739-47e2-a06b-3470a27159e7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Pool Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-08T17:26:05.1079972Z\",\n \"updatedOn\": \"2021-11-11T20:15:13.9154612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60fc6e62-5479-42d4-8bf4-67625fcc2840\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60fc6e62-5479-42d4-8bf4-67625fcc2840\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Data Scientist\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/write\",\n \"Microsoft.MachineLearningServices/workspaces/computes/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-14T21:51:06.0361218Z\",\n \"updatedOn\": \"2023-05-30T15:09:08.4457249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6c7c914-8db3-469d-8ca1-694a8f32e121\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage server-wide settings and manage access to resources such as organizations, users, and licenses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-15T21:32:35.380234Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/22926164-76b3-42b3-bc55-97df8dab3e41\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"22926164-76b3-42b3-bc55-97df8dab3e41\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected SQL Server Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/sqlServerInstances/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-19T23:52:15.8885739Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.1754742Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8113dce-c529-4d33-91fa-e9b972617508\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8113dce-c529-4d33-91fa-e9b972617508\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for send access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:37:20.7558643Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.5454755Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26baccc8-eea7-41f1-98f4-1762cc7f685d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T15:44:26.3023126Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.7154782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2787bf04-f1f5-4bfe-8383-c8a24483ee38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Relay Listener\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listen access to Azure Relay resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Relay/*/wcfRelays/read\",\n \"Microsoft.Relay/*/hybridConnections/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Relay/*/listen/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-07-20T18:38:03.1437496Z\",\n \"updatedOn\": \"2021-11-11T20:15:15.9005232Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"26e0b698-aa6d-4085-9386-aadae190014d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View dashboards, playlists, and query data sources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:36:18.7737511Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/60921a7e-fef1-4a43-9b16-a26c52ad4769\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"60921a7e-fef1-4a43-9b16-a26c52ad4769\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, edit, delete, or view dashboards; create, edit, or delete folders; and edit or view playlists.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-05T16:37:32.5299593Z\",\n \"updatedOn\": \"2024-07-18T04:44:18.4380858Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a79a5197-3a5c-4973-a920-486035ffd60f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a79a5197-3a5c-4973-a920-486035ffd60f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage azure automation resources and other resources using azure automation.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automation/automationAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/ActionGroups/*\",\n \"Microsoft.Insights/ActivityLogAlerts/*\",\n \"Microsoft.Insights/MetricAlerts/*\",\n \"Microsoft.Insights/ScheduledQueryRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T10:18:19.1054699Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.7304954Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f353d9bd-d4a6-484e-a77a-8050b599b867\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f353d9bd-d4a6-484e-a77a-8050b599b867\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Extension Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:47:50.6828896Z\",\n \"updatedOn\": \"2021-11-11T20:15:17.9155393Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85cb6faf-e071-4c9b-8136-154b5a04f717\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85cb6faf-e071-4c9b-8136-154b5a04f717\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full read access to Device Provisioning Service data-plane properties.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:53:12.1374732Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.0905503Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/10745317-c249-44a1-a5ce-3a4353c0bbd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"10745317-c249-44a1-a5ce-3a4353c0bbd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Provisioning Service Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Device Provisioning Service data-plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Devices/provisioningServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-09T19:54:03.2783227Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.2605302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce44e4-17b7-4bd1-a6d1-04996ec95633\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce44e4-17b7-4bd1-a6d1-04996ec95633\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Certificate Profile Signer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Sign files with a certificate profile. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/certificateProfiles/Sign/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-16T23:17:53.0002693Z\",\n \"updatedOn\": \"2024-04-05T05:34:02.8330268Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2837e146-70d7-4cfd-ad55-7efa6464f958\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2837e146-70d7-4cfd-ad55-7efa6464f958\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:40:17.9785063Z\",\n \"updatedOn\": \"2021-11-11T20:15:18.9655101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cff1b556-2399-4e7e-856d-a8f754be7b65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cff1b556-2399-4e7e-856d-a8f754be7b65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Service Registry Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Service Registry\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/eurekaService/read\",\n \"Microsoft.AppPlatform/Spring/eurekaService/write\",\n \"Microsoft.AppPlatform/Spring/eurekaService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-20T04:42:38.9153779Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.1405497Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5880b48-c26d-48be-b172-7927bfa1c8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5880b48-c26d-48be-b172-7927bfa1c8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-08-26T01:50:51.5123701Z\",\n \"updatedOn\": \"2021-11-11T20:15:19.3155517Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d04c6db6-4947-4782-9e91-30a88feb7be7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d04c6db6-4947-4782-9e91-30a88feb7be7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Cloud Config Server Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read, write and delete access to Azure Spring Cloud Config Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/read\",\n \"Microsoft.AppPlatform/Spring/configService/write\",\n \"Microsoft.AppPlatform/Spring/configService/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-06T02:30:47.861158Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.0405208Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure VM Managed identities restore Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-09-13T05:27:59.2180214Z\",\n \"updatedOn\": \"2021-11-11T20:15:20.5805266Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6ae96244-5829-4925-a7d3-5975537d91dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6ae96244-5829-4925-a7d3-5975537d91dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Search and Render Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/render/read\",\n \"Microsoft.Maps/accounts/services/search/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:17:50.5178931Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.045541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6be48352-4f82-47c9-ad5e-0acacefdb005\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6be48352-4f82-47c9-ad5e-0acacefdb005\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access all Azure Maps resource management.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maps/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-01T22:19:13.1357904Z\",\n \"updatedOn\": \"2021-11-11T20:15:22.2455414Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dba33070-676a-4fb0-87fa-064dc56ff7fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dba33070-676a-4fb0-87fa-064dc56ff7fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/*\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachineinstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:19:53.0087024Z\",\n \"updatedOn\": \"2023-08-31T13:23:35.2639121Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b748a06d-6150-4f8a-aaa9-ce3940cd96cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b748a06d-6150-4f8a-aaa9-ce3940cd96cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/join/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualnetworks/Read\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/clone/action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachinetemplates/Read\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/resourcepools/Read\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/hosts/Read\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/deploy/action\",\n \"Microsoft.ConnectedVMwarevSphere/clusters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/allocateSpace/action\",\n \"Microsoft.ConnectedVMwarevSphere/datastores/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-10-18T20:20:46.5105444Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce551c02-7c42-47e0-9deb-e3b6fc3a9a83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Administrator role \",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc VMware VM Contributor has permissions to perform all connected VMwarevSphere actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T17:12:42.6172725Z\",\n \"updatedOn\": \"2024-05-21T15:16:30.6838061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ddc140ed-e463-4246-9145-7c664192013f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ddc140ed-e463-4246-9145-7c664192013f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, Write, Deploy and Delete functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:28:02.96118Z\",\n \"updatedOn\": \"2021-11-11T20:15:25.4884913Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f72c8140-2111-481c-87ff-72b910f6e3f8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/*/read\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action\",\n \"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action\",\n \"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action\",\n \"Microsoft.CognitiveServices/accounts/Language/generate/action\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:14.7643336Z\",\n \"updatedOn\": \"2023-02-28T16:09:04.1394585Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7628b7b8-a8b2-4cdc-b46f-e9b35248918e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \" Has access to all Read, Test, and Write functions under Language Portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:29:39.5761019Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2904465Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2310ca1-dc64-4889-bb49-c8e0fa3d47a8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Language Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, Write, Deploy and Delete functions under Language portal\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*\",\n \"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*\",\n \"Microsoft.CognitiveServices/accounts/Language/*\",\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:07.6173528Z\",\n \"updatedOn\": \"2022-03-29T22:15:08.2749033Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f07febfe-79bc-46b1-8b37-790e26e6e498\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to Read and Test functions under LUIS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*/read\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T03:30:31.2704834Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.2134821Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e81cdc-4e98-4e29-a639-e7d10c5a6226\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services LUIS Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to all Read, Test, and Write functions under LUIS\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/delete\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action\",\n \"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete\"\n ]\n }\n ],\n \"createdOn\": \"2021-11-04T03:31:12.1580052Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.3934523Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6322a993-d5c9-4bed-b113-e49bbea25b27\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PlayFab/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-04T23:26:57.2248605Z\",\n \"updatedOn\": \"2021-11-11T20:15:26.5784834Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9a19cc5-31f4-447c-901f-56c0bb18fcaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9a19cc5-31f4-447c-901f-56c0bb18fcaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, update, delete and execute load tests. View and list load test resources but can not make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/*\",\n \"Microsoft.LoadTestService/testProfiles/*\",\n \"Microsoft.LoadTestService/testProfileRuns/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:11:21.0936461Z\",\n \"updatedOn\": \"2025-09-29T15:12:02.8710803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749a398d-560b-491b-bb21-08924219302e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749a398d-560b-491b-bb21-08924219302e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute all operations on load test resources and load tests\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-09T08:12:24.5500195Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45bb0b16-2f0c-4e78-afaa-a07599b003f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45bb0b16-2f0c-4e78-afaa-a07599b003f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"PlayFab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contributor access to PlayFab resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PlayFab/*/read\",\n \"Microsoft.PlayFab/*/write\",\n \"Microsoft.PlayFab/*/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T00:55:37.3326276Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.0547167Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c8b84dc-067c-4039-9615-fa1a4b77c726\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c8b84dc-067c-4039-9615-fa1a4b77c726\"\n },\n {\n \"properties\": {\n \"roleName\": \"Load Test Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View and list all load tests and load test resources but can not make any changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LoadTestService/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [\n \"Microsoft.LoadTestService/PlaywrightWorkspaces/*\",\n \"Microsoft.LoadTestService/locations/PlaywrightQuotas/*\"\n ],\n \"dataActions\": [\n \"Microsoft.LoadTestService/loadtests/readTest/action\",\n \"Microsoft.LoadTestService/testProfiles/read\",\n \"Microsoft.LoadTestService/testProfileRuns/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T06:14:08.3903105Z\",\n \"updatedOn\": \"2025-09-29T15:12:04.1630709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3ae3fb29-0000-4ccd-bf80-542e7b26e081\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3ae3fb29-0000-4ccd-bf80-542e7b26e081\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Immersive Reader User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create Immersive Reader sessions and call APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-10T19:52:14.4487503Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.4146975Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b2de6794-95db-4659-8781-7e080d3f2b9d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:51:03.3308981Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.7792013Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f69b8690-cc87-41d6-b77a-a4bc3c0a966f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f69b8690-cc87-41d6-b77a-a4bc3c0a966f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab services reader role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.LabServices/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:55:30.4208618Z\",\n \"updatedOn\": \"2021-11-11T20:15:28.9592032Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Assistant\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab assistant role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:10.4295443Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.144253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ce40b423-cede-4313-a93f-9b28290b72e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ce40b423-cede-4313-a93f-9b28290b72e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab operator role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:56:41.9942935Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.3242664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a36e6959-b6be-4b12-8e9f-ef4b474d304d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a36e6959-b6be-4b12-8e9f-ef4b474d304d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Lab Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"The lab contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.LabServices/labPlans/images/read\",\n \"Microsoft.LabServices/labPlans/read\",\n \"Microsoft.LabServices/labPlans/saveImage/action\",\n \"Microsoft.LabServices/labs/read\",\n \"Microsoft.LabServices/labs/write\",\n \"Microsoft.LabServices/labs/delete\",\n \"Microsoft.LabServices/labs/publish/action\",\n \"Microsoft.LabServices/labs/syncGroup/action\",\n \"Microsoft.LabServices/labs/schedules/read\",\n \"Microsoft.LabServices/labs/schedules/write\",\n \"Microsoft.LabServices/labs/schedules/delete\",\n \"Microsoft.LabServices/labs/users/read\",\n \"Microsoft.LabServices/labs/users/write\",\n \"Microsoft.LabServices/labs/users/delete\",\n \"Microsoft.LabServices/labs/users/invite/action\",\n \"Microsoft.LabServices/labs/virtualMachines/read\",\n \"Microsoft.LabServices/labs/virtualMachines/start/action\",\n \"Microsoft.LabServices/labs/virtualMachines/stop/action\",\n \"Microsoft.LabServices/labs/virtualMachines/reimage/action\",\n \"Microsoft.LabServices/labs/virtualMachines/redeploy/action\",\n \"Microsoft.LabServices/labs/virtualMachines/resetPassword/action\",\n \"Microsoft.LabServices/locations/usages/read\",\n \"Microsoft.LabServices/skus/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.LabServices/labPlans/createLab/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-11T00:57:05.9018065Z\",\n \"updatedOn\": \"2021-11-11T20:15:29.4992096Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5daaa2af-1fe8-407c-9122-bba179798270\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5daaa2af-1fe8-407c-9122-bba179798270\"\n },\n {\n \"properties\": {\n \"roleName\": \"Security Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Security Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/policyAssignments/*\",\n \"Microsoft.Authorization/policyDefinitions/*\",\n \"Microsoft.Authorization/policyExemptions/*\",\n \"Microsoft.Authorization/policySetDefinitions/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.operationalInsights/workspaces/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Security/*\",\n \"Microsoft.IoTSecurity/*\",\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-05-03T07:51:23.0917487Z\",\n \"updatedOn\": \"2023-06-27T15:20:21.4401023Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb1c8493-542b-48eb-b624-b4c8fea62acd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:10:11.833518Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12cf5a90-567b-43ae-8102-96cf46c7d9b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12cf5a90-567b-43ae-8102-96cf46c7d9b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Web PubSub Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Azure Web PubSub Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/WebPubSub/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-03-24T09:11:12.6235436Z\",\n \"updatedOn\": \"2023-04-05T15:09:07.4837099Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf\"\n },\n {\n \"properties\": {\n \"roleName\": \"SignalR App Server\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets your app server access SignalR Service with AAD auth options.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.SignalRService/SignalR/auth/accessKey/action\",\n \"Microsoft.SignalRService/SignalR/serverConnection/write\",\n \"Microsoft.SignalRService/SignalR/clientConnection/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-29T06:54:40.1201435Z\",\n \"updatedOn\": \"2021-11-16T05:19:04.8579948Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/420fcaa2-552c-430f-98ca-3264be4806c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"420fcaa2-552c-430f-98ca-3264be4806c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a regular user.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.HybridCompute/machines/login/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:55:50.6185845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb879df8-f326-4884-b1cf-06f3ad86be52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb879df8-f326-4884-b1cf-06f3ad86be52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/virtualMachines/login/action\",\n \"Microsoft.Compute/virtualMachines/loginAsAdmin/action\",\n \"Microsoft.HybridCompute/machines/login/action\",\n \"Microsoft.HybridCompute/machines/loginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-02-09T18:36:13.3315744Z\",\n \"updatedOn\": \"2021-11-18T00:56:53.8134295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c0163c0-47e6-4577-8991-ea5c82e286e4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c0163c0-47e6-4577-8991-ea5c82e286e4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write, delete and re-onboard Azure Connected Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/*\",\n \"Microsoft.HybridCompute/machines/runCommands/*\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/settings/*\",\n \"Microsoft.HybridCompute/gateways/*\",\n \"Microsoft.HybridCompute/privateLinkScopes/*\",\n \"Microsoft.HybridCompute/licenses/*\",\n \"Microsoft.HybridCompute/locations/*\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-10-23T20:24:59.1474607Z\",\n \"updatedOn\": \"2025-01-31T22:43:26.2952467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd570a14-e51a-42ad-bac8-bafd67325302\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd570a14-e51a-42ad-bac8-bafd67325302\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage backup services, except removal of backup, vault creation and giving access to others\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/accessToken/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action\",\n \"Microsoft.RecoveryServices/Vaults/backupJobs/*\",\n \"Microsoft.RecoveryServices/Vaults/backupJobsExport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupOperationResults/*\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectableItems/*\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectedItems/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read\",\n \"Microsoft.RecoveryServices/Vaults/certificates/write\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/read\",\n \"Microsoft.RecoveryServices/Vaults/extendedInformation/write\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*\",\n \"Microsoft.RecoveryServices/Vaults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/read\",\n \"Microsoft.RecoveryServices/Vaults/registeredIdentities/write\",\n \"Microsoft.RecoveryServices/Vaults/usages/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.RecoveryServices/Vaults/backupstorageconfig/*\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupTriggerValidateOperation/action\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationResults/read\",\n \"Microsoft.RecoveryServices/Vaults/backupValidateOperationsStatuses/read\",\n \"Microsoft.RecoveryServices/Vaults/backupOperations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action\",\n \"Microsoft.RecoveryServices/Vaults/backupEngines/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read\",\n \"Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read\",\n \"Microsoft.RecoveryServices/locations/backupStatus/action\",\n \"Microsoft.RecoveryServices/locations/backupPreValidateProtection/action\",\n \"Microsoft.RecoveryServices/locations/backupValidateFeatures/action\",\n \"Microsoft.RecoveryServices/locations/backupAadProperties/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrJobs/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrJob/action\",\n \"Microsoft.RecoveryServices/locations/backupCrossRegionRestore/action\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationResults/read\",\n \"Microsoft.RecoveryServices/locations/backupCrrOperationsStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/monitoringAlerts/write\",\n \"Microsoft.RecoveryServices/operations/read\",\n \"Microsoft.RecoveryServices/locations/operationStatus/read\",\n \"Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/write\",\n \"Microsoft.DataProtection/backupVaults/deletedBackupInstances/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupPolicies/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/operationResults/read\",\n \"Microsoft.DataProtection/backupVaults/operationStatus/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/backupVaults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/operations/read\",\n \"Microsoft.DataProtection/backupVaults/validateForBackup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/backup/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/restore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/delete\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/read\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.RecoveryServices/Vaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2017-01-03T13:21:11.894764Z\",\n \"updatedOn\": \"2025-01-27T16:01:21.2914246Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00c29273-979b-4161-815c-10b084fb9324\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00c29273-979b-4161-815c-10b084fb9324\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can save shared workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/workbooks/write\",\n \"Microsoft.Insights/workbooks/delete\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Insights/workbooks/revisions/read\",\n \"Microsoft.Insights/workbooktemplates/write\",\n \"Microsoft.Insights/workbooktemplates/delete\",\n \"Microsoft.Insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:59:42.4820277Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e8ddcd69-c73f-4f9f-9844-4100522f16ad\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e8ddcd69-c73f-4f9f-9844-4100522f16ad\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workbook Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read workbooks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.insights/workbooks/read\",\n \"microsoft.insights/workbooks/revisions/read\",\n \"microsoft.insights/workbooktemplates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2019-08-28T20:56:17.680814Z\",\n \"updatedOn\": \"2022-12-12T16:05:57.3745476Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b279062a-9be3-42a0-92ae-8b3cf002ec4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b279062a-9be3-42a0-92ae-8b3cf002ec4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all monitoring data and update monitoring settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.Monitor/settings/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-09-21T19:21:08.4345976Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"749f88d5-cbae-40b8-bcfc-e573ddc772fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Metrics Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables publishing metrics against Azure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Insights/Metrics/Write\",\n \"Microsoft.Insights/Telemetry/Write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2018-08-14T00:36:16.5610279Z\",\n \"updatedOn\": \"2022-01-04T00:38:04.0289073Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3913510d-42f4-4e42-8a64-420c390055eb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3913510d-42f4-4e42-8a64-420c390055eb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 1 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\",\n \"Microsoft.Purview/accounts/data/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:37:15.0123345Z\",\n \"updatedOn\": \"2022-01-04T00:43:15.6924286Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a3c2885-9b38-4fd2-9d99-91af537c1347\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a3c2885-9b38-4fd2-9d99-91af537c1347\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 2 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/scan/read\",\n \"Microsoft.Purview/accounts/scan/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:40:05.0975648Z\",\n \"updatedOn\": \"2022-01-04T00:47:22.9678219Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/200bba9e-f0c8-430f-892b-6f0794863803\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"200bba9e-f0c8-430f-892b-6f0794863803\"\n },\n {\n \"properties\": {\n \"roleName\": \"Purview role 3 (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deprecated role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Purview/accounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Purview/accounts/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-11-14T02:39:22.234474Z\",\n \"updatedOn\": \"2022-01-04T00:48:08.2844802Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff100721-1b9d-43d8-af52-42b69c1272db\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff100721-1b9d-43d8-af52-42b69c1272db\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to upload and manage new Autonomous Development Platform measurements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/measurementCollections/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/read\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/discoveries/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/uploads/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/dataStreams/classifications/*\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurementCollections/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/accounts/dataPools/measurements/states/new/changeState/action\",\n \"Microsoft.AutonomousDevelopmentPlatform/workspaces/measurements/states/new/changeState/action\"\n ]\n }\n ],\n \"createdOn\": \"2020-12-15T11:30:01.7459379Z\",\n \"updatedOn\": \"2022-09-15T17:13:47.5365709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8b15564-4fa6-4a59-ab12-03e1d9594795\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8b15564-4fa6-4a59-ab12-03e1d9594795\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:13:59.9702378Z\",\n \"updatedOn\": \"2022-01-04T13:20:26.2040404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/27f8b550-c507-4db9-86f2-f4b8e816d59d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"27f8b550-c507-4db9-86f2-f4b8e816d59d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Autonomous Development Platform Data Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Autonomous Development Platform data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AutonomousDevelopmentPlatform/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-12-15T12:11:31.9843256Z\",\n \"updatedOn\": \"2022-01-04T13:21:04.3207709Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d63b75f7-47ea-4f27-92ac-e0d173aaf093\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d63b75f7-47ea-4f27-92ac-e0d173aaf093\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Officer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Perform any action on the keys of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/checkNameAvailability/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/*/read\",\n \"Microsoft.KeyVault/vaults/*/read\",\n \"Microsoft.KeyVault/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/*\",\n \"Microsoft.KeyVault/vaults/keyrotationpolicies/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-05-19T17:52:47.0099249Z\",\n \"updatedOn\": \"2022-01-06T23:21:17.9760884Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/14b46e9e-c2b7-41b4-b07b-48a6ebf60603\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"14b46e9e-c2b7-41b4-b07b-48a6ebf60603\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you read access to management operations, but does not allow making changes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-22T00:01:34.705363Z\",\n \"updatedOn\": \"2022-01-13T01:35:51.6463216Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49e2f5d2-7741-4835-8efa-19e1fe35e47f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49e2f5d2-7741-4835-8efa-19e1fe35e47f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Device Update Deployments Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Gives you full access to management operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/alertRules/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/accounts/instances/management/read\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/write\",\n \"Microsoft.DeviceUpdate/accounts/instances/management/delete\",\n \"Microsoft.DeviceUpdate/accounts/instances/updates/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-08-21T23:59:52.1001666Z\",\n \"updatedOn\": \"2022-01-13T01:59:19.4616366Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e4237640-0e3d-4a46-8fda-70bc94856432\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e4237640-0e3d-4a46-8fda-70bc94856432\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc VMware Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Write\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Read\",\n \"Microsoft.ConnectedVMwarevSphere/vcenters/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.KubernetesConfiguration/extensions/Write\",\n \"Microsoft.KubernetesConfiguration/extensions/Read\",\n \"Microsoft.KubernetesConfiguration/extensions/Delete\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Write\",\n \"Microsoft.ExtendedLocation/customLocations/Delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ResourceConnector/appliances/Read\",\n \"Microsoft.ResourceConnector/appliances/Write\",\n \"Microsoft.ResourceConnector/appliances/Delete\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.BackupSolutions/vmwareapplications/write\",\n \"Microsoft.BackupSolutions/vmwareapplications/delete\",\n \"Microsoft.BackupSolutions/vmwareapplications/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-11-01T22:18:08.4480747Z\",\n \"updatedOn\": \"2023-08-18T17:54:09.8815166Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/67d33e57-3129-45e6-bb0b-7cc522f762fa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"67d33e57-3129-45e6-bb0b-7cc522f762fa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Automation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Automation Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Logic/workflows/triggers/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Logic/workflows/runs/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/read\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/runs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2021-01-24T08:50:52.0382991Z\",\n \"updatedOn\": \"2022-01-26T09:25:00.4699337Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4c81013-99ee-4d62-a7ee-b3f1f648599a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4c81013-99ee-4d62-a7ee-b3f1f648599a\"\n },\n {\n \"properties\": {\n \"roleName\": \"CDN Endpoint Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view CDN endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/endpoints/*/read\",\n \"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2016-01-23T02:48:46.4996252Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.097708Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"871e35f6-b5c1-49cc-a043-bde969a0f2cd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Speech User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can’t create, delete or modify the data/test/model/endpoint for custom models.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/*/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*\",\n \"Microsoft.CognitiveServices/accounts/AudioContentCreation/*\",\n \"Microsoft.CognitiveServices/accounts/VideoTranslation/*\",\n \"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read\",\n \"Microsoft.CognitiveServices/accounts/BatchAvatar/*\",\n \"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read\",\n \"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read\"\n ]\n }\n ],\n \"createdOn\": \"2021-03-30T11:28:27.4339032Z\",\n \"updatedOn\": \"2024-10-18T20:00:21.397467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f2dc8367-1007-4938-bd23-fe263f013447\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows Admin Center Administrator Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Let's you manage the OS of your resource via Windows Admin Center as an administrator.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridCompute/machines/extensions/*\",\n \"Microsoft.HybridCompute/machines/upgradeExtensions/action\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkWatchers/securityGroupView/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/listManagedProxyDetails/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/read\",\n \"Microsoft.Compute/virtualMachines/patchAssessmentResults/latest/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/read\",\n \"Microsoft.Compute/virtualMachines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/read\",\n \"Microsoft.Compute/locations/publishers/artifacttypes/types/versions/read\",\n \"Microsoft.Compute/diskAccesses/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete\",\n \"Microsoft.AzureStackHCI/Operations/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Read\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Write\",\n \"Microsoft.ConnectedVMwarevSphere/VirtualMachines/Extensions/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HybridCompute/machines/WACLoginAsAdmin/action\",\n \"Microsoft.Compute/virtualMachines/WACloginAsAdmin/action\",\n \"Microsoft.AzureStackHCI/Clusters/WACloginAsAdmin/Action\",\n \"Microsoft.ConnectedVMwarevSphere/virtualmachines/WACloginAsAdmin/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-12T00:51:19.5581155Z\",\n \"updatedOn\": \"2024-01-24T16:28:56.8362682Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a6333a3e-0164-44c3-b281-7a577aff287f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a6333a3e-0164-44c3-b281-7a577aff287f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Policy Add-on Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy the Azure Policy add-on on Azure Kubernetes Service clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/proximityPlacementGroups/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-07T20:51:48.5662807Z\",\n \"updatedOn\": \"2022-03-15T23:34:13.5188193Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ed5180-3e48-46fd-8541-4ea054d57064\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ed5180-3e48-46fd-8541-4ea054d57064\"\n },\n {\n \"properties\": {\n \"roleName\": \"Guest Configuration Resource Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you read, write Guest Configuration Resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-01-13T21:31:41.9626667Z\",\n \"updatedOn\": \"2022-02-10T19:22:44.9057916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/088ab73d-1256-47ae-bea9-9de8e7131f31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"088ab73d-1256-47ae-bea9-9de8e7131f31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/read\",\n \"Microsoft.Insights/DiagnosticSettings/read\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/domainServices/*/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/routes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:38:46.904317Z\",\n \"updatedOn\": \"2022-06-27T17:28:30.2892869Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/361898ef-9ed1-48c2-849c-a832951106bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"361898ef-9ed1-48c2-849c-a832951106bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Domain Services Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure AD Domain Services and related network configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/Logs/Read\",\n \"Microsoft.Insights/Metrics/Read\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\",\n \"Microsoft.AAD/register/action\",\n \"Microsoft.AAD/unregister/action\",\n \"Microsoft.AAD/domainServices/*\",\n \"Microsoft.Network/register/action\",\n \"Microsoft.Network/unregister/action\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/azureFirewalls/read\",\n \"Microsoft.Network/ddosProtectionPlans/read\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/delete\",\n \"Microsoft.Network/loadBalancers/*/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkSecurityGroups/defaultSecurityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-15T19:40:22.3943189Z\",\n \"updatedOn\": \"2022-06-27T17:28:31.1017906Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eeaeda52-9324-47f6-8069-5d5bade478b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eeaeda52-9324-47f6-8069-5d5bade478b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"DNS Resolver Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage DNS resolver resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsResolvers/read\",\n \"Microsoft.Network/dnsResolvers/write\",\n \"Microsoft.Network/dnsResolvers/delete\",\n \"Microsoft.Network/dnsResolvers/join/action\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/inboundEndpoints/join/action\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/read\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/write\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/delete\",\n \"Microsoft.Network/dnsResolvers/outboundEndpoints/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/read\",\n \"Microsoft.Network/dnsForwardingRulesets/write\",\n \"Microsoft.Network/dnsForwardingRulesets/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/join/action\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/read\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/write\",\n \"Microsoft.Network/dnsForwardingRulesets/forwardingRules/delete\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/read\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/write\",\n \"Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks/delete\",\n \"Microsoft.Network/locations/dnsResolverOperationResults/read\",\n \"Microsoft.Network/locations/dnsResolverOperationStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-02-16T23:25:04.4308795Z\",\n \"updatedOn\": \"2022-03-12T01:08:44.4650132Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc Enabled Kubernetes Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credentials action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredentials/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2020-07-28T17:37:00.7637445Z\",\n \"updatedOn\": \"2022-02-17T02:29:05.1000798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/00493d72-78f6-4148-b6c5-d3ce8e4799dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"00493d72-78f6-4148-b6c5-d3ce8e4799dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to upload data to empty managed disks, read, or export data of managed disks (not attached to running VMs) and snapshots using SAS URIs and Azure AD authentication.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Compute/disks/download/action\",\n \"Microsoft.Compute/disks/upload/action\",\n \"Microsoft.Compute/snapshots/download/action\",\n \"Microsoft.Compute/snapshots/upload/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"updatedOn\": \"2022-03-01T05:42:02.3801768Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/959f8984-c045-4866-89c7-12bf9737be2e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"959f8984-c045-4866-89c7-12bf9737be2e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Sensor Partner Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides contribute access to manage sensor related entities in AgFood Platform Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete\"\n ]\n }\n ],\n \"createdOn\": \"2022-03-09T09:03:53.490279Z\",\n \"updatedOn\": \"2022-10-27T07:34:00.932807Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b77f0a0-0d89-41cc-acd1-579c22c17a67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Sharing Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role allows user to share gallery to another subscription/tenant or share it to the public.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-10T04:36:08.9040323Z\",\n \"updatedOn\": \"2022-03-26T00:40:55.2620635Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1ef6a3be-d0ac-425d-8c01-acb62866290b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1ef6a3be-d0ac-425d-8c01-acb62866290b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Patching Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/maintenanceConfigurations/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/delete\",\n \"Microsoft.Maintenance/configurationAssignments/read\",\n \"Microsoft.Maintenance/configurationAssignments/write\",\n \"Microsoft.Maintenance/configurationAssignments/delete\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/configurationAssignments/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/read\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/write\",\n \"Microsoft.Maintenance/maintenanceConfigurations/maintenanceScope/InGuestPatch/delete\",\n \"Microsoft.Maintenance/applyUpdates/read\",\n \"Microsoft.Maintenance/updates/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-21T14:34:05.5308153Z\",\n \"updatedOn\": \"2025-02-27T13:35:19.3626961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cd08ab90-6b14-449c-ad9a-8f8e549482c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cd08ab90-6b14-449c-ad9a-8f8e549482c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Dev Box User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to create and manage dev boxes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userUpcomingActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T22:42:03.2894277Z\",\n \"updatedOn\": \"2023-10-18T19:06:15.1790546Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/45d50f46-0b78-4001-a660-4198cbe8cd05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"45d50f46-0b78-4001-a660-4198cbe8cd05\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Project Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage project resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/write\",\n \"Microsoft.DevCenter/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/devboxes/adminStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminAlign/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStop/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userStart/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionRead/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/devboxes/userCustomize/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminAction/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-03-31T23:57:37.3708041Z\",\n \"updatedOn\": \"2025-07-23T23:00:43.7994094Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/331c37c6-af14-46d9-b9f4-e1909e1b95a0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"331c37c6-af14-46d9-b9f4-e1909e1b95a0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Local User Login\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View Virtual Machines in the portal and login as a local user configured on the arc server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-07T04:12:11.0327385Z\",\n \"updatedOn\": \"2022-04-16T23:03:02.5542069Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/602da2ba-a5c2-41da-b01d-5360126ab525\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"602da2ba-a5c2-41da-b01d-5360126ab525\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Contributor has permissions to perform all VM actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/virtualmachines/*\",\n \"microsoft.scvmm/virtualMachineInstances/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.9085842Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e582369a-e17b-42a5-b10c-874c387c530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e582369a-e17b-42a5-b10c-874c387c530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Administrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ScVmm/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a92dfd61-77f9-4aec-a531-19858b406c87\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a92dfd61-77f9-4aec-a531-19858b406c87\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Clouds Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.scvmm/vmmservers/Read\",\n \"microsoft.scvmm/vmmservers/Write\",\n \"microsoft.scvmm/vmmservers/Delete\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-05-19T07:39:31.0563245Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Arc ScVmm Private Cloud User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"microsoft.scvmm/virtualnetworks/join/action\",\n \"microsoft.scvmm/virtualnetworks/Read\",\n \"microsoft.scvmm/virtualmachinetemplates/clone/action\",\n \"microsoft.scvmm/virtualmachinetemplates/Read\",\n \"microsoft.scvmm/clouds/deploy/action\",\n \"microsoft.scvmm/clouds/Read\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-13T21:33:11.1438013Z\",\n \"updatedOn\": \"2023-10-06T09:06:44.6077384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0781e91-8102-4553-8951-97c6d4243cda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0781e91-8102-4553-8951-97c6d4243cda\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Pool Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/delete\",\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.HDInsight/clusterPools/write\",\n \"Microsoft.HDInsight/clusterpools/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterpools/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/upgradehistories/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:43.7126562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7656b436-37d4-490a-a4ab-d39f838f0042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7656b436-37d4-490a-a4ab-d39f838f0042\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/write\",\n \"Microsoft.HDInsight/clusterPools/clusters/delete\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgrade/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/rollback/action\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-14T05:37:28.4116078Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fd036e6b-1266-47a0-b0bb-a05d04831731\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fd036e6b-1266-47a0-b0bb-a05d04831731\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to read and import FHIR Data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-19T12:03:07.1913541Z\",\n \"updatedOn\": \"2022-04-21T13:19:49.7566662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4465e953-8ced-4406-a58e-0f6e3f3b530b\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight on AKS Cluster Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants a user/group the ability to read cluster configurations, resize clusters and run jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HDInsight/clusterPools/read\",\n \"Microsoft.Hdinsight/clusterpools/clusters/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/resize/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/instanceviews/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/jobs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/runjob/action\",\n \"Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/libraries/read\",\n \"Microsoft.HDInsight/clusterPools/clusters/managelibraries/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/logs/read\",\n \"Microsoft.Insights/diagnosticSettings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-04-26T14:14:33.8566334Z\",\n \"updatedOn\": \"2024-07-01T15:03:44.1916336Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bcf28286-af25-4c81-bb6f-351fcab5dbe9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bcf28286-af25-4c81-bb6f-351fcab5dbe9\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Developer Portal Content Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can customize the developer portal, edit its content, and publish it.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/portalRevisions/read\",\n \"Microsoft.ApiManagement/service/portalRevisions/write\",\n \"Microsoft.ApiManagement/service/contentTypes/read\",\n \"Microsoft.ApiManagement/service/contentTypes/delete\",\n \"Microsoft.ApiManagement/service/contentTypes/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/read\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/write\",\n \"Microsoft.ApiManagement/service/contentTypes/contentItems/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-06T21:46:28.7501982Z\",\n \"updatedOn\": \"2022-05-11T01:48:03.0899467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c031e6a8-4391-4de0-8d69-4706a7ed3729\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c031e6a8-4391-4de0-8d69-4706a7ed3729\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role that provides access to disk snapshot for security analysis.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/instanceView/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/instanceView/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-15T19:19:38.5462809Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7808068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d24ecba3-c1f4-40fa-a7bb-4588a071e8fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to all resources under Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-05-26T12:41:01.1833837Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80dcbedb-47ef-405d-95bd-188a1b4ac406\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80dcbedb-47ef-405d-95bd-188a1b4ac406\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for control path read access to Azure Elastic SAN\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-01T07:05:04.5639037Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af6a70f8-3c9f-4105-acf1-d719e9fca4ca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af6a70f8-3c9f-4105-acf1-d719e9fca4ca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Virtual Machine Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read\",\n \"Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/availabilitySets/vmSizes/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/read\",\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/images/read\",\n \"Microsoft.Compute/locations/usages/read\",\n \"Microsoft.Compute/locations/vmSizes/read\",\n \"Microsoft.Compute/operations/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/runCommand/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/virtualMachines/runCommands/read\",\n \"Microsoft.Compute/virtualMachines/runCommands/write\",\n \"Microsoft.Compute/virtualMachines/vmSizes/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read\",\n \"Microsoft.KeyVault/vaults/deploy/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/read\",\n \"Microsoft.DesktopVirtualization/scalingPlans/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.2575005Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5340758Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a959dbd1-f747-45e3-8ba6-dd80f235f97c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Off Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start and stop virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureStackHCI/operations/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/restart/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/stop/action\",\n \"Microsoft.Compute/virtualMachines/deallocate/action\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/powerOff/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/restart/action\",\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/delete\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action\",\n \"Microsoft.DesktopVirtualization/hostpools/sessionhosts/write\",\n \"Microsoft.DesktopVirtualization/hostpools/write\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/eventtypes/values/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-08-15T18:24:59.2883823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40c5ff49-9181-41f8-ae61-143b0e78555e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40c5ff49-9181-41f8-ae61-143b0e78555e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization Power On Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/start/action\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/start/action\",\n \"Microsoft.AzureStackHCI/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-06-29T01:44:11.3414837Z\",\n \"updatedOn\": \"2024-02-12T16:11:25.5904731Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/489581de-a3bd-480d-9518-53dea7416b33\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"489581de-a3bd-480d-9518-53dea7416b33\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Group Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to a volume group in Azure Elastic SAN including changing network security policies to unblock data path access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-08-23T17:36:07.1409226Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8281131-f312-4f34-8d98-ae12be9f0d23\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8281131-f312-4f34-8d98-ae12be9f0d23\"\n },\n {\n \"properties\": {\n \"roleName\": \"Access Review Operator Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Management/getEntities/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"updatedOn\": \"2022-07-04T17:04:25.3846899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76cc9ee4-d5d3-4a45-a930-26add3d73475\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76cc9ee4-d5d3-4a45-a930-26add3d73475\"\n },\n {\n \"properties\": {\n \"roleName\": \"Trusted Signing Identity Verifier\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage identity or business verification requests. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CodeSigning/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CodeSigning/IdentityVerification/Read\",\n \"Microsoft.CodeSigning/IdentityVerification/Write\",\n \"Microsoft.CodeSigning/IdentityVerification/Delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-07-29T07:36:35.8877235Z\",\n \"updatedOn\": \"2024-10-24T14:08:43.6479343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4339b7cf-9826-4e41-b4ed-c7f4505dac08\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4339b7cf-9826-4e41-b4ed-c7f4505dac08\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Restricted Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has access to view and search through all video's insights and transcription in the Video Indexer portal. No access to model customization, embedding of widget, downloading videos, or sharing the account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/*/read\",\n \"Microsoft.VideoIndexer/accounts/*/action\"\n ],\n \"notActions\": [\n \"Microsoft.VideoIndexer/*/write\",\n \"Microsoft.VideoIndexer/*/delete\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"updatedOn\": \"2022-08-09T20:15:25.5603064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a2c4a527-7dc0-4ee3-897b-403ade70fafb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a2c4a527-7dc0-4ee3-897b-403ade70fafb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access the data in an Azure Monitor Workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Monitor/accounts/data/metrics/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T15:27:32.9926129Z\",\n \"updatedOn\": \"2022-10-07T20:52:48.6545841Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b0d8363b-8ddd-447d-831f-62ca05bff136\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b0d8363b-8ddd-447d-831f-62ca05bff136\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7837694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5af6afb3-c06c-4fa4-8848-71a8aee05683\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5af6afb3-c06c-4fa4-8848-71a8aee05683\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/apps/deployments/*\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/*\",\n \"Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/*\",\n \"Microsoft.ContainerService/fleets/batch/jobs/*\",\n \"Microsoft.ContainerService/fleets/configmaps/*\",\n \"Microsoft.ContainerService/fleets/endpoints/*\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/*\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/*\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/*\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/*\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*\",\n \"Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/*\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/*\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/*\",\n \"Microsoft.ContainerService/fleets/services/*\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/*\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/434fb43a-c01c-447e-9f67-c3ad923cfaba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"434fb43a-c01c-447e-9f67-c3ad923cfaba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63bb64ad-9799-4770-b5c3-24ed299a07bf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63bb64ad-9799-4770-b5c3-24ed299a07bf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4390853Z\",\n \"updatedOn\": \"2024-10-23T18:34:36.152431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/30b27cfc-9c84-438e-b0ce-70e35255df80\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"30b27cfc-9c84-438e-b0ce-70e35255df80\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-22T17:29:14.4234593Z\",\n \"updatedOn\": \"2024-03-27T21:09:44.1318966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18ab4d3d-a1bf-4477-8ad9-8359bc988f69\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18ab4d3d-a1bf-4477-8ad9-8359bc988f69\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to read namespace resources and retrieve kubeconfig for the cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/listUserCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"updatedOn\": \"2022-08-24T08:05:05.4886641Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ba79058c-0414-4a34-9e42-c3399d80cd5a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ba79058c-0414-4a34-9e42-c3399d80cd5a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Labeling - Labeler\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can label data in Labeling.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/experiments/runs/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/projects/summary/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/labeling/labels/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-02T20:34:03.6536098Z\",\n \"updatedOn\": \"2022-09-08T21:01:04.9492408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c6decf44-fd0a-444c-a844-d653c394e7ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c6decf44-fd0a-444c-a844-d653c394e7ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Role Based Access Control Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"*/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T00:28:32.1779656Z\",\n \"updatedOn\": \"2023-11-08T20:50:17.2103449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f58310d9-a9f6-439a-9e8d-f62e7b41a168\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f58310d9-a9f6-439a-9e8d-f62e7b41a168\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Template Spec operations at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c9b6475-caf0-4164-b5a1-2142a7116f4b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c9b6475-caf0-4164-b5a1-2142a7116f4b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Template Spec Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Template Specs at the assigned scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/templateSpecs/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-07T23:56:38.852533Z\",\n \"updatedOn\": \"2022-09-07T23:56:38.852533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/392ae280-861d-42bd-9ea5-08ee6d83b80e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"392ae280-861d-42bd-9ea5-08ee6d83b80e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Playbook Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Sentinel Playbook Operator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Logic/workflows/read\",\n \"Microsoft.Logic/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action\",\n \"Microsoft.Web/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-20T17:17:53.1732035Z\",\n \"updatedOn\": \"2022-12-07T18:28:46.3977543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/51d6186e-6489-4900-b93f-92e23144cca5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"51d6186e-6489-4900-b93f-92e23144cca5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/userRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/userWrite/action\",\n \"Microsoft.DevCenter/projects/users/environments/userDelete/action\",\n \"Microsoft.DevCenter/projects/users/environments/userActionManage/action\",\n \"Microsoft.DevCenter/projects/users/environments/userOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-21T23:02:10.9267534Z\",\n \"updatedOn\": \"2023-11-11T02:44:04.8360299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/18e40d4e-8d2e-438d-97e1-9528336e149c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"18e40d4e-8d2e-438d-97e1-9528336e149c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Connect Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Connect Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/connect/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"updatedOn\": \"2022-09-23T09:06:33.6408942Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80558df3-64f9-4c0f-b32d-e5094b036b0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80558df3-64f9-4c0f-b32d-e5094b036b0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Remote Debugging Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Spring Apps Remote Debugging Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"updatedOn\": \"2022-09-23T09:21:46.6422475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a99b0159-1064-4c22-a57b-c9b3caa1c054\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a99b0159-1064-4c22-a57b-c9b3caa1c054\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Registry User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/registries/assets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1823dd4f-9b8c-4ab6-ab4e-7397a3684615\"\n },\n {\n \"properties\": {\n \"roleName\": \"AzureML Compute Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/computes/*\",\n \"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"updatedOn\": \"2022-09-27T17:15:01.5950677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e503ece1-11d0-4e8e-8e2c-7a6c3bf38815\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/write\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/virtualNetworks/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/join/action\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/aabbc5dd-1af0-458b-a942-81af88f9c138\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"aabbc5dd-1af0-458b-a942-81af88f9c138\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/Operations/read\",\n \"Microsoft.Workloads/Locations/OperationStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-03T17:04:07.6891007Z\",\n \"updatedOn\": \"2024-01-12T10:58:11.4343824Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05352d14-a920-4328-a0de-4cbe7430e26b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05352d14-a920-4328-a0de-4cbe7430e26b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role provides read and write access to all capabilities of Azure Center for SAP solutions.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/configurations/read\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Workloads/sapvirtualInstances/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/write\",\n \"Microsoft.Workloads/sapVirtualInstances/*/delete\",\n \"Microsoft.Workloads/Locations/*/action\",\n \"Microsoft.Workloads/Locations/*/read\",\n \"Microsoft.Workloads/sapVirtualInstances/*/start/action\",\n \"Microsoft.Workloads/sapVirtualInstances/*/stop/action\",\n \"Microsoft.Workloads/connectors/*/read\",\n \"Microsoft.Workloads/connectors/*/write\",\n \"Microsoft.Workloads/connectors/*/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/read\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Network/loadBalancers/networkInterfaces/read\",\n \"Microsoft.Network/loadBalancers/outboundRules/read\",\n \"Microsoft.Network/loadBalancers/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/*/generateKeyPair/action\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Compute/disks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-04T17:14:14.5212968Z\",\n \"updatedOn\": \"2023-06-21T15:30:31.2294248Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7\"\n },\n {\n \"properties\": {\n \"roleName\": \"AppGw for Containers Configuration Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access and configuration updates to Application Gateway for Containers resource.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/frontends/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/associations/delete\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/*/delete\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/read\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/write\",\n \"Microsoft.ServiceNetworking/trafficControllers/serviceRoutingConfigurations/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-06T03:15:51.8980834Z\",\n \"updatedOn\": \"2024-10-29T15:24:36.1024666Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fbc52c3f-28ad-4303-a892-8a056630b8f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fbc52c3f-28ad-4303-a892-8a056630b8f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR SMART User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user to access FHIR Service according to SMART on FHIR specification\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/smart/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T17:20:25.4418773Z\",\n \"updatedOn\": \"2022-12-07T20:30:43.3899302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4ba50f17-9666-485c-a643-ff00808643f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4ba50f17-9666-485c-a643-ff00808643f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access including the ability to fine-tune, deploy and generate text\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/deployments/write\",\n \"Microsoft.CognitiveServices/accounts/deployments/delete\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/read\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/write\",\n \"Microsoft.CognitiveServices/accounts/raiPolicies/delete\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/read\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/write\",\n \"Microsoft.CognitiveServices/accounts/commitmentplans/delete\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2023-08-25T21:51:58.6134163Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a001fd3d-188f-4b5d-821b-7da978bf7442\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services OpenAI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Ability to view files, models, deployments. Readers can't make any changes They can inference and create images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*/read\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/action\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/video/generations/*/delete\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/assistants/*\",\n \"Microsoft.CognitiveServices/accounts/OpenAI/responses/*\"\n ],\n \"notDataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read\"\n ]\n }\n ],\n \"createdOn\": \"2022-10-26T22:25:33.3012125Z\",\n \"updatedOn\": \"2025-04-28T15:13:50.0338628Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e0bd9bd-7b93-4f28-af87-19fc36ad61bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact Reporter role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact write access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*\",\n \"Microsoft.Impact/ImpactCategories/read\",\n \"Microsoft.Impact/TopologyImpacts/*\",\n \"Microsoft.Impact/getUploadToken/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:34:10.0140145Z\",\n \"updatedOn\": \"2025-09-26T15:39:14.9829777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"36e80216-a7e8-4f42-a7e1-f12c98cbaf8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Impact Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to reported impacts and impact categories\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/read\",\n \"Microsoft.Impact/ImpactCategories/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-10-27T22:49:23.8706555Z\",\n \"updatedOn\": \"2022-11-14T16:02:29.4536312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Cluster Monitoring User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster monitoring user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action\",\n \"Microsoft.ContainerService/managedClusters/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-02-06T16:01:22.3399796Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1afdec4b-e479-420e-99e7-f82237c7c5e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1afdec4b-e479-420e-99e7-f82237c7c5e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"ContainerApp Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all containerapp resources, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-14T16:02:29.4380066Z\",\n \"updatedOn\": \"2023-01-02T16:08:35.1119461Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Connected Machine Resource Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/*/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/write\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EdgeMarketplace/locations/operationStatuses/read\",\n \"Microsoft.EdgeMarketPlace/offers/getAccessToken/action\",\n \"Microsoft.EdgeMarketPlace/offers/generateAccessToken/action\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Attestation/attestationProviders/write\",\n \"Microsoft.Attestation/attestationProviders/read\",\n \"Microsoft.Attestation/attestationProviders/delete\",\n \"Microsoft.Attestation/attestationProviders/attestation/read\",\n \"Microsoft.Attestation/attestationProviders/attestation/write\",\n \"Microsoft.Attestation/attestationProviders/attestation/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-11-15T16:12:10.4398106Z\",\n \"updatedOn\": \"2024-08-26T15:01:40.009798Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f5819b54-e033-4d82-ac66-4fec3cbf3f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f5819b54-e033-4d82-ac66-4fec3cbf3f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlDb Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlDb migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Sql/servers/write\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/databases/write\",\n \"Microsoft.Sql/servers/databases/delete\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2022-12-07T23:03:17.2201214Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6344876Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/189207d4-bb67-4208-a635-b06afe8b2c57\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"189207d4-bb67-4208-a635-b06afe8b2c57\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services GDU Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to GDU Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.7508137Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c4bc862a-3b64-4a35-a021-a380c159b042\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c4bc862a-3b64-4a35-a021-a380c159b042\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Imagery Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-12T10:08:47.0099993Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.2220222Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef29765d-0d37-4119-a4f8-f9f9902c9588\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef29765d-0d37-4119-a4f8-f9f9902c9588\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Service role for management\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions that the user assigned managed identity must have to enable registration for the existing systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0105a6b0-4bb9-43d2-982a-12806f9faddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0105a6b0-4bb9-43d2-982a-12806f9faddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Center for SAP solutions Management role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has permissions which allow users to register existing systems, view and manage systems.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T09:08:35.1961741Z\",\n \"updatedOn\": \"2023-02-02T07:25:11.5651483Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d949e1d-41e2-46e3-8920-c6e4f31a8310\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d949e1d-41e2-46e3-8920-c6e4f31a8310\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes API Access\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Security/pricings/securityoperators/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T13:11:09.1105477Z\",\n \"updatedOn\": \"2025-09-12T08:03:06.9409916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5a2ae44-610b-4500-93be-660a0c5f5ca6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5a2ae44-610b-4500-93be-660a0c5f5ca6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Usage Billing Data Sender\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Usage Billing shared BuiltIn role to be used for all Customer Account Authentication\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.UsageBilling/accounts/inputs/send/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-13T20:45:56.3071212Z\",\n \"updatedOn\": \"2023-01-26T19:26:37.6422441Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0310ce6-e953-4cf8-b892-fb1c87eaf7f6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Registry secure supply chain operator service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/push/write\",\n \"Microsoft.ContainerRegistry/registries/artifacts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-19T15:58:15.6513344Z\",\n \"updatedOn\": \"2024-06-12T15:19:54.7471937Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96062cf7-95ca-4f89-9b9d-2a2aa47356af\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlMI Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlMI migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/managedInstances/write\",\n \"Microsoft.Sql/managedInstances/databases/read\",\n \"Microsoft.Sql/managedInstances/databases/write\",\n \"Microsoft.Sql/managedInstances/databases/delete\",\n \"Microsoft.Sql/managedInstances/metrics/read\",\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.2824316Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3295951Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d335eef-eee1-47fe-a9e0-53214eba8872\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d335eef-eee1-47fe-a9e0-53214eba8872\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services CWUM Solution\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to CWUM Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3570667Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a9b99099-ead7-47db-8fcf-072597a61dfa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a9b99099-ead7-47db-8fcf-072597a61dfa\"\n },\n {\n \"properties\": {\n \"roleName\": \"SqlVM Migration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for SqlVM migration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataMigration/locations/operationResults/read\",\n \"Microsoft.DataMigration/locations/operationStatuses/read\",\n \"Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read\",\n \"Microsoft.DataMigration/databaseMigrations/write\",\n \"Microsoft.DataMigration/databaseMigrations/read\",\n \"Microsoft.DataMigration/databaseMigrations/delete\",\n \"Microsoft.DataMigration/databaseMigrations/cancel/action\",\n \"Microsoft.DataMigration/databaseMigrations/cutover/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/write\",\n \"Microsoft.DataMigration/sqlMigrationServices/delete\",\n \"Microsoft.DataMigration/sqlMigrationServices/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/deleteNode/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action\",\n \"Microsoft.DataMigration/sqlMigrationServices/listMigrations/read\",\n \"Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read\",\n \"Microsoft.DataMigration/register/action\",\n \"Microsoft.DataMigration/operations/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/listkeys/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/read\",\n \"Microsoft.SqlVirtualMachine/sqlVirtualMachines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-01-31T16:13:11.3580681Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.6444899Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ae8036db-e102-405b-a1b9-bae082ea436d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ae8036db-e102-405b-a1b9-bae082ea436d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Cdn/profiles/customdomains/write\",\n \"Microsoft.Cdn/profiles/customdomains/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T09:22:53.0560669Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ab34830-df19-4f8c-b84e-aa85b8afa6e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7541192Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0db238c4-885e-4c4f-a933-aa2cef684fca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Secret Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/secretresults/read\",\n \"Microsoft.Cdn/profiles/secrets/read\",\n \"Microsoft.Cdn/profiles/secrets/write\",\n \"Microsoft.Cdn/profiles/secrets/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7531182Z\",\n \"updatedOn\": \"2023-12-07T08:21:56.0395886Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f2eb865-5811-4578-b90a-6fc6fa0df8e5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Domain Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"For internal use within Azure. Can view Azure Front Door domains, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read\",\n \"Microsoft.Cdn/profiles/customdomains/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-02T15:30:03.7551197Z\",\n \"updatedOn\": \"2023-12-07T09:22:52.9393362Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f99d363-226e-4dca-9920-b807cf8e1a5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/register/action\",\n \"Microsoft.AzureStackHCI/Unregister/Action\",\n \"Microsoft.AzureStackHCI/clusters/*\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action\",\n \"Microsoft.HybridCompute/register/action\",\n \"Microsoft.GuestConfiguration/register/action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.AzureStackHCI/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.EdgeMarketplace/offers/read\",\n \"Microsoft.EdgeMarketplace/publishers/read\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{f5819b54-e033-4d82-ac66-4fec3cbf3f4c, cd570a14-e51a-42ad-bac8-bafd67325302, b64e21ea-ac4e-4cdf-9dc9-5b892992bee7, 4b3fe76c-f777-4d24-a2d7-b027b0f7b273, 874d1c73-6003-4e60-a13a-cb31ea190a85,865ae368-6a45-4bd1-8fbf-0d5151f56fc1,7b1f81f9-4196-4058-8aae-762e593270df,4633458b-17de-408a-b874-0445c86b69e6,c99c945f-8bd1-4fb1-a903-01460aae6068}))\"\n }\n ],\n \"createdOn\": \"2023-02-03T05:08:48.3968454Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bda0d508-adf1-4af0-9c28-88919fc3ae06\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bda0d508-adf1-4af0-9c28-88919fc3ae06\"\n },\n {\n \"properties\": {\n \"roleName\": \"MySQL Backup And Export Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage backup and export resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforMySQL/flexibleServers/validateBackup/action\",\n \"Microsoft.DBforMySQL/flexibleServers/backupAndExport/action\",\n \"Microsoft.DBforMySQL/locations/operationResults/read\",\n \"Microsoft.DBforMySQL/locations/azureAsyncOperation/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T06:09:26.5657063Z\",\n \"updatedOn\": \"2023-05-12T10:55:29.6654289Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d18ad5f3-1baf-4119-b49b-d944edb1f9d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d18ad5f3-1baf-4119-b49b-d944edb1f9d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalNGFirewallAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to create, modify, describe, or delete NGFirewalls.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/firewalls/*\",\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/globalRulestacks/read\",\n \"PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/networkVirtualAppliances/read\",\n \"Microsoft.Network/networkVirtualAppliances/write\",\n \"Microsoft.Network/networkVirtualAppliances/delete\",\n \"Microsoft.Network/virtualHubs/read\",\n \"Microsoft.Network/virtualWans/read\",\n \"Microsoft.Network/virtualWans/virtualHubs/read\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4098652Z\",\n \"updatedOn\": \"2023-03-13T15:13:22.9170402Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"LocalRulestacksAdministrator role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create, modify, describe, or delete Rulestacks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"PaloAltoNetworks.Cloudngfw/localRulestacks/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-02-03T11:42:56.4108678Z\",\n \"updatedOn\": \"2023-02-20T16:07:58.3315958Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfc3b73d-c6ff-45eb-9a5f-40298295bf20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfc3b73d-c6ff-45eb-9a5f-40298295bf20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Extension for SQL Server Deployment\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureArcData service role to enable deployment of Azure Extension for SQL Server\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.HybridCompute/machines/extensions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-09T19:23:30.8734404Z\",\n \"updatedOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7392c568-9289-4bde-aaaa-b7131215889d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7392c568-9289-4bde-aaaa-b7131215889d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Maps Data Read and Batch Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can be used to assign read and batch actions on Azure Maps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Maps/accounts/services/*/read\",\n \"Microsoft.Maps/accounts/services/batch/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-15T22:04:09.9905367Z\",\n \"updatedOn\": \"2023-05-16T15:12:18.5723729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6470a16-71bd-43ab-86b3-6f3a73f4e787\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6470a16-71bd-43ab-86b3-6f3a73f4e787\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/users/read\",\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/groups/read\",\n \"Microsoft.ApiManagement/service/groups/users/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/apis/*\",\n \"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*\",\n \"Microsoft.ApiManagement/service/workspaces/policies/*\",\n \"Microsoft.ApiManagement/service/workspaces/schemas/*\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/policyFragments/*\",\n \"Microsoft.ApiManagement/service/workspaces/namedValues/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/backends/*\",\n \"Microsoft.ApiManagement/service/workspaces/certificates/*\",\n \"Microsoft.ApiManagement/service/workspaces/diagnostics/*\",\n \"Microsoft.ApiManagement/service/workspaces/loggers/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56328988-075d-4c6a-8766-d93edd6725b6\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace API Product Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*/read\",\n \"Microsoft.ApiManagement/service/workspaces/products/*\",\n \"Microsoft.ApiManagement/service/workspaces/subscriptions/*\",\n \"Microsoft.ApiManagement/service/workspaces/groups/*\",\n \"Microsoft.ApiManagement/service/workspaces/tags/*\",\n \"Microsoft.ApiManagement/service/workspaces/notifications/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.0317591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"73c2c328-d004-4c5e-938c-35c6f5679a1f\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Service Workspace API Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/tags/read\",\n \"Microsoft.ApiManagement/service/tags/apiLinks/*\",\n \"Microsoft.ApiManagement/service/tags/operationLinks/*\",\n \"Microsoft.ApiManagement/service/tags/productLinks/*\",\n \"Microsoft.ApiManagement/service/products/read\",\n \"Microsoft.ApiManagement/service/products/apiLinks/*\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ApiManagement/service/authorizationServers/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4040114Z\",\n \"updatedOn\": \"2024-08-29T15:27:16.7739501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9565a273-41b9-4368-97d2-aeb0c976a9b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"API Management Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/diagnosticSettings/*/read\",\n \"Microsoft.insights/logs/read\",\n \"Microsoft.insights/logs/ApiManagementGatewayLogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-21T15:13:44.4020114Z\",\n \"updatedOn\": \"2025-05-14T15:26:59.2733591Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0c34c906-8d99-4cb7-8bb7-33f5b0a1a799\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:33:57.1067324Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b8eda974-7b85-4f76-af95-65846b26df6d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b8eda974-7b85-4f76-af95-65846b26df6d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data Privileged Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-23T20:49:03.5905581Z\",\n \"updatedOn\": \"2023-04-06T19:23:16.2936719Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69566ab7-960f-475b-8e7c-b3118f30c6bd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to read virtual networks and join the designated virtual networks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/usages/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7eabc9a4-85f7-4f71-b8ab-75daaccc1033\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7eabc9a4-85f7-4f71-b8ab-75daaccc1033\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows365SubscriptionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d55a8f6-4133-418d-8051-facdb1735758\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d55a8f6-4133-418d-8051-facdb1735758\"\n },\n {\n \"properties\": {\n \"roleName\": \"Windows 365 Network Interface Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action\",\n \"Microsoft.Network/networkInterfaces/effectiveRouteTable/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-03-24T05:24:25.4408966Z\",\n \"updatedOn\": \"2023-07-26T15:17:50.9624987Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1f135831-5bbe-4924-9016-264044c00788\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1f135831-5bbe-4924-9016-264044c00788\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1250456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ffc6bbe0-e443-4c3b-bf54-26581bb2f78e\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Compliance Automation Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing App Compliance Automation tool for Microsoft 365\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppComplianceAutomation/*\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\",\n \"Microsoft.Storage/storageAccounts/fileservices/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.PolicyInsights/policyStates/queryResults/action\",\n \"Microsoft.PolicyInsights/policyStates/triggerEvaluation/action\",\n \"Microsoft.Resources/resources/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Resources/subscriptions/resources/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/tags/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Security/automations/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Security/automations/delete\",\n \"Microsoft.Security/automations/write\",\n \"Microsoft.Security/register/action\",\n \"Microsoft.Security/unregister/action\",\n \"*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-04-13T05:31:14.1240456Z\",\n \"updatedOn\": \"2025-04-18T16:21:59.8526431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f37683f-2463-46b6-9ce7-9b788b988ba2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f37683f-2463-46b6-9ce7-9b788b988ba2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-01T15:11:52.6370946Z\",\n \"updatedOn\": \"2023-05-05T22:39:42.6328063Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9dfcab-4b77-4632-a6df-94bd07820648\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9dfcab-4b77-4632-a6df-94bd07820648\"\n },\n {\n \"properties\": {\n \"roleName\": \"SaaS Hub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"SaaS Hub contributor can manage SaaS Hub resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-02T15:22:12.2506952Z\",\n \"updatedOn\": \"2023-05-11T22:10:29.48093Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9b8712a-cbcf-4ea7-b0f7-e71b803401e6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read Azure Sphere resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeployments/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.1951056Z\",\n \"updatedOn\": \"2023-05-11T22:10:28.3488114Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c8ae6279-5a0b-4cb2-b3f0-d4d62845742c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user to read and download Azure Sphere resources and upload images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*/read\",\n \"Microsoft.AzureSphere/catalogs/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceGroups/action\",\n \"Microsoft.AzureSphere/catalogs/listDeviceInsights/action\",\n \"Microsoft.AzureSphere/catalogs/listDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action\",\n \"Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action\",\n \"Microsoft.AzureSphere/catalogs/images/write\",\n \"Microsoft.AzureSphere/catalogs/uploadImage/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/DiagnosticSettings/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-05T22:39:42.8007514Z\",\n \"updatedOn\": \"2024-01-26T23:01:00.4162781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d994134-994b-4a59-9974-f479f0b227fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d994134-994b-4a59-9974-f479f0b227fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Machine Learning Workspace Connection Secrets Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can list workspace connection secrets\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/secrets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2023-10-13T16:37:23.7956902Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ea01e6af-a1c1-4350-9563-ad00f8c72ec5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ea01e6af-a1c1-4350-9563-ad00f8c72ec5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Procurement Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage the procurement of products and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SaaSHub/cloudservices/read\",\n \"Microsoft.SaaSHub/cloudservices/write\",\n \"Microsoft.SaaSHub/cloudservices/delete\",\n \"Microsoft.SaaSHub/register/action\",\n \"Microsoft.SaaS/resources/read\",\n \"Microsoft.SaaS/resources/write\",\n \"Microsoft.SaaS/resources/delete\",\n \"Microsoft.SaaS/register/action\",\n \"Microsoft.ProfessionalService/resources/read\",\n \"Microsoft.ProfessionalService/resources/write\",\n \"Microsoft.ProfessionalService/resources/delete\",\n \"Microsoft.ProfessionalService/register/action\",\n \"Microsoft.BillingBenefits/register/action\",\n \"Microsoft.BillingBenefits/maccs/read\",\n \"Microsoft.BillingBenefits/maccs/write\",\n \"Microsoft.BillingBenefits/maccs/delete\",\n \"Microsoft.BillingBenefits/maccs/cancel/action\",\n \"Microsoft.BillingBenefits/maccs/chargeShortfall/action\",\n \"Microsoft.BillingBenefits/maccs/contributors/read\",\n \"Microsoft.BillingBenefits/credits/read\",\n \"Microsoft.BillingBenefits/credits/write\",\n \"Microsoft.BillingBenefits/credits/cancel/action\",\n \"Microsoft.BillingBenefits/credits/sources/read\",\n \"Microsoft.BillingBenefits/credits/sources/write\",\n \"Microsoft.BillingBenefits/credits/sources/delete\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/read\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/write\",\n \"Microsoft.EnterpriseSupport/enterpriseSupports/delete\",\n \"Microsoft.EnterpriseSupport/register/action\",\n \"Microsoft.SoftwarePlan/register/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/read\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/write\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/delete\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/cancel/action\",\n \"Microsoft.SoftwarePlan/softwareSubscriptions/listKeys/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-09T15:20:29.3130205Z\",\n \"updatedOn\": \"2025-06-17T15:17:30.9745788Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be1a1ac2-09d3-4261-9e57-a73a6e227f53\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be1a1ac2-09d3-4261-9e57-a73a6e227f53\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Contributor (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/*\",\n \"Microsoft.CognitiveSearch/indexes/documents/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:21.2869168Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ac06ca7-21ca-47e3-a67b-cbd6e6223baf\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Search Serverless Data Reader (Deprecated)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role has been deprecated\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveSearch/indexes/schema/read\",\n \"Microsoft.CognitiveSearch/indexes/documents/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-15T15:01:02.7792616Z\",\n \"updatedOn\": \"2024-02-06T16:07:20.8732351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79b01272-bf9f-4f4c-9517-5506269cf524\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79b01272-bf9f-4f4c-9517-5506269cf524\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/communities/delete\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/communityEndpoints/delete\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/communities/transitHubs/delete\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-05-25T20:51:16.2041501Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e28a61e-8040-49db-b175-bb5b88af6239\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e28a61e-8040-49db-b175-bb5b88af6239\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrative user that can upload/view firmwares & configure firmware workspaces\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-12T15:03:22.1277659Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4423915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9c1607d1-791d-4c68-885d-c7b7aaff7c8a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9c1607d1-791d-4c68-885d-c7b7aaff7c8a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Data Access Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Azure Key Vault by adding or removing role assignments for the Key Vault Administrator, Key Vault Certificates Officer, Key Vault Crypto Officer, Key Vault Crypto Service Encryption User, Key Vault Crypto User, Key Vault Reader, Key Vault Secrets Officer, or Key Vault Secrets User roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.KeyVault/vaults/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{00482a5a-887f-4fb3-b363-3b7fe8e74483, a4417e6f-fecd-4de8-b567-7b0420556985, 14b46e9e-c2b7-41b4-b07b-48a6ebf60603, e147488a-f6f5-4113-8e2d-b22465e65bf6, 12338af0-0e69-4776-bea7-57ae8d297424, 21090545-7ca7-4776-b22c-e363652d74d2, b86a8fe4-44ce-4948-aee5-eccb2c155cd7, 4633458b-17de-408a-b874-0445c86b69e6}))\"\n }\n ],\n \"createdOn\": \"2023-06-20T22:26:01.661921Z\",\n \"updatedOn\": \"2023-12-07T01:33:05.5970688Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b54135c-b56d-4d72-a534-26097cfdc8d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b54135c-b56d-4d72-a534-26097cfdc8d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and update index tags. This role is used by the data scanner of Defender for Storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-06-21T15:30:31.2244258Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Diagnostics Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to execute diagnostics provided by Compute Diagnostic Service for Compute Resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/virtualmachinescalesets/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-03T15:01:36.9754614Z\",\n \"updatedOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df2711a6-406d-41cf-b366-b0250bff9ad1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df2711a6-406d-41cf-b366-b0250bff9ad1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Network Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to create Private Endpoints on SAN resources, and to read SAN resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/write\",\n \"Microsoft.ElasticSan/elasticSans/privateEndpointConnections/delete\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-11T15:16:02.2537915Z\",\n \"updatedOn\": \"2023-07-24T15:07:43.2245803Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa6cecf6-5db3-4c43-8470-c540bcb4eafa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa6cecf6-5db3-4c43-8470-c540bcb4eafa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Usages Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Minimal permission to view Cognitive Services usages.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/locations/usages/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"updatedOn\": \"2023-07-17T15:09:29.0044016Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bba48692-92b0-4667-a9ad-c31c7b334ac2\"\n },\n {\n \"properties\": {\n \"roleName\": \"PostgreSQL Flexible Server Long Term Retention Backup Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role to allow backup vault to access PostgreSQL Flexible Server Resource APIs for Long Term Retention Backup.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrBackupOperations/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/ltrPreBackup/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/startLtrBackup/action\",\n \"Microsoft.DBforPostgreSQL/locations/azureAsyncOperation/read\",\n \"Microsoft.DBforPostgreSQL/locations/operationResults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-19T15:33:56.5176195Z\",\n \"updatedOn\": \"2023-08-02T22:48:06.4502162Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c088a766-074b-43ba-90d4-1fb21feae531\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c088a766-074b-43ba-90d4-1fb21feae531\"\n },\n {\n \"properties\": {\n \"roleName\": \"Search Parameter Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal access to $status and $reindex to update search parameters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/searchparameter/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"updatedOn\": \"2023-07-28T00:53:53.6682553Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a02f7c31-354d-4106-865a-deedf37fa038\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a02f7c31-354d-4106-865a-deedf37fa038\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Machine Data Access Administrator (preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage access to Virtual Machines by adding or removing role assignments for the Virtual Machine Administrator Login and Virtual Machine User Login roles. Includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachines/*/read\",\n \"Microsoft.HybridCompute/machines/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1c0163c0-47e6-4577-8991-ea5c82e286e4, fb879df8-f326-4884-b1cf-06f3ad86be52}))\"\n }\n ],\n \"createdOn\": \"2023-08-07T15:25:15.1179899Z\",\n \"updatedOn\": \"2023-10-31T15:13:38.0409378Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"66f75aeb-eabe-4b70-9f1e-c350c4c9ad04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Developer (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/sites/config/list/Action\",\n \"microsoft.web/sites/config/Write\",\n \"microsoft.web/sites/config/web/appsettings/delete\",\n \"microsoft.web/sites/config/web/appsettings/write\",\n \"microsoft.web/sites/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"microsoft.web/sites/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/publish/Action\",\n \"microsoft.web/sites/slots/config/appsettings/write\",\n \"Microsoft.Web/sites/slots/config/list/Action\",\n \"microsoft.web/sites/slots/config/web/appsettings/delete\",\n \"microsoft.web/sites/slots/deployWorkflowArtifacts/action\",\n \"microsoft.web/sites/slots/listworkflowsconnections/action\",\n \"Microsoft.Web/sites/slots/publish/Action\",\n \"microsoft.web/sites/workflows/*\",\n \"microsoft.web/sites/workflowsconfiguration/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:10.0284774Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"523776ba-4eb2-4600-a3c8-f2dc93da4bdb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/certificates/*\",\n \"Microsoft.Web/connectionGateways/*\",\n \"Microsoft.Web/connections/*\",\n \"Microsoft.Web/customApis/*\",\n \"Microsoft.Web/serverFarms/*\",\n \"Microsoft.Web/sites/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.0642527Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.2307952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ad710c24-b039-4e85-a019-deb4a06e8570\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Operator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\",\n \"Microsoft.Web/sites/applySlotConfig/Action\",\n \"microsoft.web/sites/hostruntime/*\",\n \"Microsoft.Web/sites/restart/Action\",\n \"Microsoft.Web/sites/slots/restart/Action\",\n \"Microsoft.Web/sites/slots/slotsswap/Action\",\n \"Microsoft.Web/sites/slots/start/Action\",\n \"Microsoft.Web/sites/slots/stop/Action\",\n \"Microsoft.Web/sites/slotsdiffs/Action\",\n \"Microsoft.Web/sites/slotsswap/Action\",\n \"Microsoft.Web/sites/start/Action\",\n \"Microsoft.Web/sites/stop/Action\",\n \"Microsoft.Web/sites/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:51.616246Z\",\n \"updatedOn\": \"2024-04-03T21:08:12.0327572Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b70c96e9-66fe-4c09-b6e7-c98e69c98555\"\n },\n {\n \"properties\": {\n \"roleName\": \"Logic Apps Standard Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Web/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-10T18:27:52.9359215Z\",\n \"updatedOn\": \"2024-04-03T21:08:11.472321Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4accf36b-2c05-432f-91c8-5c532dff4c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"IPAM Pool User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read IPAM Pools and child resources. Create and remove associations. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkManagers/ipamPools/*/read\",\n \"Microsoft.Network/networkManagers/ipamPools/*/action\",\n \"Microsoft.Network/networkManagers/ipamPools/*/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-21T15:00:43.8849998Z\",\n \"updatedOn\": \"2024-10-14T15:14:50.4699933Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b3e853f-ad5d-4fb5-a7b8-56a3581c7037\"\n },\n {\n \"properties\": {\n \"roleName\": \"SpatialMapsAccounts Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage data in your account, including deleting them\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MixedReality/spatialMapsAccounts/read\",\n \"Microsoft.MixedReality/spatialMapsAccounts/delete\",\n \"Microsoft.MixedReality/spatialMapsAccounts/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-24T22:24:26.823752Z\",\n \"updatedOn\": \"2023-08-24T22:24:26.823752Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9c9ed2b-2a99-4071-b2ff-5b113ebf73a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Notifications System Topics Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you create system topics and event subscriptions on all system topics exposed currently and in the future by Azure Resource Notifications\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToImpactReportingResources/action\",\n \"Microsoft.ResourceNotifications/systemTopics/subscribeToAksResources/action\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/systemTopics/eventSubscriptions/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-08-31T17:58:41.4180876Z\",\n \"updatedOn\": \"2025-10-01T20:11:41.338522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b962ed2-6d56-471c-bd5f-3477d83a7ba4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b962ed2-6d56-471c-bd5f-3477d83a7ba4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Volume Importer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for Importing Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preRestore/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/beginGetAccess/action\",\n \"Microsoft.Compute/snapshots/endGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/90e8b822-3e73-47b5-868a-787dc80c008f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"90e8b822-3e73-47b5-868a-787dc80c008f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Elastic SAN Snapshot Exporter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for creating and exporting Snapshot of Elastic San Volume\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ElasticSan/elasticSans/*/read\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/preBackup/action\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.Compute/locations/*\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-06T15:24:05.4459728Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3682352Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1c4770c0-34f7-4110-a1ea-a5855cc7a939\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1c4770c0-34f7-4110-a1ea-a5855cc7a939\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/communities/write\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/communityEndpoints/write\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/communities/transitHubs/write\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-14T21:20:02.9426432Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49435da6-99fe-48a5-a235-fc668b9dc04a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49435da6-99fe-48a5-a235-fc668b9dc04a\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Subscriber\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you subscribe messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/subscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b0f2fd7-60b4-4eca-896f-4435034f8bf5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b0f2fd7-60b4-4eca-896f-4435034f8bf5\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid TopicSpaces Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you publish messages on topicspaces.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/topicSpaces/publish/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-19T15:12:11.0674147Z\",\n \"updatedOn\": \"2023-10-20T20:21:33.3344252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a12b0b94-b317-4dcd-84a8-502ce99884c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a12b0b94-b317-4dcd-84a8-502ce99884c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Data Boundary Tenant Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows tenant level administration for data boundaries.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/dataBoundaries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"updatedOn\": \"2023-09-25T15:06:19.9183617Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d1a38570-4b05-4d70-b8e4-1100bcf76d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d1a38570-4b05-4d70-b8e4-1100bcf76d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Realtime Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Execute requests against DeID realtime endpoint. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Realtime/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"updatedOn\": \"2023-09-28T20:01:31.6698729Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\"\n ]\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2555061Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b73a14ee-91f5-41b7-bd81-920e12466be9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b73a14ee-91f5-41b7-bd81-920e12466be9\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Batch Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and manage DeID batch jobs. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/write\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/delete\",\n \"Microsoft.HealthDataAIServices/DeidServices/Batch/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"updatedOn\": \"2023-09-28T20:01:32.2565064Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8a90fa6b-6997-4a07-8a95-30633a7c97b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8a90fa6b-6997-4a07-8a95-30633a7c97b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Carbon Optimization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allow read access to Azure Carbon Optimization data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Carbon/carbonEmissionReports/action\",\n \"Microsoft.Carbon/carbonEmissionReports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-09-29T19:24:38.5828579Z\",\n \"updatedOn\": \"2025-02-17T16:06:32.7430565Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa0d39e6-28e5-40cf-8521-1eb320653a4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa0d39e6-28e5-40cf-8521-1eb320653a4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Owner allowing to review and modify Landing Zone Configurations as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/*\",\n \"Microsoft.Sovereign/landingZoneRegistrations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"updatedOn\": \"2023-10-05T08:48:10.6404205Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/38863829-c2a4-4f8d-b1d2-2e325973ebc7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"38863829-c2a4-4f8d-b1d2-2e325973ebc7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Management Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Management Reader allowing to review Landing Zone Configurations and corresponding Registrations without the ability to modify. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneConfigurations/read\",\n \"Microsoft.Sovereign/landingZoneRegistrations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"updatedOn\": \"2023-10-06T06:04:41.8631569Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8fe6e843-6d9e-417b-9073-106b048f50bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8fe6e843-6d9e-417b-9073-106b048f50bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Device Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Management Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/Clusters/*\",\n \"Microsoft.AzureStackHCI/EdgeDevices/*\",\n \"Microsoft.AzureStackHCI/DevicePools/*/read\",\n \"Microsoft.AzureStackHCI/EdgeMachines/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-10T15:19:13.4820522Z\",\n \"updatedOn\": \"2025-02-11T16:14:17.6124295Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"865ae368-6a45-4bd1-8fbf-0d5151f56fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Customer Lockbox Approver for Subscription\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve Microsoft support requests to access specific resources contained within a subscription, or the subscription itself, when Customer Lockbox for Microsoft Azure is enabled on the tenant where the subscription resides.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.CustomerLockbox/requests/UpdateApproval/action\",\n \"Microsoft.CustomerLockbox/requests/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/eventtypes/values/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-12T18:01:15.239432Z\",\n \"updatedOn\": \"2024-08-08T19:08:54.2825991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4dae6930-7baf-46f5-909e-0383bc931c46\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4dae6930-7baf-46f5-909e-0383bc931c46\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resource Bridge Deployment Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Resource Bridge Deployment Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleassignments/read\",\n \"Microsoft.AzureStackHCI/Register/Action\",\n \"Microsoft.ResourceConnector/register/action\",\n \"Microsoft.ResourceConnector/appliances/read\",\n \"Microsoft.ResourceConnector/appliances/write\",\n \"Microsoft.ResourceConnector/appliances/delete\",\n \"Microsoft.ResourceConnector/locations/operationresults/read\",\n \"Microsoft.ResourceConnector/locations/operationsstatus/read\",\n \"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action\",\n \"Microsoft.ResourceConnector/appliances/listKeys/action\",\n \"Microsoft.ResourceConnector/appliances/upgradeGraphs/read\",\n \"Microsoft.ResourceConnector/telemetryconfig/read\",\n \"Microsoft.ResourceConnector/operations/read\",\n \"Microsoft.ExtendedLocation/register/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.ExtendedLocation/customLocations/write\",\n \"Microsoft.ExtendedLocation/customLocations/delete\",\n \"Microsoft.HybridConnectivity/register/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.KubernetesConfiguration/namespaces/read\",\n \"Microsoft.KubernetesConfiguration/operations/read\",\n \"Microsoft.GuestConfiguration/guestConfigurationAssignments/read\",\n \"Microsoft.HybridContainerService/register/action\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Write\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-16T15:13:24.2748766Z\",\n \"updatedOn\": \"2024-02-26T16:08:40.5270416Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b1f81f9-4196-4058-8aae-762e593270df\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b1f81f9-4196-4058-8aae-762e593270df\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view VMs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/Read\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/Read\",\n \"Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/Read\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read\",\n \"Microsoft.HybridCompute/privateLinkScopes/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-19T22:56:37.6955839Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4b3fe76c-f777-4d24-a2d7-b027b0f7b273\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4b3fe76c-f777-4d24-a2d7-b027b0f7b273\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Developer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions within an Azure AI resource besides managing the resource itself.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/*/read\",\n \"Microsoft.MachineLearningServices/workspaces/*/action\",\n \"Microsoft.MachineLearningServices/workspaces/*/delete\",\n \"Microsoft.MachineLearningServices/workspaces/*/write\",\n \"Microsoft.MachineLearningServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.MachineLearningServices/workspaces/delete\",\n \"Microsoft.MachineLearningServices/workspaces/write\",\n \"Microsoft.MachineLearningServices/workspaces/listKeys/action\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/write\",\n \"Microsoft.MachineLearningServices/workspaces/hubs/delete\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/write\",\n \"Microsoft.MachineLearningServices/workspaces/featurestores/delete\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/labels/read\",\n \"Microsoft.MachineLearningServices/workspaces/evaluations/results/reasonings/read\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/results/images/read\"\n ],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/OpenAI/*\",\n \"Microsoft.CognitiveServices/accounts/SpeechServices/*\",\n \"Microsoft.CognitiveServices/accounts/ContentSafety/*\",\n \"Microsoft.CognitiveServices/accounts/MaaS/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:06:45.817201Z\",\n \"updatedOn\": \"2025-04-17T17:55:39.8922431Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"64702f94-c441-49e6-a78b-ef80e0188fee\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI VM Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to perform all VM actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/VirtualMachines/*\",\n \"Microsoft.AzureStackHCI/virtualMachineInstances/*\",\n \"Microsoft.AzureStackHCI/NetworkInterfaces/*\",\n \"Microsoft.AzureStackHCI/VirtualHardDisks/*\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/Read\",\n \"Microsoft.AzureStackHCI/VirtualNetworks/join/action\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/Read\",\n \"Microsoft.AzureStackHCI/LogicalNetworks/join/action\",\n \"Microsoft.AzureStackHCI/GalleryImages/Read\",\n \"Microsoft.AzureStackHCI/GalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/StorageContainers/Read\",\n \"Microsoft.AzureStackHCI/StorageContainers/deploy/action\",\n \"Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read\",\n \"Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action\",\n \"Microsoft.AzureStackHCI/Clusters/Read\",\n \"Microsoft.AzureStackHCI/Clusters/ArcSettings/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/Read\",\n \"Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\",\n \"Microsoft.HybridCompute/machines/assessPatches/action\",\n \"Microsoft.HybridCompute/machines/installPatches/action\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/operations/read\",\n \"Microsoft.HybridCompute/locations/operationresults/read\",\n \"Microsoft.HybridCompute/locations/operationstatus/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/read\",\n \"Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/read\",\n \"Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read\",\n \"Microsoft.HybridCompute/locations/updateCenterOperationResults/read\",\n \"Microsoft.HybridCompute/machines/hybridIdentityMetadata/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/read\",\n \"Microsoft.HybridCompute/osType/agentVersions/latest/read\",\n \"Microsoft.HybridCompute/machines/runcommands/read\",\n \"Microsoft.HybridCompute/machines/runcommands/write\",\n \"Microsoft.HybridCompute/machines/runcommands/delete\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/read\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/write\",\n \"Microsoft.HybridCompute/machines/licenseProfiles/delete\",\n \"Microsoft.HybridCompute/licenses/read\",\n \"Microsoft.HybridCompute/licenses/write\",\n \"Microsoft.HybridCompute/licenses/delete\",\n \"Microsoft.ExtendedLocation/customLocations/Read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-20T22:51:51.8242229Z\",\n \"updatedOn\": \"2024-06-21T16:41:03.1469999Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/874d1c73-6003-4e60-a13a-cb31ea190a85\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"874d1c73-6003-4e60-a13a-cb31ea190a85\"\n },\n {\n \"properties\": {\n \"roleName\": \"Deployment Environments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to environment resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/projects/read\",\n \"Microsoft.DevCenter/projects/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.DevCenter/projects/pools/read\",\n \"Microsoft.DevCenter/projects/pools/schedules/read\"\n ],\n \"dataActions\": [\n \"Microsoft.DevCenter/projects/users/environments/adminRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminActionRead/action\",\n \"Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"updatedOn\": \"2023-10-25T22:17:10.8897125Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb960402-bf75-4cc3-8d68-35b34f960f72\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb960402-bf75-4cc3-8d68-35b34f960f72\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Receiver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6031239Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"EventGrid Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows send and receive access to event grid events.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/topicTypes/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/eventSubscriptions/read\",\n \"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/domains/read\",\n \"Microsoft.EventGrid/partnerNamespaces/read\",\n \"Microsoft.EventGrid/namespaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.EventGrid/events/send/action\",\n \"Microsoft.EventGrid/events/receive/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"updatedOn\": \"2023-10-27T19:53:20.6021265Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1d8c3fe3-8864-474b-8749-01e3783e8157\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1d8c3fe3-8864-474b-8749-01e3783e8157\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and triage recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageRecommendations/approve/action\",\n \"Microsoft.Advisor/triageRecommendations/reject/action\",\n \"Microsoft.Advisor/triageRecommendations/reset/action\",\n \"Microsoft.Advisor/triageResources/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:31.5895356Z\",\n \"updatedOn\": \"2025-04-02T19:27:15.4734544Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8aac15f0-d885-4138-8afa-bfb5872f7d13\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8aac15f0-d885-4138-8afa-bfb5872f7d13\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Reviews Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View reviews for a workload and recommendations linked to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/resiliencyReviews/read\",\n \"Microsoft.Advisor/triageRecommendations/read\",\n \"Microsoft.Advisor/triageResources/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T15:07:32.6518882Z\",\n \"updatedOn\": \"2025-04-02T19:42:31.0079991Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c64499e0-74c3-47ad-921c-13865957895c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c64499e0-74c3-47ad-921c-13865957895c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Inference Deployment Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can perform all actions required to create a resource deployment within a resource group.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/AutoscaleSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T18:08:40.1583451Z\",\n \"updatedOn\": \"2024-03-15T17:43:35.7204254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3afb7f49-54cb-416e-8c09-6dc049efa503\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connected Cluster Managed Identity CheckAccess Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built-in role that allows a Connected Cluster managed identity to call the checkAccess API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-10-30T19:09:07.911497Z\",\n \"updatedOn\": \"2023-11-07T16:18:43.5381941Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/65a14201-8f6c-4c28-bec4-12619c5a9aaa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"65a14201-8f6c-4c28-bec4-12619c5a9aaa\"\n },\n {\n \"properties\": {\n \"roleName\": \"AgFood Platform Dataset Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dataset APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/datasets/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"updatedOn\": \"2023-11-06T16:07:29.1713961Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d4b70f-0fb9-4f72-b267-b87b2f990aec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d4b70f-0fb9-4f72-b267-b87b2f990aec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender for Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender for Storage's malware scanning and sensitive data discovery features on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/defenderforstoragesettings/read\",\n \"Microsoft.Security/defenderforstoragesettings/write\",\n \"Microsoft.Security/advancedThreatProtectionSettings/read\",\n \"Microsoft.Security/advancedThreatProtectionSettings/write\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.EventGrid/topics/read\",\n \"Microsoft.EventGrid/eventSubscriptions/read\",\n \"Microsoft.EventGrid/eventSubscriptions/write\",\n \"Microsoft.EventGrid/eventSubscriptions/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{1e7ca9b1-60d1-4db8-a914-f2ca1ff27c40, d5a91429-5739-47e2-a06b-3470a27159e7}))\"\n }\n ],\n \"createdOn\": \"2023-11-10T10:31:03.38275Z\",\n \"updatedOn\": \"2025-09-04T13:19:08.2789022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0f641de8-0b88-4198-bdef-bd8b45ceba96\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0f641de8-0b88-4198-bdef-bd8b45ceba96\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Front Door Profile Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view AFD standard and premium profiles and their endpoints, but can't make changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Cdn/edgenodes/read\",\n \"Microsoft.Cdn/operationresults/*\",\n \"Microsoft.Cdn/profiles/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/queryloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action\",\n \"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action\",\n \"Microsoft.Cdn/profiles/Usages/action\",\n \"Microsoft.Cdn/profiles/afdendpoints/Usages/action\",\n \"Microsoft.Cdn/profiles/origingroups/Usages/action\",\n \"Microsoft.Cdn/profiles/rulesets/Usages/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-15T16:30:04.3609762Z\",\n \"updatedOn\": \"2024-01-26T09:56:06.2709754Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"662802e2-50f6-46b0-aed2-e834bacc6d12\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-28T16:02:03.528699Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/86fede04-b259-4277-8c3e-e26b9865abd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"86fede04-b259-4277-8c3e-e26b9865abd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.1017952Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc3f91a1-40bf-4439-8c46-45edbd83563a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc3f91a1-40bf-4439-8c46-45edbd83563a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5092dac-c796-4349-8681-1a322a31c3f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5092dac-c796-4349-8681-1a322a31c3f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Hybrid Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-11-30T16:21:46.100795Z\",\n \"updatedOn\": \"2023-11-30T16:21:46.100795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e7037d40-443a-4434-a3fb-8cd202011e1d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e7037d40-443a-4434-a3fb-8cd202011e1d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/enclaveConnections/delete\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/delete\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/approvals/delete\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-05T16:13:20.7602458Z\",\n \"updatedOn\": \"2025-09-12T18:13:12.7479035Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d5f3eff-eb94-473d-91e3-7aac74d6c0bb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/register/action\",\n \"Microsoft.Mission/unregister/action\",\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/enclaveConnections/write\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-07T23:59:26.5917667Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3901346Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19feefae-eacc-4106-81fd-ac34c0671f14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19feefae-eacc-4106-81fd-ac34c0671f14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Community Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-08T19:37:02.3189417Z\",\n \"updatedOn\": \"2025-07-16T21:30:33.3911351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Account Encryption Scope Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of Encryption Scopes on a Storage Account\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/encryptionScopes/read\",\n \"Microsoft.Storage/storageAccounts/encryptionScopes/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-01-10T18:58:49.3538976Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a316ed6d-1efe-48ac-ac08-f7995a9c26fb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a316ed6d-1efe-48ac-ac08-f7995a9c26fb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Key Vault Writer Service Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KeyVault/vaults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/secrets/setSecret/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-11T16:01:30.9505499Z\",\n \"updatedOn\": \"2024-08-14T19:11:47.7610812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44f0a1a8-6fea-4b35-980a-8ff50c487c97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44f0a1a8-6fea-4b35-980a-8ff50c487c97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Crypto Service Release User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/keys/release/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"updatedOn\": \"2023-12-14T22:44:06.6106235Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08bbd89e-9f13-488c-ac41-acfcb10c90ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08bbd89e-9f13-488c-ac41-acfcb10c90ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Runtime Storage Class Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete Kubernetes Runtime storage classes in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/storageClasses/read\",\n \"Microsoft.KubernetesRuntime/storageClasses/write\",\n \"Microsoft.KubernetesRuntime/storageClasses/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-15T06:02:00.5747685Z\",\n \"updatedOn\": \"2024-08-19T15:08:52.7461468Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0cd9749a-3aaf-4ae5-8803-bd217705bf3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0cd9749a-3aaf-4ae5-8803-bd217705bf3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"updatedOn\": \"2023-12-20T16:26:42.5990795Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/609c0c20-e0a0-4a71-b99f-e7e755ac493d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"609c0c20-e0a0-4a71-b99f-e7e755ac493d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Certificate User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.KeyVault/vaults/certificates/read\",\n \"Microsoft.KeyVault/vaults/secrets/getSecret/action\",\n \"Microsoft.KeyVault/vaults/secrets/readMetadata/action\",\n \"Microsoft.KeyVault/vaults/keys/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"updatedOn\": \"2024-01-10T16:28:04.5909165Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db79e9a7-68ee-4b58-9aeb-b90e7c24fcba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Managed Components Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for all managed components in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/managedComponents/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9992482Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/52fd16bd-6ed5-46af-9c40-29cbd7952a29\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"52fd16bd-6ed5-46af-9c40-29cbd7952a29\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"updatedOn\": \"2024-01-11T08:19:23.9982391Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6593e776-2a30-40f9-8a32-4fe28b77655d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6593e776-2a30-40f9-8a32-4fe28b77655d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Gateway Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Gateway in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/gateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"updatedOn\": \"2024-01-11T08:19:24.0002399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4301dc2a-25a9-44b0-ae63-3636cf7f2bd2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge On-Site Deployment Engineer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an on-site person to assist in the provisioning of an edge device\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/orderItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T11:05:20.8919638Z\",\n \"updatedOn\": \"2024-08-30T13:53:39.2810677Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/207bcc4b-86a6-4487-9141-d6c1f4c238aa\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"207bcc4b-86a6-4487-9141-d6c1f4c238aa\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane read operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.ApiCenter/services/workspaces/search/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-11T20:37:59.9775707Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c7244dfb-f447-457d-b2ba-3999044d1706\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure impact-insight reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"built-in role for azure impact-insight read access\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/WorkloadImpacts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"updatedOn\": \"2024-01-19T16:37:20.2115353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfb2f09d-25f8-4558-8986-497084006d7a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfb2f09d-25f8-4558-8986-497084006d7a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud permissions to provision the Kubernetes defender security agent\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.Kubernetes/register/action\",\n \"Microsoft.KubernetesConfiguration/register/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-29T16:00:38.0450387Z\",\n \"updatedOn\": \"2024-04-08T15:07:46.3009159Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8bb6f106-b146-4ee6-a3f9-b9c5a96e0ae5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cloud Controller Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and update the cloud controller manager deployed on top of OpenShift.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/publicIPPrefixes/join/action\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/privatelinkservices/write\",\n \"Microsoft.Network/privatelinkservices/read\",\n \"Microsoft.Network/privatelinkservices/delete\",\n \"Microsoft.Network/loadBalancers/loadBalancingRules/read\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.7996135Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.5578538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a1f96423-95ce-4224-ab27-4e3dc72facd4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a1f96423-95ce-4224-ab27-4e3dc72facd4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Disk Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Disks. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/snapshots/write\",\n \"Microsoft.Compute/snapshots/read\",\n \"Microsoft.Compute/snapshots/delete\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-03-28T17:59:48.0577945Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5b7237c5-45e1-49d6-bc18-a1f62f400748\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5b7237c5-45e1-49d6-bc18-a1f62f400748\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Network Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install and upgrade the networking components on an OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/read\",\n \"Microsoft.Compute/virtualMachines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-05-06T15:13:46.6826117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/be7a6435-15ae-4171-8f30-4a343eff9e8f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"be7a6435-15ae-4171-8f30-4a343eff9e8f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Image Registry Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Resources/tags/write\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/privateEndpoints/read\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b32b316-c2f5-4ddf-b05b-83dacd2d08b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift File Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Install Container Storage Interface (CSI) drivers that enable your cluster to use Azure Files. Set OpenShift cluster-wide storage defaults to ensure a default storageclass exists for clusters.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/privateEndpoints/write\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/privateDnsOperationStatuses/read\",\n \"Microsoft.Network/privateDnsZones/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\",\n \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\",\n \"Microsoft.Network/privateDnsZones/write\",\n \"Microsoft.Network/privateDnsZones/join/action\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/write\",\n \"Microsoft.Network/privateEndpoints/privateDnsZoneGroups/read\",\n \"Microsoft.Network/privateEndpoints/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-07-25T20:45:04.9733949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0d7aedc0-15fd-4a67-a412-efad370c947e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0d7aedc0-15fd-4a67-a412-efad370c947e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Service Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Maintain machine health, network configuration, monitoring, and other features that are specific to an OpenShift cluster's continued functionality as a managed service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-06-03T15:14:11.4486606Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4436bae4-7702-4c84-919b-c4069ff25ee2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4436bae4-7702-4c84-919b-c4069ff25ee2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Machine API Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage the lifecycle of specific-purpose custom resource definitions (CRD), controllers, and Azure RBAC objects that extend the Kubernetes API to declares the desired state of machines in a cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/galleries/images/versions/read\",\n \"Microsoft.Compute/skus/read\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/capacityReservationGroups/deploy/action\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action\",\n \"Microsoft.Network/applicationSecurityGroups/read\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/loadBalancers/write\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/loadBalancers/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action\",\n \"Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action\",\n \"Microsoft.Network/loadBalancers/inboundNATRules/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9454324Z\",\n \"updatedOn\": \"2025-03-20T13:43:14.3948725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0358943c-7e01-48ba-8889-02cc51d78637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0358943c-7e01-48ba-8889-02cc51d78637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Cluster Ingress Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage and configure the OpenShift router.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/dnsZones/A/delete\",\n \"Microsoft.Network/dnsZones/A/write\",\n \"Microsoft.Network/privateDnsZones/A/delete\",\n \"Microsoft.Network/privateDnsZones/A/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-01-30T16:11:37.9474325Z\",\n \"updatedOn\": \"2025-02-14T18:54:20.1640655Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0336e1d3-7a87-462b-b6db-342b63f7802c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0336e1d3-7a87-462b-b6db-342b63f7802c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Sphere Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows user read and write access to Azure Sphere resources and RBAC configuration, includes an ABAC condition to constrain role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureSphere/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/DiagnosticSettingsCategories/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{8b9dfcab4b774632a6df94bd07820648,c8ae62795a0b4cb2b3f0d4d62845742c,6d994134994b4a599974f479f0b227fb,5a382001fe3641ffbba48bf06bd54da9,749f88d5cbae40b8bcfce573ddc772fa,43d0d8ad25c7471493378ba259a9fe05}\"\n }\n ],\n \"createdOn\": \"2024-02-01T23:40:30.7387663Z\",\n \"updatedOn\": \"2024-03-12T15:09:00.907512Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5a382001-fe36-41ff-bba4-8bf06bd54da9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5a382001-fe36-41ff-bba4-8bf06bd54da9\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Request Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/WRITE\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/*/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/*/WRITE\",\n \"Microsoft.Quota/GROUPQUOTAS/*/DELETE\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:36.8464681Z\",\n \"updatedOn\": \"2025-02-04T16:18:52.2174712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e2217c0e-04bb-4724-9580-91cf9871bc01\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e2217c0e-04bb-4724-9580-91cf9871bc01\"\n },\n {\n \"properties\": {\n \"roleName\": \"GroupQuota Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"MICROSOFT.QUOTA/QUOTAS/READ\",\n \"MICROSOFT.QUOTA/USAGES/READ\",\n \"MICROSOFT.QUOTA/QUOTAREQUESTS/READ\",\n \"MICROSOFT.QUOTA/REGISTER/ACTION\",\n \"Microsoft.Quota/GROUPQUOTAS/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/subscriptions/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ\",\n \"Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"updatedOn\": \"2024-02-09T21:28:38.4642049Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0f495dc-44ef-4140-aeb0-b89110e6a7c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0f495dc-44ef-4140-aeb0-b89110e6a7c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Smart Boundary Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Smart Boundary Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-16T08:39:51.0915233Z\",\n \"updatedOn\": \"2024-05-28T15:09:38.223022Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/539283cd-c185-4a9a-9503-d35217a1db7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"539283cd-c185-4a9a-9503-d35217a1db7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you enable and configure Microsoft Defender CSPM's sensitive data discovery feature on your storage accounts. Includes an ABAC condition to limit role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/write\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Security/datascanners/read\",\n \"Microsoft.Security/datascanners/write\",\n \"Microsoft.Security/dataScanners/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{2a2b9908-6ea1-4ae2-8e65-a410df84e7d1, b8eda974-7b85-4f76-af95-65846b26df6d, 0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35}\"\n }\n ],\n \"createdOn\": \"2024-02-23T11:40:48.9476806Z\",\n \"updatedOn\": \"2025-09-24T15:22:44.3542995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8480c0f0-4509-4229-9339-7c10018cb8c4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8480c0f0-4509-4229-9339-7c10018cb8c4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Advisor Recommendations Contributor (Assessments and Reviews)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View assessment recommendations, accepted review recommendations, and manage the recommendations lifecycle (mark recommendations as completed, postponed or dismissed, in progress, or not started).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Advisor/recommendations/write\",\n \"Microsoft.Advisor/recommendations/available/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-26T16:08:40.5151834Z\",\n \"updatedOn\": \"2024-03-13T23:14:21.178011Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6b534d80-e337-47c4-864f-140f5c7f593d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6b534d80-e337-47c4-864f-140f5c7f593d\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage GeoCatalogs, but does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.6300293Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9c97b9c-105d-4bb5-a2a7-7d15666c2484\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9c97b9c-105d-4bb5-a2a7-7d15666c2484\"\n },\n {\n \"properties\": {\n \"roleName\": \"GeoCatalog Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View GeoCatalogs, but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Orbital/operations/read\",\n \"Microsoft.Orbital/geoCatalogs/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"updatedOn\": \"2024-02-27T16:09:02.8346775Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b7b8f583-43d0-40ae-b147-6b46f53661c1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b7b8f583-43d0-40ae-b147-6b46f53661c1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Editor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7661499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af854a69-80ce-4ff7-8447-f1118a2e0ca8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/RestoreBuiltinTemplate/Read\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/Read\",\n \"Microsoft.HealthBot/healthBots/Localization/Read\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/Read\",\n \"Microsoft.HealthBot/healthBots/DataConnections/Read\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/Read\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*/Read\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/Read\",\n \"Microsoft.HealthBot/healthBots/Resources/Files/Read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.669144Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7381488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eb5a76d5-50e7-4c33-a449-070e7c9c4cf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Programmable Connectivity Gateway Dataplane User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows access to all Gateway dataplane APIs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8503139Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c20923c5-b089-47a5-bf67-fd89569c4ad9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c20923c5-b089-47a5-bf67-fd89569c4ad9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Agent Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ResourceData/Read\",\n \"Microsoft.HealthBot/healthBots/Metadata/Read\",\n \"Microsoft.HealthBot/healthBots/CopilotStudioSolution/*\",\n \"Microsoft.HealthBot/healthBots/Feedback/Read\",\n \"Microsoft.HealthBot/healthBots/Users/Read\",\n \"Microsoft.HealthBot/healthBots/AuditTrails/Read\",\n \"Microsoft.HealthBot/healthBots/AnalyticReport/Read\",\n \"Microsoft.HealthBot/healthBots/ExposedSkill/Read\",\n \"Microsoft.HealthBot/healthBots/RegisteredSkills/Read\",\n \"Microsoft.HealthBot/healthBots/Configuration/*\",\n \"Microsoft.HealthBot/healthBots/Localization/*\",\n \"Microsoft.HealthBot/healthBots/AuthenticationProviders/*\",\n \"Microsoft.HealthBot/healthBots/Channels/*\",\n \"Microsoft.HealthBot/healthBots/DataConnections/*\",\n \"Microsoft.HealthBot/healthBots/OpenAPIPlugins/*\",\n \"Microsoft.HealthBot/healthBots/Scenarios/*\",\n \"Microsoft.HealthBot/healthBots/LanguageModels/*\",\n \"Microsoft.HealthBot/healthBots/Resources/*\",\n \"Microsoft.HealthBot/healthBots/Admin/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-28T16:09:25.8513161Z\",\n \"updatedOn\": \"2025-08-21T10:13:28.7431492Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f1082fec-a70f-419f-9230-885d2550fb38\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Network Connection Approver\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can approve private endpoint connections to Azure AI common dependency resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiManagement/service/privateEndpointConnections/read\",\n \"Microsoft.ApiManagement/service/privateEndpointConnections/write\",\n \"Microsoft.ApiManagement/service/privateLinkResources/read\",\n \"Microsoft.ApiManagement/service/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/read\",\n \"Microsoft.Cache/redis/privateEndpointConnections/write\",\n \"Microsoft.Cache/redis/privateLinkResources/read\",\n \"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Cache/redisEnterprise/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write\",\n \"Microsoft.Cache/redisEnterprise/privateLinkResources/read\",\n \"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action\",\n \"Microsoft.CognitiveServices/accounts/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read\",\n \"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write\",\n \"Microsoft.CognitiveServices/accounts/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/read\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateEndpointConnections/write\",\n \"Microsoft.DBforPostgreSQL/serverGroupsv2/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/read\",\n \"Microsoft.DBforMySQL/flexibleServers/privateEndpointConnections/write\",\n \"Microsoft.DBforMySQL/flexibleServers/privateLinkResources/read\",\n \"Microsoft.DBforMySQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read\",\n \"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write\",\n \"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read\",\n \"Microsoft.DocumentDB/databaseAccounts/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/read\",\n \"Microsoft.KeyVault/vaults/privateEndpointConnections/write\",\n \"Microsoft.KeyVault/vaults/privateLinkResources/read\",\n \"Microsoft.KeyVault/vaults/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/registries/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/registries/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/registries/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read\",\n \"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write\",\n \"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read\",\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/read\",\n \"Microsoft.Storage/storageAccounts/privateEndpointConnections/write\",\n \"Microsoft.Storage/storageAccounts/privateLinkResources/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Sql/servers/privateEndpointConnections/read\",\n \"Microsoft.Sql/servers/privateEndpointConnections/write\",\n \"Microsoft.Sql/servers/privateLinkResources/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnectionsApproval/action\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/read\",\n \"Microsoft.EventHub/namespaces/privateEndpointConnections/write\",\n \"Microsoft.EventHub/namespaces/privateLinkResources/read\",\n \"Microsoft.EventHub/namespaces/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/read\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/write\",\n \"Microsoft.Search/searchServices/sharedPrivateLinkResources/read\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/read\",\n \"Microsoft.Insights/privatelinkscopes/privateEndpointConnections/write\",\n \"Microsoft.Insights/privatelinkscopes/privateLinkResources/read\",\n \"Microsoft.Insights/privatelinkscopes/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/read\",\n \"Microsoft.Network/privateLinkServices/privateEndpointConnections/write\",\n \"Microsoft.Network/privateLinkServices/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/read\",\n \"Microsoft.Network/applicationGateways/privateEndpointConnections/write\",\n \"Microsoft.Network/applicationGateways/privateLinkResources/read\",\n \"Microsoft.Network/applicationGateways/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-02-29T22:43:58.7323849Z\",\n \"updatedOn\": \"2025-01-29T21:07:16.6125101Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b556d68e-0be0-4f35-a333-ad7ee1ce17ea\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role required by a Managed Identity for Azure Container Storage operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Resources/subscriptions/providers/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-06T18:09:47.8933525Z\",\n \"updatedOn\": \"2024-03-21T21:58:56.1897725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"08d4c71a-cc63-4ce4-a9c8-5dd251b4d619\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and manage its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.6502598Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95dd08a6-00bd-4661-84bf-f6726f83a4d0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95dd08a6-00bd-4661-84bf-f6726f83a4d0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Storage Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you install Azure Container Storage and grants access to its storage resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ElasticSan/elasticSans/*\",\n \"Microsoft.ElasticSan/locations/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/*\",\n \"Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/*\",\n \"Microsoft.ElasticSan/locations/asyncoperations/read\",\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.KubernetesConfiguration/extensions/delete\",\n \"Microsoft.KubernetesConfiguration/extensions/operations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Management/managementGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{08d4c71acc634ce4a9c85dd251b4d619}))\"\n }\n ],\n \"createdOn\": \"2024-03-06T18:39:55.882353Z\",\n \"updatedOn\": \"2024-03-28T20:02:49.6413404Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/95de85bd-744d-4664-9dde-11430bc34793\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"95de85bd-744d-4664-9dde-11430bc34793\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read and write Azure Kubernetes Services hybrid clusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/Locations/operationStatuses/read\",\n \"Microsoft.HybridContainerService/Locations/operationStatuses/write\",\n \"Microsoft.HybridContainerService/Operations/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/read\",\n \"Microsoft.HybridContainerService/kubernetesVersions/write\",\n \"Microsoft.HybridContainerService/kubernetesVersions/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/write\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/read\",\n \"Microsoft.HybridContainerService/skus/read\",\n \"Microsoft.HybridContainerService/skus/write\",\n \"Microsoft.HybridContainerService/skus/delete\",\n \"Microsoft.HybridContainerService/virtualNetworks/read\",\n \"Microsoft.HybridContainerService/virtualNetworks/write\",\n \"Microsoft.HybridContainerService/virtualNetworks/delete\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.Kubernetes/connectedClusters/Read\",\n \"Microsoft.Kubernetes/connectedClusters/Write\",\n \"Microsoft.Kubernetes/connectedClusters/Delete\",\n \"Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action\",\n \"Microsoft.AzureStackHCI/clusters/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/delete\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:44.8716461Z\",\n \"updatedOn\": \"2025-09-25T18:20:47.1023449Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d3f1697-4507-4d08-bb4a-477695db5f82\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d3f1697-4507-4d08-bb4a-477695db5f82\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster user credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4117596Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/233ca253-b031-42ff-9fba-87ef12d6b55f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"233ca253-b031-42ff-9fba-87ef12d6b55f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Arc Cluster Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List cluster admin credential action.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridContainerService/provisionedClusterInstances/read\",\n \"Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action\",\n \"Microsoft.Kubernetes/connectedClusters/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"updatedOn\": \"2024-03-07T00:25:47.4127588Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b29efa5f-7782-4dc3-9537-4d5bc70a5e9f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/action\",\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f54b6d04-23c6-443e-b462-9c16ab7b4a52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f54b6d04-23c6-443e-b462-9c16ab7b4a52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Backup MUA Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Backup MultiUser-Authorization. Can create/delete ResourceGuard \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataProtection/*/read\",\n \"Microsoft.DataProtection/*/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/locations/operationResults/read\",\n \"Microsoft.DataProtection/locations/operationStatus/read\",\n \"Microsoft.DataProtection/locations/getBackupStatus/action\",\n \"Microsoft.DataProtection/locations/checkFeatureSupport/action\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete\",\n \"Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action\",\n \"Microsoft.DataProtection/subscriptions/providers/resourceGuards/read\",\n \"Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"updatedOn\": \"2024-03-08T09:37:14.3268989Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c2a970b4-16a7-4a51-8c84-8a8ea6ee0bb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Savings plan Purchaser\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you purchase savings plans\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Capacity/register/action\",\n \"Microsoft.Capacity/catalogs/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.BillingBenefits/savingsPlanOrders/write\",\n \"Microsoft.BIllingBenefits/register/action\",\n \"Microsoft.Support/supporttickets/write\",\n \"Microsoft.Billing/billingProperty/read\",\n \"Microsoft.CostManagement/benefitRecommendations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"updatedOn\": \"2024-03-15T02:32:29.1190657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3d24a3a0-c154-4f6f-a5ed-adc8e01ddb74\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionReader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read\",\n \"Microsoft.Network/expressRouteCrossConnections/*/read\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6ee44de-fe58-4ddc-b5c2-ab174eb23f05\"\n },\n {\n \"properties\": {\n \"roleName\": \"CrossConnectionManager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write access to ExpressRoute CrossConnections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ClassicNetwork/expressRouteCrossConnections/*\",\n \"Microsoft.Network/expressRouteCrossConnections/*\",\n \"Microsoft.Features/providers/features/read\"\n ],\n \"notActions\": [\n \"Microsoft.Network/expressRouteCrossConnections/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-18T15:10:35.462996Z\",\n \"updatedOn\": \"2024-03-18T15:10:35.462996Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/399c3b2b-64c2-4ff1-af34-571db925b068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"399c3b2b-64c2-4ff1-af34-571db925b068\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Kubernetes Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.ContainerService/managedClusters/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/delete\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/read\",\n \"Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings/write\",\n \"Microsoft.ContainerService/managedClusters/write\",\n \"Microsoft.Security/pricings/securityoperators/read\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-20T15:36:16.6580488Z\",\n \"updatedOn\": \"2024-12-05T16:14:33.0969374Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5e93ba01-8f92-4c7a-b12a-801e3df23824\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5e93ba01-8f92-4c7a-b12a-801e3df23824\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*\",\n \"Microsoft.ApiCenter/deletedServices/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1026818Z\",\n \"updatedOn\": \"2025-06-27T17:59:17.7305662Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd24193f-ef65-44e5-8a7e-6fa6e03f7713\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read-only access to Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.0936845Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cba8790-29c5-48e5-bab1-c7541b01cb04\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Compliance Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows managing API compliance in Azure API Center service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ApiCenter/services/*/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"updatedOn\": \"2024-03-22T19:59:42.1036832Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ede9aaa3-4627-494e-be13-4aa7c256148d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Historical Weather Data Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Historical Weather Data Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/farms/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:24.6069385Z\",\n \"updatedOn\": \"2024-08-08T17:08:36.118249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b192c1-773c-4543-bfb0-6c59254b74a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b192c1-773c-4543-bfb0-6c59254b74a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database VmCluster Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all VmCluster resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudExadataInfrastructures/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4654513Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9ce8739-6fa2-4123-a0a2-0ef41a67806f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9ce8739-6fa2-4123-a0a2-0ef41a67806f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Reader Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/resourceAnchors/read\",\n \"Oracle.Database/networkAnchors/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2025-08-21T18:37:52.3681201Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d623d097-b882-4e1e-a26f-ac60e31065a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d623d097-b882-4e1e-a26f-ac60e31065a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Owner Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle.Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-04T21:25:06.0488389Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4562aac9-b209-4bd7-a144-6d7f3bb516f4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4562aac9-b209-4bd7-a144-6d7f3bb516f4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle Subscriptions Manager Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Oracle Subscriptions resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/write\",\n \"Oracle.Database/oracleSubscriptions/*/delete\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:25.4644513Z\",\n \"updatedOn\": \"2024-04-05T15:59:48.0147406Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4caf51ec-f9f5-413f-8a94-b9f5fddba66b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4caf51ec-f9f5-413f-8a94-b9f5fddba66b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exadata Infrastructure Administrator Built-in Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Exadata Infrastructure resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/cloudExadataInfrastructures/*/read\",\n \"Oracle.Database/cloudExadataInfrastructures/*/write\",\n \"Oracle.Database/cloudExadataInfrastructures/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/read\",\n \"Oracle.Database/cloudVmClusters/*/write\",\n \"Oracle.Database/cloudVmClusters/*/delete\",\n \"Oracle.Database/cloudVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-25T15:06:26.7449799Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4cfdd23b-aece-4fd1-b614-ad3a06c53453\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4cfdd23b-aece-4fd1-b614-ad3a06c53453\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Catalog Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Catalog resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingCatalog/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.7360718Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f27b7598-bc64-41f7-8a44-855ff16326c2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f27b7598-bc64-41f7-8a44-855ff16326c2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Application Configuration Service Config File Pattern Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read content of config file pattern for Application Configuration Service in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configurationServices/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-03-27T15:21:42.869223Z\",\n \"updatedOn\": \"2024-03-27T15:21:42.869223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25211fc6-dc78-40b6-b205-e4ac934fd9fd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25211fc6-dc78-40b6-b205-e4ac934fd9fd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Hybrid Database Administrator - Read Only Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read only access to Azure hybrid database services resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureArcData/*/read\",\n \"Microsoft.AzureArcData/sqlServerInstances/getTelemetry/action\",\n \"Microsoft.AzureArcData/sqlServerInstances/availabilityGroups/getDetailView/action\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"updatedOn\": \"2024-04-03T17:20:07.3444447Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d9c6a55-fc0e-4e21-ae6f-f7b095497342\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d9c6a55-fc0e-4e21-ae6f-f7b095497342\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Sentinel Business Applications Agent Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List and update actions on a business applications system. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/read\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/write\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-04T08:02:29.5240808Z\",\n \"updatedOn\": \"2024-06-05T15:32:09.463486Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c18f9900-27b8-47c7-a8f0-5b3b3d4c2bc2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure ContainerApps Session Executor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and execute sessions in a sessionPool\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/sessions/generatesessions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/interpreters/execute/action\",\n \"Microsoft.App/sessionPools/interpreters/read\",\n \"Microsoft.App/sessionPools/executions/*\",\n \"Microsoft.App/sessionPools/files/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-05T18:15:51.9984875Z\",\n \"updatedOn\": \"2024-11-01T09:37:25.3241262Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0fb8eba5-a2bb-4abe-b1c1-49dfad359bb0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Edge Winfields federated subscription read access role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Edge Winfields role for read access on federated subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-11T23:06:49.0273732Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3701285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83ee7727-862c-4213-8ed8-2ce6c5d69a40\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83ee7727-862c-4213-8ed8-2ce6c5d69a40\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Federated Credential\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, update and delete federated credentials on user assigned managed identities in order to build a trust relationship between the managed identity, OpenID Connect (OIDC), and the service account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-12T00:30:33.7626424Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4504757Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ef318e2a-8334-4a05-9e4a-295a196c6a6e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ef318e2a-8334-4a05-9e4a-295a196c6a6e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Crop Id Solution User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Crop Id Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-19T09:07:57.429491Z\",\n \"updatedOn\": \"2024-05-15T15:18:59.4401968Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39138f76-04e6-41f0-ba6b-c411b59081a9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39138f76-04e6-41f0-ba6b-c411b59081a9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Events Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to scheduled event actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Maintenance/scheduledevents/acknowledge/action\",\n \"Microsoft.Compute/VirtualMachines/read\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/AvailabilitySets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-23T15:07:32.157769Z\",\n \"updatedOn\": \"2024-05-03T21:25:12.6392452Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b67fe603-310e-4889-b9ee-8257d09d353d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b67fe603-310e-4889-b9ee-8257d09d353d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Recommendations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to call Compute Recommendations APIs provided by Compute Diagnostic Resource Provider service.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/locations/placementScores/generate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-04-30T15:20:17.6310289Z\",\n \"updatedOn\": \"2024-07-02T15:07:54.755272Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e82342c9-ac7f-422b-af64-e426d2e12b2d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e82342c9-ac7f-422b-af64-e426d2e12b2d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Execution Instance List Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"List instances for job executions in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/91422e52-bb88-4415-bb4a-90f5b71f6dcb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"91422e52-bb88-4415-bb4a-90f5b71f6dcb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Job Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for jobs in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/jobs/read\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/jobs/executions/logstream/action\",\n \"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"updatedOn\": \"2024-05-02T02:34:55.3873154Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b459aa1d-e3c8-436f-ae21-c0531140f43e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b459aa1d-e3c8-436f-ae21-c0531140f43e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T17:46:29.728767Z\",\n \"updatedOn\": \"2024-05-10T17:46:29.728767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/05fdd44c-adc6-4aff-981c-61041f0c929a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"05fdd44c-adc6-4aff-981c-61041f0c929a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Service Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-write access to Nexus Network Fabric Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"updatedOn\": \"2024-05-10T18:01:38.1184138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a5eb8433-97a5-4a06-80b2-a877e1622c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a5eb8433-97a5-4a06-80b2-a877e1622c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/write\",\n \"Microsoft.Resources/deploymentStacks/read\",\n \"Microsoft.Resources/deploymentStacks/validate/action\",\n \"Microsoft.Resources/deploymentStacks/exportTemplate/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2025-06-05T00:56:22.3468702Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf7f8882-3383-422a-806a-6526c631a88a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf7f8882-3383-422a-806a-6526c631a88a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Deployment Stack Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows a user to manage deployment stacks, including those with deny assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deploymentStacks/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"updatedOn\": \"2024-05-15T23:13:06.6024446Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adb29209-aa1d-457b-a786-c913953d2891\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adb29209-aa1d-457b-a786-c913953d2891\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Spring Cloud Config Server Log Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read real-time logs for Spring Cloud Config Server in Azure Spring Apps\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/Spring/read\",\n \"Microsoft.AppPlatform/Spring/configServers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/Spring/configService/logstream/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"updatedOn\": \"2024-05-29T15:22:19.5478417Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/74252426-c508-480e-9345-4607bbebead4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"74252426-c508-480e-9345-4607bbebead4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Catalog Lister\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for listing all repositories in an Azure Container Registry.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:09.4683575Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bfdb9389-c9a5-478a-bb2f-ba9ca092c3c7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/delete\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/delete\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5848534Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2efddaa5-3f1f-4df3-97df-af3f13818f4c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2efddaa5-3f1f-4df3-97df-af3f13818f4c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/write\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.586855Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a1e307c-b015-4ebd-883e-5b7698a07328\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a1e307c-b015-4ebd-883e-5b7698a07328\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Repository Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for read access to Azure Container Registry repositories, but excluding catalog listing.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-05T15:32:11.5818531Z\",\n \"updatedOn\": \"2025-10-03T17:14:16.6197074Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b93aa761-3e63-49ed-ac28-beffa264f7ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b93aa761-3e63-49ed-ac28-beffa264f7ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"DeID Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to DeID data. This role is in preview and subject to change\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthDataAIServices/DeidServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"updatedOn\": \"2024-06-06T21:23:32.6428695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78e4b983-1a0b-472e-8b7d-8d770f7c5890\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78e4b983-1a0b-472e-8b7d-8d770f7c5890\"\n },\n {\n \"properties\": {\n \"roleName\": \"Locks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Locks Operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/locks/write\",\n \"Microsoft.Authorization/locks/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"updatedOn\": \"2024-06-06T22:54:16.4808252Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/28bf596f-4eb7-45ce-b5bc-6cf482fec137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"28bf596f-4eb7-45ce-b5bc-6cf482fec137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Standby Container Group Pool Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage standby container group pool resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/read\",\n \"Microsoft.ContainerInstance/containerGroupProfiles/revisions/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StandbyPool/Locations/OperationStatuses/read\",\n \"Microsoft.StandbyPool/Operations/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/delete\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/runtimeViews/read\",\n \"Microsoft.StandbyPool/standbyContainerGroupPools/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"updatedOn\": \"2024-06-17T15:10:37.1602741Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/39fcb0de-8844-4706-b050-c28ddbe3ff83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"39fcb0de-8844-4706-b050-c28ddbe3ff83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Artifacts Publisher\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for publishing gallery artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/*\",\n \"Microsoft.Compute/locations/capsOperations/read\",\n \"Microsoft.Compute/locations/communityGalleries/*\",\n \"Microsoft.Compute/locations/sharedGalleries/*\",\n \"Microsoft.Compute/images/*\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.Compute/galleries/share/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"updatedOn\": \"2024-06-20T00:09:20.5675487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85a2d0d9-2eba-4c9c-b355-11c2cc0788ab\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Viewer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant access to view all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T07:46:35.012434Z\",\n \"updatedOn\": \"2024-06-28T08:35:31.7949436Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5826735-177b-4a0d-a9a3-d0e4b4bda107\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5826735-177b-4a0d-a9a3-d0e4b4bda107\"\n },\n {\n \"properties\": {\n \"roleName\": \"ToolchainOrchestrator Admin Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grant full access to manage all Toolchain orchestrator resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ToolchainOrchestrator/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-06-20T08:01:39.0551096Z\",\n \"updatedOn\": \"2024-06-28T08:35:33.2869473Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2ccf8795-8983-4912-8036-1c45212c95e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2ccf8795-8983-4912-8036-1c45212c95e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0510995Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4d8c6f2e-3fd6-4d40-826e-93e3dc4c3fc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"ProviderHub Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ProviderHub/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"updatedOn\": \"2024-07-02T15:07:53.0530983Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a3ab03bc-5350-42ff-b0d5-00207672db55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a3ab03bc-5350-42ff-b0d5-00207672db55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Connected InfraVMs\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role of Arc Integration for Azure Stack HCI Infrastructure Virtual Machines.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/*/read\",\n \"Microsoft.HybridCompute/machines/write\",\n \"Microsoft.HybridCompute/machines/delete\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/extensions/write\",\n \"Microsoft.HybridCompute/machines/extensions/delete\",\n \"Microsoft.HybridCompute/machines/UpgradeExtensions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:27.6822616Z\",\n \"updatedOn\": \"2024-07-15T15:01:51.3691302Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c99c945f-8bd1-4fb1-a903-01460aae6068\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c99c945f-8bd1-4fb1-a903-01460aae6068\"\n },\n {\n \"properties\": {\n \"roleName\": \"VM Restore Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create and Delete resources during VM Restore. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\",\n \"Microsoft.Compute/disks/endGetAccess/action\",\n \"Microsoft.Compute/locations/diskOperations/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/instanceView/read\",\n \"Microsoft.Compute/virtualMachines/extensions/read\",\n \"Microsoft.Compute/virtualMachines/extensions/write\",\n \"Microsoft.Compute/virtualMachines/extensions/delete\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/usages/read\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/ipconfigurations/read\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/publicIPAddresses/join/action\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/checkNameAvailability/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/listKeys/action\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"updatedOn\": \"2024-07-03T15:20:29.2078037Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dfce8971-25e3-42e3-ba33-6055438e3080\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dfce8971-25e3-42e3-ba33-6055438e3080\"\n },\n {\n \"properties\": {\n \"roleName\": \"HDInsight Cluster Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, create, modify and delete HDInsight clusters, configuration, extensions, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/APPLICATIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/CONFIGURATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXECUTESCRIPTACTIONS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/EXTENSIONS/WRITE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/GETGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/LISTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATEENDPOINTCONNECTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/PRIVATELINKRESOURCES/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESOLVEPRIVATELINKSERVICEID/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/RESTARTHOSTS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/AUTOSCALE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/ROLES/RESIZE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/DELETE\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTACTIONS/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/PROMOTE/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/SCRIPTEXECUTIONHISTORY/READ\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/UPDATEGATEWAYSETTINGS/ACTION\",\n \"MICROSOFT.HDINSIGHT/CLUSTERS/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AVAILABLECLUSTERVERSIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/AZUREASYNCOPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/BILLINGSPECS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CAPABILITIES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/CHECKNAMEAVAILABILITY/ACTION\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONRESULTS/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/OPERATIONSTATUSES/WRITE\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/USAGES/READ\",\n \"MICROSOFT.HDINSIGHT/LOCATIONS/VALIDATECREATEREQUEST/ACTION\",\n \"MICROSOFT.HDINSIGHT/OPERATIONS/READ\",\n \"MICROSOFT.HDINSIGHT/REGISTER/ACTION\",\n \"MICROSOFT.HDINSIGHT/RESOURCETYPES/READ\",\n \"MICROSOFT.HDINSIGHT/UNREGISTER/ACTION\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"updatedOn\": \"2024-07-04T05:42:45.2347879Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0847e196-2fd2-4c2f-a48c-fca6fd030f44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0847e196-2fd2-4c2f-a48c-fca6fd030f44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Compute Contributor Role (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) Manage and configure Azure Operator Nexus infrastructure resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/classicAdministrators/operationstatuses/read\",\n \"Microsoft.Authorization/classicAdministrators/read\",\n \"Microsoft.Authorization/denyAssignments/read\",\n \"Microsoft.Authorization/diagnosticSettings/read\",\n \"Microsoft.Authorization/diagnosticSettingsCategories/read\",\n \"Microsoft.Authorization/locks/read\",\n \"Microsoft.Authorization/operations/read\",\n \"Microsoft.Authorization/permissions/read\",\n \"Microsoft.Authorization/policyAssignments/read\",\n \"Microsoft.Authorization/policyAssignments/privateLinkAssociations/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read\",\n \"Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read\",\n \"Microsoft.Authorization/policyDefinitions/read\",\n \"Microsoft.Authorization/policyExemptions/read\",\n \"Microsoft.Authorization/policySetDefinitions/read\",\n \"Microsoft.Authorization/providerOperations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleInstances/read\",\n \"Microsoft.Authorization/roleAssignmentScheduleRequests/read\",\n \"Microsoft.Authorization/roleAssignmentSchedules/read\",\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleInstances/read\",\n \"Microsoft.Authorization/roleEligibilityScheduleRequests/read\",\n \"Microsoft.Authorization/roleEligibilitySchedules/read\",\n \"Microsoft.Authorization/roleManagementPolicies/read\",\n \"Microsoft.Authorization/roleManagementPolicyAssignments/read\",\n \"Microsoft.ExtendedLocation/customLocations/deploy/action\",\n \"Microsoft.ExtendedLocation/customLocations/read\",\n \"Microsoft.HybridCompute/machines/extensions/read\",\n \"Microsoft.HybridCompute/machines/read\",\n \"Microsoft.Insights/alertRules/activated/action\",\n \"Microsoft.Insights/alertRules/delete\",\n \"Microsoft.Insights/alertRules/incidents/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/alertRules/resolved/action\",\n \"Microsoft.Insights/alertRules/throttled/action\",\n \"Microsoft.Insights/alertRules/write\",\n \"Microsoft.Kubernetes/connectedClusters/read\",\n \"Microsoft.KubernetesConfiguration/extensions/read\",\n \"Microsoft.ManagedNetworkFabric/networkFabricControllers/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkFabrics/join/action\",\n \"Microsoft.ManagedNetworkFabric/networkRacks/join/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/cordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/delete\",\n \"Microsoft.NetworkCloud/bareMetalMachines/powerOff/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/read\",\n \"Microsoft.NetworkCloud/bareMetalMachines/reimage/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/replace/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/restart/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runDataExtracts/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/runReadCommands/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/start/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/uncordon/action\",\n \"Microsoft.NetworkCloud/bareMetalMachines/write\",\n \"Microsoft.NetworkCloud/clusterManagers/delete\",\n \"Microsoft.NetworkCloud/clusterManagers/read\",\n \"Microsoft.NetworkCloud/clusterManagers/write\",\n \"Microsoft.NetworkCloud/clusters/bareMetalMachineKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/bmcKeySets/read\",\n \"Microsoft.NetworkCloud/clusters/continueUpdateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/delete\",\n \"Microsoft.NetworkCloud/clusters/deploy/action\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/delete\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/read\",\n \"Microsoft.NetworkCloud/clusters/metricsConfigurations/write\",\n \"Microsoft.NetworkCloud/clusters/read\",\n \"Microsoft.NetworkCloud/clusters/scanRuntime/action\",\n \"Microsoft.NetworkCloud/clusters/updateVersion/action\",\n \"Microsoft.NetworkCloud/clusters/write\",\n \"Microsoft.NetworkCloud/locations/operationStatuses/read\",\n \"Microsoft.NetworkCloud/operations/read\",\n \"Microsoft.NetworkCloud/rackSkus/read\",\n \"Microsoft.NetworkCloud/racks/delete\",\n \"Microsoft.NetworkCloud/racks/join/action\",\n \"Microsoft.NetworkCloud/racks/read\",\n \"Microsoft.NetworkCloud/racks/write\",\n \"Microsoft.NetworkCloud/register/action\",\n \"Microsoft.NetworkCloud/registeredSubscriptions/read\",\n \"Microsoft.NetworkCloud/storageAppliances/read\",\n \"Microsoft.NetworkCloud/unregister/action\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"updatedOn\": \"2024-07-10T15:34:35.6699773Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4aa368ec-fba9-4e93-81ed-396b3d461cc5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4aa368ec-fba9-4e93-81ed-396b3d461cc5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Container Instances Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to container groups provided by Azure Container Instances\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerInstance/containerGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"updatedOn\": \"2024-07-10T17:34:56.6101604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5d977122-f97e-4b4d-a52f-6b43003ddb4d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5d977122-f97e-4b4d-a52f-6b43003ddb4d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read connectors and their associated resources, such as impacts and insights.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Read\",\n \"Microsoft.Impact/WorkloadImpacts/Insights/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"updatedOn\": \"2024-07-11T08:23:57.6283786Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6cdbb904-5ff3-429d-8169-7d7818b91bd8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6cdbb904-5ff3-429d-8169-7d7818b91bd8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Transparency Logs Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Transparency Log resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/transparencyLogs/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"updatedOn\": \"2024-07-17T17:02:42.8274577Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ad4d0ee-9bfb-49e8-93fc-01abb8db6240\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grafana Limited Viewer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View home page.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"updatedOn\": \"2024-07-18T04:59:38.6229575Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/41e04612-9dac-4699-a02b-c82ff2cc3fb5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"41e04612-9dac-4699-a02b-c82ff2cc3fb5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Disk Encryption Set Operator for Managed Disks\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/diskEncryptionSets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"updatedOn\": \"2024-07-18T21:23:09.7233533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/136d308c-0937-4a49-9bd7-edfb42adbffc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"136d308c-0937-4a49-9bd7-edfb42adbffc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Bayer Ag Powered Services Field Imagery Solution Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide access to Field Imagery Solution by Bayer Ag Powered Services\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AgFoodPlatform/farmBeats/parties/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/read\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/fields/write\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*\",\n \"Microsoft.AgFoodPlatform/farmBeats/scenes/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-01T08:16:34.164867Z\",\n \"updatedOn\": \"2024-08-13T16:10:23.6530781Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1af232de-e806-426f-8ca1-c36142449755\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1af232de-e806-426f-8ca1-c36142449755\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Edge Hardware Center Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to take actions as an edge order administrator\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrder/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-06T15:15:42.539443Z\",\n \"updatedOn\": \"2024-08-06T15:15:42.539443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9295f069-25d0-4f44-bb6a-3da70d11aa00\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9295f069-25d0-4f44-bb6a-3da70d11aa00\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-In Role that has all control plane permissions to work with Azure AI and its dependencies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.ContainerRegistry/registries/*\",\n \"Microsoft.DocumentDb/databaseAccounts/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/generateLiveToken/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricAlerts/*\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/topology/read\",\n \"Microsoft.Insights/transactions/read\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.KeyVault/*\",\n \"Microsoft.MachineLearningServices/workspaces/*\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Storage/storageAccounts/*\",\n \"Microsoft.Support/*\",\n \"Microsoft.Search/searchServices/write\",\n \"Microsoft.Search/searchServices/read\",\n \"Microsoft.Search/searchServices/delete\",\n \"Microsoft.Search/searchServices/indexes/*\",\n \"Microsoft.Search/searchServices/listAdminKeys/action\",\n \"Microsoft.Search/searchServices/privateEndpointConnections/*\",\n \"Microsoft.DataFactory/factories/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-07T23:50:52.3424998Z\",\n \"updatedOn\": \"2025-04-15T15:19:36.7198543Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b78c5d69-af96-48a3-bf8d-a8b4d589de94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b78c5d69-af96-48a3-bf8d-a8b4d589de94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Gallery Image Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role for reading gallery images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/galleries/images/read\",\n \"Microsoft.Compute/galleries/images/versions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-09T07:40:21.6696134Z\",\n \"updatedOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cf7c76d2-98a3-4358-a134-615aa78bf44d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cf7c76d2-98a3-4358-a134-615aa78bf44d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, logstream and exec into Container Apps.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/containerApps/logstream/action\",\n \"Microsoft.App/containerApps/exec/action\",\n \"Microsoft.App/containerApps/debug/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-11-13T16:12:37.8788949Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f3bd1b5c-91fa-40e7-afe7-0c11d331232c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f3bd1b5c-91fa-40e7-afe7-0c11d331232c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/*/write\",\n \"Microsoft.App/managedEnvironments/*/delete\",\n \"Microsoft.App/managedEnvironments/*/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/57cc5028-e6a7-4284-868d-0611c5923f8d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"57cc5028-e6a7-4284-868d-0611c5923f8d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/containerApps/*/read\",\n \"Microsoft.App/containerApps/*/write\",\n \"Microsoft.App/containerApps/*/delete\",\n \"Microsoft.App/containerApps/*/action\",\n \"Microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.437978Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.437978Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/358470bc-b998-42bd-ab17-a7e34c199c0f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"358470bc-b998-42bd-ab17-a7e34c199c0f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ManagedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps managedenvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/managedEnvironments/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b32c00b-7eff-4c22-93e6-93d11d72d2d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b32c00b-7eff-4c22-93e6-93d11d72d2d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/managedenvironments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/edd66693-d32a-450b-997d-0158c03976b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"edd66693-d32a-450b-997d-0158c03976b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to ContainerApps sessionpools.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4369771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/af61e8fc-2633-4b95-bed3-421ad6826515\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"af61e8fc-2633-4b95-bed3-421ad6826515\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps jobs, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.App/jobs/write\",\n \"Microsoft.App/jobs/delete\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e3d2b60-56ae-4dc6-a233-09c8e5a82e68\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps SessionPools Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps SessionPools, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/sessionPools/*/read\",\n \"Microsoft.App/sessionPools/*/write\",\n \"Microsoft.App/sessionPools/*/delete\",\n \"Microsoft.App/sessionPools/*/action\",\n \"microsoft.App/managedEnvironments/read\",\n \"Microsoft.App/managedEnvironments/*/read\",\n \"Microsoft.App/managedEnvironments/join/action\",\n \"Microsoft.App/managedEnvironments/checknameavailability/action\",\n \"microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"updatedOn\": \"2024-08-13T16:10:24.4359771Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f7669afb-68b2-44b4-9c5f-6d2a47fddda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f7669afb-68b2-44b4-9c5f-6d2a47fddda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Durable Task role for all data access operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"updatedOn\": \"2024-08-15T21:28:36.4077189Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0ad04412-c4d5-4796-b79c-f76d14c8d402\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0ad04412-c4d5-4796-b79c-f76d14c8d402\"\n },\n {\n \"properties\": {\n \"roleName\": \"KubernetesRuntime Load Balancer Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, and delete load balancers in an Arc connected Kubernetes cluster\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesRuntime/loadBalancers/read\",\n \"Microsoft.KubernetesRuntime/loadBalancers/write\",\n \"Microsoft.KubernetesRuntime/loadBalancers/delete\",\n \"Microsoft.KubernetesRuntime/bgpPeers/read\",\n \"Microsoft.KubernetesRuntime/bgpPeers/write\",\n \"Microsoft.KubernetesRuntime/bgpPeers/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesRuntime/locations/operationStatuses/write\",\n \"Microsoft.KubernetesRuntime/services/write\",\n \"Microsoft.KubernetesRuntime/services/delete\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/write\",\n \"Microsoft.KubernetesRuntime/bfdProfiles/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-26T15:01:39.6821551Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a5682fc-4f12-4b25-927e-e8cfed0c539e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a5682fc-4f12-4b25-927e-e8cfed0c539e\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS Orchestrator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource group because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to create the supporting resources in the resource group of the private clouds attached virtual network and bind them to the attached virtual network. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/operationStatuses/read\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Network/virtualHubs/delete\",\n \"Microsoft.Network/publicIPAddresses/delete\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/delete\",\n \"Microsoft.Network/networkIntentPolicies/read\",\n \"Microsoft.Network/networkIntentPolicies/delete\",\n \"Microsoft.Network/networkIntentPolicies/write\",\n \"Microsoft.Network/networkSecurityGroups/delete\",\n \"Microsoft.Network/networkSecurityGroups/write\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete\",\n \"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action\",\n \"Microsoft.Network/virtualHubs/write\",\n \"Microsoft.Network/publicIPAddresses/write\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/write\",\n \"Microsoft.Network/networkSecurityGroups/securityRules/read\",\n \"Microsoft.Network/virtualHubs/ipConfigurations/read\",\n \"Microsoft.Network/virtualHubs/bgpConnections/write\",\n \"Microsoft.Network/virtualHubs/bgpConnections/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Network/locations/operationResults/read\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/write\",\n \"Microsoft.Network/routeTables/delete\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/routeTables/routes/read\",\n \"Microsoft.Network/routeTables/routes/write\",\n \"Microsoft.Network/routeTables/routes/delete\",\n \"Microsoft.Network/virtualNetworks/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{d715fb95a0f04f1c8be65ad2d2767f67, 4d97b98b1d4f4787a291c67834d212e7, 49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2024-08-27T15:13:33.8810873Z\",\n \"updatedOn\": \"2025-02-13T20:38:23.7051408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d715fb95-a0f0-4f1c-8be6-5ad2d2767f67\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Connector Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can Manage Service Connector.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceLinker/linkers/read\",\n \"Microsoft.ServiceLinker/linkers/delete\",\n \"Microsoft.ServiceLinker/linkers/write\",\n \"Microsoft.ServiceLinker/linkers/listConfigurations/action\",\n \"Microsoft.ServiceLinker/linkers/validateLinker/action\",\n \"Microsoft.ServiceLinker/dryruns/delete\",\n \"Microsoft.ServiceLinker/dryruns/write\",\n \"Microsoft.ServiceLinker/linkers/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/delete\",\n \"Microsoft.ServiceLinker/locations/connectors/generateConfigurations/action\",\n \"Microsoft.ServiceLinker/locations/connectors/validate/action\",\n \"Microsoft.ServiceLinker/locations/connectors/write\",\n \"Microsoft.ServiceLinker/locations/dryruns/delete\",\n \"Microsoft.ServiceLinker/locations/dryruns/write\",\n \"Microsoft.ServiceLinker/locations/operationStatuses/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-28T15:23:35.037597Z\",\n \"updatedOn\": \"2025-05-16T03:07:33.2225582Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db7003cd-07a9-490c-bfa5-23e40314f8d7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db7003cd-07a9-490c-bfa5-23e40314f8d7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Enclave Approver Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all resources in Azure Virtual Enclaves and Approve approval requests within the Enclave\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/communities/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/endpoints/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Mission/communities/communityEndpoints/read\",\n \"Microsoft.Mission/communities/transitHubs/read\",\n \"Microsoft.Mission/enclaveConnections/read\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read\",\n \"Microsoft.Mission/approvals/read\",\n \"Microsoft.Mission/approvals/write\",\n \"Microsoft.Mission/enclaveConnections/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/approvalCallback/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/communities/communityEndpoints/approvalCallback/action\",\n \"Microsoft.Mission/approvals/initiatorCallback/action\",\n \"Microsoft.Mission/communities/setMaintenanceMode/action\",\n \"Microsoft.Mission/communities/communityendpoints/connect/action\",\n \"Microsoft.Mission/virtualEnclaves/setWorkloadRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setEnclaveRoleAssignments/action\",\n \"Microsoft.Mission/virtualEnclaves/setSubnetConfiguration/action\",\n \"Microsoft.Mission/virtualEnclaves/enclaveEndpoints/connect/action\",\n \"Microsoft.Mission/enclaveConnections/setSourceCidr/action\",\n \"Microsoft.Mission/virtualenclaves/setMaintenanceMode/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T15:25:33.0231286Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.356225Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2142ea27-02ad-4094-bfea-2dbac6d24934\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2142ea27-02ad-4094-bfea-2dbac6d24934\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Update Agent\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide full access to all Azure Device Update agent operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"updatedOn\": \"2024-08-30T18:44:41.5398808Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a740172-0fc2-4039-972c-b31864cd47d6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a740172-0fc2-4039-972c-b31864cd47d6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Key Vault Purge Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows permanent deletion of soft-deleted vaults.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KeyVault/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/read\",\n \"Microsoft.KeyVault/locations/deletedVaults/purge/action\",\n \"Microsoft.KeyVault/locations/operationResults/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"updatedOn\": \"2024-09-02T15:07:08.3019612Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a68e7c17-0ab2-4c09-9a58-125dae29748c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a68e7c17-0ab2-4c09-9a58-125dae29748c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Face Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to perform all Face APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Authorization/roleDefinitions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/accounts/Face/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"updatedOn\": \"2024-09-03T15:18:09.8561299Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b5b0c71d-aca9-4081-aee2-9b1bb335fc1a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps Jobs Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, start, and stop Container Apps jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"microsoft.app/jobs/read\",\n \"Microsoft.App/jobs/*/read\",\n \"Microsoft.App/jobs/*/action\",\n \"Microsoft.app/managedenvironments/read\",\n \"Microsoft.App/managedenvironments/*/read\",\n \"Microsoft.App/managedenvironments/join/action\",\n \"Microsoft.App/managedenvironments/checknameavailability/action\",\n \"Microsoft.app/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/join/action\",\n \"Microsoft.App/connectedEnvironments/checknameavailability/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/jobs/logstream/action\",\n \"Microsoft.App/jobs/exec/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"updatedOn\": \"2024-09-06T21:49:59.0891068Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b9a307c4-5aa3-4b52-ba60-2b17c136cd7b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Operator Nexus Owner (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"(Preview) This role allows full access to Azure Operator Nexus Network Cloud resources. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NetworkCloud/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"updatedOn\": \"2024-09-09T15:09:55.7798051Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77be276d-fb44-4f3b-beb5-9bf03c4cd2d3\"\n },\n {\n \"properties\": {\n \"roleName\": \"CloudTest Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on CloudTest Accounts, CloudTest Pools, 1ES Hosted Pools and 1ES Images.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CloudTest/*/read\",\n \"Microsoft.CloudTest/hostedpools/write\",\n \"Microsoft.CloudTest/hostedpools/delete\",\n \"Microsoft.CloudTest/images/write\",\n \"Microsoft.CloudTest/images/delete\",\n \"Microsoft.CloudTest/images/cancel/action\",\n \"Microsoft.CloudTest/images/refresh/action\",\n \"Microsoft.CloudTest/pools/write\",\n \"Microsoft.CloudTest/pools/delete\",\n \"Microsoft.CloudTest/accounts/write\",\n \"Microsoft.CloudTest/accounts/delete\",\n \"Microsoft.CloudTest/pools/leases/action\",\n \"Microsoft.CloudTest/pools/leases/complete/action\",\n \"Microsoft.CloudTest/pools/leases/extend/action\",\n \"Microsoft.CloudTest/hostedpools/leases/action\",\n \"Microsoft.CloudTest/hostedpools/leases/complete/action\",\n \"Microsoft.CloudTest/hostedpools/leases/extend/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2025-08-14T01:17:34.3715766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4e9d0bd4-5aab-4f91-92df-9def33fe287c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4e9d0bd4-5aab-4f91-92df-9def33fe287c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Automanage Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Automanage Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Automanage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"updatedOn\": \"2024-09-10T15:22:51.5250778Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d6517c1-e434-405c-9f3f-e0ae65085d76\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d6517c1-e434-405c-9f3f-e0ae65085d76\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Bot Service Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"To perform actions on the bots by copilot studio platform and extensibility team\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.BotService/listAuthServiceProviders/action\",\n \"Microsoft.BotService/listauthserviceproviders/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/read\",\n \"Microsoft.BotService/botServices/write\",\n \"Microsoft.BotService/botServices/delete\",\n \"Microsoft.BotService/botServices/channels/write\",\n \"Microsoft.BotService/botServices/channels/read\",\n \"Microsoft.BotService/botServices/channels/listchannelwithkeys/action\",\n \"Microsoft.BotService/botServices/channels/delete\",\n \"Microsoft.BotService/botServices/channels/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/connections/read\",\n \"Microsoft.BotService/botServices/connections/write\",\n \"Microsoft.BotService/botServices/connections/delete\",\n \"Microsoft.BotService/botServices/connections/listwithsecrets/write\",\n \"Microsoft.BotService/botServices/connections/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/createemailsigninurl/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionsApproval/action\",\n \"Microsoft.BotService/botServices/joinPerimeter/action\",\n \"Microsoft.BotService/botServices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/checknameavailability/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/hostsettings/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/delete\",\n \"Microsoft.BotService/botServices/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/write\",\n \"Microsoft.BotService/botServices/privateEndpointConnections/delete\",\n \"Microsoft.BotService/listqnamakerendpointkeys/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterConfigurations/reconcile/action\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/write\",\n \"Microsoft.BotService/botServices/networkSecurityPerimeterAssociationProxies/delete\",\n \"Microsoft.BotService/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.BotService/botServices/channels/regeneratekeys/action\",\n \"Microsoft.BotService/botServices/Connections/listWithSecrets/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-12T05:29:14.6965924Z\",\n \"updatedOn\": \"2025-01-30T16:45:30.6156198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"9fc6112f-f48e-4e27-8b09-72a5c94e4ae9\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/175b81b9-6e0d-490a-85e4-0d422273c10c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"175b81b9-6e0d-490a-85e4-0d422273c10c\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Configuration Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for all management operations, except purge, for App Configuration resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppConfiguration/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [\n \"Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"updatedOn\": \"2024-09-13T00:23:03.6049034Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fe86443c-f201-4fc4-9d2a-ac61149fbda0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fe86443c-f201-4fc4-9d2a-ac61149fbda0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Managed Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Deploy and manage your Service Fabric Managed Cluster resources. Includes managed clusters, node types, application types, application type versions, applications, and services.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/managedclusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-17T15:06:28.2939568Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/83f80186-3729-438c-ad2d-39e94d718838\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"83f80186-3729-438c-ad2d-39e94d718838\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Data Importer and Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to import images into a registry through the registry import operation. Provides the ability to list repositories, view images and tags, get manifests, and pull images. Does not provide permissions for importing images through configuring registry transfer pipelines such as import and export pipelines. Does not provide permissions for importing through configuring Artifact Cache or Sync rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/importImage/action\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/pull/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-19T02:48:17.8131685Z\",\n \"updatedOn\": \"2025-04-25T08:31:50.8322354Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/577a9874-89fd-4f24-9dbd-b5034d0ad23a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"577a9874-89fd-4f24-9dbd-b5034d0ad23a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Service Orchestration Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants the required permissions to Azure Batch Resource Provider to manage compute and other backing resources in the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Security/assessments/read\",\n \"Microsoft.AzureFleet/fleets/write\",\n \"Microsoft.AzureFleet/fleets/read\",\n \"Microsoft.AzureFleet/fleets/delete\",\n \"Microsoft.Compute/locations/DiskOperations/read\",\n \"Microsoft.Compute/locations/operations/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/approveRollingUpgrade/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/deallocate/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete\",\n \"Microsoft.Compute/virtualMachineScaleSets/delete/action\",\n \"Microsoft.Compute/VirtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimage/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/reimageall/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/restart/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/start/action\",\n \"Microsoft.Compute/virtualMachineScaleSets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/extensions/read\",\n \"microsoft.Compute/virtualMachineScaleSets/networkInterfaces/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachineScaleSets/virtualmachines/restart/action\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.Resources/subscriptions/resourceGroups/resources/read\",\n \"Microsoft.Network/networkWatchers/read\",\n \"Microsoft.Network/virtualNetworks/delete\",\n \"Microsoft.Network/virtualNetworks/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T04:53:47.7198421Z\",\n \"updatedOn\": \"2025-02-12T16:18:23.8859317Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a35466a1-cfd6-450a-b35e-683fcdf30363\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a35466a1-cfd6-450a-b35e-683fcdf30363\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft PowerBI Tenant Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows management of tenant operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerBI/tenants/workspaces/read\",\n \"Microsoft.PowerBI/tenants/workspaces/delete\",\n \"Microsoft.PowerBI/tenants/read\",\n \"Microsoft.PowerBI/tenants/delete\",\n \"Microsoft.PowerBI/tenants/write\",\n \"Microsoft.PowerBI/tenants/workspaces/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"updatedOn\": \"2024-09-20T19:19:19.2247312Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8c87871d-6201-42da-abb1-1c0c985ff71c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8c87871d-6201-42da-abb1-1c0c985ff71c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Fabric Cluster Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage your Service Fabric Cluster resources. Includes clusters, application types, application type versions, applications, and services. You will need additional permissions to deploy and manage the cluster's underlying resources such as virtual machine scale sets, storage accounts, networks, etc.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ServiceFabric/clusters/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-01T15:07:22.3648709Z\",\n \"updatedOn\": \"2024-10-07T15:14:28.4995735Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6efc156-f0da-4e90-a50a-8c000140b017\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6efc156-f0da-4e90-a50a-8c000140b017\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6e0c8711-85a0-4490-8365-8ec13c4560b4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6e0c8711-85a0-4490-8365-8ec13c4560b4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Stream Analytics Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read-only access to Clusters and Streaming Jobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StreamAnalytics/streamingjobs/Read\",\n \"Microsoft.StreamAnalytics/streamingjobs/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/Read\",\n \"Microsoft.StreamAnalytics/clusters/*/Read\",\n \"Microsoft.StreamAnalytics/clusters/ListStreamingJobs/action\",\n \"Microsoft.StreamAnalytics/locations/*/Read\",\n \"Microsoft.StreamAnalytics/operations/Read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"updatedOn\": \"2024-10-02T16:35:31.3006753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dfc38e8-6ce7-447f-807c-029c65262c5f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dfc38e8-6ce7-447f-807c-029c65262c5f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Worker\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by worker applications to interact with the Durable Task service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/execute/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-04T12:40:48.3980573Z\",\n \"updatedOn\": \"2025-07-10T20:34:53.5413918Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/80d0d6b0-f522-40a4-8886-a5a11720c375\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"80d0d6b0-f522-40a4-8886-a5a11720c375\"\n },\n {\n \"properties\": {\n \"roleName\": \"Portal Dashboard Writer Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can write an Azure Portal Dashboard\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Portal/dashboards/read\",\n \"Microsoft.Portal/dashboards/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-08T15:25:11.3964685Z\",\n \"updatedOn\": \"2025-07-23T23:16:02.9942117Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78eacb5e-e318-4560-85a9-e6a724ca60c9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78eacb5e-e318-4560-85a9-e6a724ca60c9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Owner allowing to review and modify Landing Zone Account, Landing Zone Configurations, as well as reading and adding Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf2b6809-e9a5-4aea-a6e1-40a9dc8c43a7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Landing Zone Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.Sovereign Landing Zone Account Reader allowing to read Landing Zone Account, Landing Zone Configurations and Landing Zone Registrations. Also enables read-access to policies and management groups for enabling the full user experience of the Sovereign Services RP in the Azure Portal (as otherwise some elements might not be accessible to end users).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Sovereign/landingZoneAccounts/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2718b1f7-eb07-424e-8868-0137541392a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2718b1f7-eb07-424e-8868-0137541392a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.Windows365.CloudPcDelegatedMsis Writer User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role to perform Write operations on CloudPcDelegatedMsis resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Windows365/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"updatedOn\": \"2024-10-14T15:14:51.7684621Z\",\n \"createdBy\": \"dipakmahajan\",\n \"updatedBy\": \"dipakmahajan\"\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/21bffb94-04c0-4ed0-b676-68bb926e832b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"21bffb94-04c0-4ed0-b676-68bb926e832b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Job Submitter\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you submit and manage jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/batchAccounts/applications/read\",\n \"Microsoft.Batch/batchAccounts/applications/versions/read\",\n \"Microsoft.Batch/batchAccounts/pools/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/48e5e92e-a480-4e71-aa9c-2778f4c13781\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"48e5e92e-a480-4e71-aa9c-2778f4c13781\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view all resources including pools and jobs in the Batch account.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Batch/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2025-08-07T11:36:35.1603929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11076f67-66f6-4be0-8f6b-f0609fd05cc9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11076f67-66f6-4be0-8f6b-f0609fd05cc9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Batch resources, including Batch accounts, pools and jobs.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2025-08-07T12:06:49.3936883Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29fe4964-1e60-436b-bd3a-77fd4c178b3c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29fe4964-1e60-436b-bd3a-77fd4c178b3c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Batch Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to manage Batch pools and jobs but not to modify accounts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Batch/batchAccounts/read\",\n \"Microsoft.Batch/batchAccounts/applications/*\",\n \"Microsoft.Batch/batchAccounts/certificates/*\",\n \"Microsoft.Batch/batchAccounts/certificateOperationResults/*\",\n \"Microsoft.Batch/batchAccounts/pools/*\",\n \"Microsoft.Batch/batchAccounts/poolOperationResults/*\",\n \"Microsoft.Batch/locations/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Batch/batchAccounts/jobSchedules/*\",\n \"Microsoft.Batch/batchAccounts/jobs/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"updatedOn\": \"2024-10-16T15:31:49.7396522Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6aaa78f1-f7de-44ca-8722-c64a23943cae\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6aaa78f1-f7de-44ca-8722-c64a23943cae\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender CSPM Storage Data Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to read blobs and files. This role is used by the data scanner of Dfender CSPM.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T15:31:49.7386507Z\",\n \"updatedOn\": \"2024-11-06T16:01:17.0833766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0b6ca2e8-2cdc-4bd6-b896-aa3d8c21fc35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Managed Grafana Workspace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Azure Managed Grafana resources, without providing access to the workspaces themselves.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/grafana/write\",\n \"Microsoft.Dashboard/grafana/delete\",\n \"Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/action\",\n \"Microsoft.Dashboard/locations/operationStatuses/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/write\",\n \"Microsoft.Dashboard/grafana/privateEndpointConnections/delete\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/write\",\n \"Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/write\",\n \"Microsoft.Dashboard/grafana/integrationFabrics/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/deployments/operationstatuses/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-16T19:05:56.9094034Z\",\n \"updatedOn\": \"2025-05-16T00:34:45.2747678Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95\"\n },\n {\n \"properties\": {\n \"roleName\": \"Cognitive Services Data Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows to call data plane APIs, but not any control plane APIs for Microsoft Cognitive Services. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"updatedOn\": \"2024-10-17T23:22:42.1888199Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/19c28022-e58e-450d-a464-0b2a53034789\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"19c28022-e58e-450d-a464-0b2a53034789\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read access to Container Apps ConnectedEnvironments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.App/connectedEnvironments/read\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-18T03:26:58.612812Z\",\n \"updatedOn\": \"2024-10-18T03:26:58.612812Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d5adeb5b-107f-4aca-99ea-4e3f4fc008d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"updatedOn\": \"2024-10-21T15:04:47.7827701Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd80684d-2f5f-4130-892a-0955546282de\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd80684d-2f5f-4130-892a-0955546282de\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager RBAC Cluster Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read/write access to most Kubernetes cluster-scoped resources in the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/read\",\n \"Microsoft.ContainerService/fleets/listCredentials/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read\",\n \"Microsoft.ContainerService/fleets/apps/controllerrevisions/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/apps/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/apps/deployments/read\",\n \"Microsoft.ContainerService/fleets/apps/deployments/write\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/read\",\n \"Microsoft.ContainerService/fleets/apps/statefulsets/write\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read\",\n \"Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/read\",\n \"Microsoft.ContainerService/fleets/batch/cronjobs/write\",\n \"Microsoft.ContainerService/fleets/batch/jobs/read\",\n \"Microsoft.ContainerService/fleets/batch/jobs/write\",\n \"Microsoft.ContainerService/fleets/configmaps/read\",\n \"Microsoft.ContainerService/fleets/configmaps/write\",\n \"Microsoft.ContainerService/fleets/endpoints/read\",\n \"Microsoft.ContainerService/fleets/endpoints/write\",\n \"Microsoft.ContainerService/fleets/events.k8s.io/events/read\",\n \"Microsoft.ContainerService/fleets/events/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/read\",\n \"Microsoft.ContainerService/fleets/extensions/daemonsets/write\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/read\",\n \"Microsoft.ContainerService/fleets/extensions/deployments/write\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/read\",\n \"Microsoft.ContainerService/fleets/extensions/ingresses/write\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/extensions/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/limitranges/read\",\n \"Microsoft.ContainerService/fleets/namespaces/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read\",\n \"Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write\",\n \"Microsoft.ContainerService/fleets/nodes/read\",\n \"Microsoft.ContainerService/fleets/nodes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumes/write\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/read\",\n \"Microsoft.ContainerService/fleets/persistentvolumeclaims/write\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read\",\n \"Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/read\",\n \"Microsoft.ContainerService/fleets/replicationcontrollers/write\",\n \"Microsoft.ContainerService/fleets/resourcequotas/read\",\n \"Microsoft.ContainerService/fleets/secrets/read\",\n \"Microsoft.ContainerService/fleets/secrets/write\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/read\",\n \"Microsoft.ContainerService/fleets/serviceaccounts/write\",\n \"Microsoft.ContainerService/fleets/services/read\",\n \"Microsoft.ContainerService/fleets/services/write\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read\",\n \"Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write\",\n \"Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"updatedOn\": \"2024-10-21T15:04:48.6744253Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1dc4cd5a-de51-4ee4-bc8e-b40e9c17e320\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Experiment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, run, and see details for experiments, onboard targets, and manage capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2875737Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7c2e40b7-25eb-482a-82cb-78ba06cb46d5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7c2e40b7-25eb-482a-82cb-78ba06cb46d5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can view targets, capabilities, experiments, and experiment details.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:06.4025115Z\",\n \"updatedOn\": \"2025-01-08T19:22:35.5075532Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29e2da8a-229c-4157-8ae8-cc72fc506b74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29e2da8a-229c-4157-8ae8-cc72fc506b74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can run and see details for experiments but cannot create experiments or manage targets and capabilities.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/*/read\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/executions/getExecutionDetails/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-22T15:14:07.6428446Z\",\n \"updatedOn\": \"2025-01-08T19:22:36.2476916Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a40e87e-6645-48e0-b27a-0b115d849a20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a40e87e-6645-48e0-b27a-0b115d849a20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Messaging Connectors Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for full access to Azure Messaging Connectors resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.MessagingConnectors/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff478a4e-8633-416e-91bc-ec33ce7c9516\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff478a4e-8633-416e-91bc-ec33ce7c9516\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Apps ConnectedEnvironments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full management of Container Apps ConnectedEnvironments, including creation, deletion, and updates.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/connectedEnvironments/*\",\n \"Microsoft.App/connectedEnvironments/*/read\",\n \"Microsoft.App/connectedEnvironments/*/write\",\n \"Microsoft.App/connectedEnvironments/*/delete\",\n \"Microsoft.App/connectedEnvironments/*/action\",\n \"Microsoft.App/connectedEnvironments/daprComponents/listSecrets/action\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"updatedOn\": \"2024-10-23T15:16:12.0077296Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6f4fe6fc-f04f-4d97-8528-8bc18c848dca\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6f4fe6fc-f04f-4d97-8528-8bc18c848dca\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Contributor and Data Access Configuration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to create, list, and update container registries and registry configuration properties. Provides permissions to configure data access such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/write\",\n \"Microsoft.ContainerRegistry/registries/delete\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/regenerateCredential/action\",\n \"Microsoft.ContainerRegistry/registries/generateCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/write\",\n \"Microsoft.ContainerRegistry/registries/replications/delete\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/delete\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/write\",\n \"Microsoft.ContainerRegistry/registries/tokens/delete\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/write\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/delete\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/write\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/delete\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/deactivate/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/write\",\n \"Microsoft.ContainerRegistry/registries/webhooks/delete\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/ping/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\",\n \"Microsoft.ContainerRegistry/locations/operationResults/read\",\n \"Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/privateEndpoints/privateLinkServiceProxies/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"updatedOn\": \"2024-10-23T22:38:18.7982782Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bc748fc-213d-45c1-8d91-9da5725539b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bc748fc-213d-45c1-8d91-9da5725539b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Health Safeguards Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in all available Health Safeguards\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalAnchoring/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalCodesValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalConflictDetection/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalEvidenceVerification/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalProvenance/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/ClinicalSemanticValidation/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/DetectHallucinationsAndOmissions/Process/Action\",\n \"Microsoft.HealthBot/healthBots/HealthSafeguards/HealthAdaptedFiltering/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-25T13:47:32.4836018Z\",\n \"updatedOn\": \"2024-12-09T16:09:07.9062467Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/566f0da3-e2a5-4393-9089-763f8bab8fb6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"566f0da3-e2a5-4393-9089-763f8bab8fb6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Configuration Reader and Data Access Configuration Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to list container registries and registry configuration properties. Provides permissions to list data access configuration such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read\",\n \"Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/listCredentials/action\",\n \"Microsoft.ContainerRegistry/registries/tokens/read\",\n \"Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/read\",\n \"Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/read\",\n \"Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/listEvents/action\",\n \"Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/replications/read\",\n \"Microsoft.ContainerRegistry/registries/replications/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/connectedRegistries/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/read\",\n \"Microsoft.Insights/AlertRules/Write\",\n \"Microsoft.Insights/AlertRules/Delete\",\n \"Microsoft.Insights/AlertRules/Read\",\n \"Microsoft.Insights/AlertRules/Activated/Action\",\n \"Microsoft.Insights/AlertRules/Resolved/Action\",\n \"Microsoft.Insights/AlertRules/Throttled/Action\",\n \"Microsoft.Insights/AlertRules/Incidents/Read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"updatedOn\": \"2024-10-30T22:57:44.2162129Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69b07be0-09bf-439a-b9a6-e73de851bd59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69b07be0-09bf-439a-b9a6-e73de851bd59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Transfer Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides the ability to transfer, import, and export artifacts through configuring registry transfer pipelines that involve intermediary storage accounts and key vaults. Does not provide permissions to push or pull images. Does not provide permissions to create, manage, or list storage accounts or key vaults. Does not provide permissions to perform role assignments.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/exportPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/exportPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/read\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/write\",\n \"Microsoft.ContainerRegistry/registries/importPipelines/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/read\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/write\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/delete\",\n \"Microsoft.ContainerRegistry/registries/pipelineRuns/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"updatedOn\": \"2024-11-06T16:01:16.5768829Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf94e731-3a51-4a7c-8c54-a1ab9971dfc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Desktop Virtualization App Attach Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permission to manage app attach resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DesktopVirtualization/hostpools/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/read\",\n \"Microsoft.DesktopVirtualization/appattachpackages/write\",\n \"Microsoft.DesktopVirtualization/appattachpackages/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"updatedOn\": \"2024-11-07T16:11:41.3098066Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/97dfb3ce-e936-462c-9425-9cdb67e66d45\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"97dfb3ce-e936-462c-9425-9cdb67e66d45\"\n },\n {\n \"properties\": {\n \"roleName\": \"HybridCompute Machine ListAccessDetails Action In-Built Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"In-Built Role definition that grants permissions to execute the listAccessDetails action on HybridCompute Machines\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/machines/listAccessDetails/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-08T16:19:16.7242676Z\",\n \"updatedOn\": \"2025-03-12T16:00:45.5699939Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e9701b4d-e6e7-4657-91cd-360a0881d224\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e9701b4d-e6e7-4657-91cd-360a0881d224\"\n },\n {\n \"properties\": {\n \"roleName\": \"App Service Environment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage App Service Environments but not the App Service Plans or Websites that it hosts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Web/hostingEnvironments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"updatedOn\": \"2024-11-11T16:02:04.4285746Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8ea85a25-eb16-4e29-ab4d-6f2a26c711a2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Kubernetes Agent Subscription Level Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud subscription level permissions needed to activate Containers plan\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-14T10:01:45.877748Z\",\n \"updatedOn\": \"2024-12-12T11:16:08.7763533Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ada52afe-776a-4b4d-a8f2-55670d3d8178\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ada52afe-776a-4b4d-a8f2-55670d3d8178\"\n },\n {\n \"properties\": {\n \"roleName\": \"Quantum Workspace Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Quantum/Workspaces/read\",\n \"Microsoft.Quantum/locations/offerings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Quantum/Workspaces/jobs/read\",\n \"Microsoft.Quantum/Workspaces/jobs/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"updatedOn\": \"2024-11-18T16:11:51.3366657Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c1410b24-3e69-4857-8f86-4d0a2e603250\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c1410b24-3e69-4857-8f86-4d0a2e603250\"\n },\n {\n \"properties\": {\n \"roleName\": \"Communication and Email Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete Communications and Email Service resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Communication/CheckNameAvailability/action\",\n \"Microsoft.Communication/Locations/OperationStatuses/read\",\n \"Microsoft.Communication/Locations/OperationStatuses/write\",\n \"Microsoft.Communication/Operations/read\",\n \"Microsoft.Communication/CommunicationServices/read\",\n \"Microsoft.Communication/CommunicationServices/write\",\n \"Microsoft.Communication/CommunicationServices/delete\",\n \"Microsoft.Communication/CommunicationServices/ListKeys/action\",\n \"Microsoft.Communication/CommunicationServices/RegenerateKey/action\",\n \"Microsoft.Communication/CommunicationServices/LinkNotificationHub/action\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/read\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/write\",\n \"Microsoft.Communication/CommunicationServices/EventGridFilters/delete\",\n \"Microsoft.Communication/EmailServices/read\",\n \"Microsoft.Communication/EmailServices/write\",\n \"Microsoft.Communication/EmailServices/delete\",\n \"Microsoft.Communication/EmailServices/Domains/read\",\n \"Microsoft.Communication/EmailServices/Domains/write\",\n \"Microsoft.Communication/EmailServices/Domains/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/read\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/write\",\n \"Microsoft.Communication/EmailServices/Domains/SenderUsernames/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/delete\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/read\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/write\",\n \"Microsoft.Communication/EmailServices/Domains/SuppressionLists/SuppressionListAddresses/delete\",\n \"Microsoft.Communication/EmailServices/Domains/InitiateVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/CancelVerification/action\",\n \"Microsoft.Communication/EmailServices/Domains/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"updatedOn\": \"2024-11-19T16:16:07.6217357Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/09976791-48a7-449e-bb21-39d1a415f350\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"09976791-48a7-449e-bb21-39d1a415f350\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Autonomous Database Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage all Autonomous Database resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/autonomousDatabases/*/read\",\n \"Oracle.Database/autonomousDatabases/*/write\",\n \"Oracle.Database/autonomousDatabases/*/delete\",\n \"Oracle.Database/autonomousDatabases/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/oracleSubscriptions/*/action\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-03T16:00:22.0003479Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2663118Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59c05558-2358-462d-ba19-afbd7118936d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59c05558-2358-462d-ba19-afbd7118936d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Safety Evaluator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This role can perform all actions under workspace evaluations and simulations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/evaluations/*\",\n \"Microsoft.MachineLearningServices/workspaces/simulations/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"updatedOn\": \"2024-12-17T16:19:14.0812712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/11102f94-c441-49e6-a78b-ef80e0188abc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"11102f94-c441-49e6-a78b-ef80e0188abc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Tasks Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides permissions to configure, read, list, trigger, or cancel Container Registry Tasks, Task Runs, Task Logs, Quick Runs, Quick Builds, and Task Agent Pools. Permissions granted for Tasks management can be used for full registry data plane permissions including reading/writing/deleting container images in registries. Permissions granted for Tasks management can also be used to run customer authored build directives and run scripts to build software artifacts.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/agentpools/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/write\",\n \"Microsoft.ContainerRegistry/registries/agentpools/delete\",\n \"Microsoft.ContainerRegistry/registries/agentpools/listQueueStatus/action\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationResults/status/read\",\n \"Microsoft.ContainerRegistry/registries/agentpools/operationStatuses/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/read\",\n \"Microsoft.ContainerRegistry/registries/tasks/write\",\n \"Microsoft.ContainerRegistry/registries/tasks/delete\",\n \"Microsoft.ContainerRegistry/registries/tasks/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/scheduleRun/action\",\n \"Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/read\",\n \"Microsoft.ContainerRegistry/registries/runs/write\",\n \"Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action\",\n \"Microsoft.ContainerRegistry/registries/runs/cancel/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/read\",\n \"Microsoft.ContainerRegistry/registries/taskruns/write\",\n \"Microsoft.ContainerRegistry/registries/taskruns/delete\",\n \"Microsoft.ContainerRegistry/registries/taskruns/listDetails/action\",\n \"Microsoft.ContainerRegistry/registries/taskruns/operationStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"updatedOn\": \"2025-01-10T02:17:34.1336077Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fb382eab-e894-4461-af04-94435c366c3f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fb382eab-e894-4461-af04-94435c366c3f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Backup Snapshot Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provide permissions to backup identity to manage RPC snapshots\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Compute/restorePointCollections/read\",\n \"Microsoft.Compute/restorePointCollections/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/write\",\n \"Microsoft.Compute/restorePointCollections/restorePoints/read\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/beginGetAccess/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-10T12:02:58.1197573Z\",\n \"updatedOn\": \"2025-03-17T15:14:48.6639401Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/afc680e2-a938-412d-b213-9a49efa7fb83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"afc680e2-a938-412d-b213-9a49efa7fb83\"\n },\n {\n \"properties\": {\n \"roleName\": \"AVS on Fleet VIS Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Do not remove this role from your resource because it is critical to enable your AVS private cloud to operate. If the role is removed, it will cause your AVS private cloud control plane to no longer operate correctly. The role is used to enable the AVS private cloud control plane to inject address prefix changes of the private clouds attached virtual network to SDN and support peering sync feature. This role is not intended for use cases outside of assignment to the associated AVS identity in your entra-id tenant.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/write\",\n \"Microsoft.Network/virtualNetworks/peer/action\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\",\n \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Network/networkSecurityGroups/join/action\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/serviceEndpointPolicies/join/action\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkIntentPolicies/join/action\",\n \"Microsoft.Network/ddosProtectionPlans/join/action\",\n \"Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action\",\n \"Microsoft.BareMetal/peeringSettings/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/read\",\n \"Microsoft.Authorization/roleAssignments/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"(!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{49fc33c1886f4b21a00e1d9993234734}\"\n }\n ],\n \"createdOn\": \"2025-01-13T16:06:06.5931961Z\",\n \"updatedOn\": \"2025-06-11T06:31:53.4195138Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/49fc33c1-886f-4b21-a00e-1d9993234734\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"49fc33c1-886f-4b21-a00e-1d9993234734\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Management Copilot User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables users access to Edge Management Copilot.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeManagement/locations/chat/action\",\n \"Microsoft.EdgeManagement/troubleshoot/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T02:53:10.7767692Z\",\n \"updatedOn\": \"2025-09-01T15:03:56.0546394Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53e48117-a530-4075-bcbe-d91913e3bdb8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53e48117-a530-4075-bcbe-d91913e3bdb8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Durable Task Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read all Durable Task Scheduler data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/read\",\n \"Microsoft.DurableTask/schedulers/taskhubs/orchestrations/metadata/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-23T21:39:28.7653514Z\",\n \"updatedOn\": \"2025-07-10T20:34:54.3629229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d6a5505f-6ebb-45a4-896e-ac8274cfc0ac\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack HCI Edge Machine Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Edge Machine Contributor Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"updatedOn\": \"2025-01-30T17:46:12.9681065Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a6f9009-515c-4455-b170-143e4c9ce229\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a6f9009-515c-4455-b170-143e4c9ce229\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows full access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\",\n \"Microsoft.OnlineExperimentation/workspaces/write\",\n \"Microsoft.OnlineExperimentation/workspaces/delete\",\n \"Microsoft.OnlineExperimentation/workspaces/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.7573167Z\",\n \"updatedOn\": \"2025-02-14T17:38:48.3796504Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53747cdd-e97c-477a-948c-b587d0e514b2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53747cdd-e97c-477a-948c-b587d0e514b2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to Online Experimentation data.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OnlineExperimentation/workspaces/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"updatedOn\": \"2025-01-30T18:31:37.9063206Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1363e94d-546f-4fe9-8434-b0eefb292d59\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1363e94d-546f-4fe9-8434-b0eefb292d59\"\n },\n {\n \"properties\": {\n \"roleName\": \"Chaos Studio Target Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can onboard targets and manage capabilities but cannot create, run, or see details for experiments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"updatedOn\": \"2025-02-14T17:53:53.9708111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59a618e3-3c9a-406e-9f03-1a20dd1c55f1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59a618e3-3c9a-406e-9f03-1a20dd1c55f1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Auto Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Auto Actions resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/OperationStatuses/write\",\n \"Microsoft.ComputeSchedule/autoActions/write\",\n \"Microsoft.ComputeSchedule/autoActions/delete\",\n \"Microsoft.ComputeSchedule/autoActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/disable/action\",\n \"Microsoft.ComputeSchedule/autoActions/enable/action\",\n \"Microsoft.ComputeSchedule/autoActions/listResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/autoActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/autoActions/occurrences/listResources/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"updatedOn\": \"2025-02-18T16:16:31.5686249Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a8d01690-9418-4783-8ca2-9f0f1791783d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a8d01690-9418-4783-8ca2-9f0f1791783d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Device Onboarding Discovery Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read, write or delete the discovery and it's child resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DeviceOnboarding/discoveryServices/*\",\n \"Microsoft.DeviceOnboarding/locations/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"updatedOn\": \"2025-02-20T22:53:22.6101969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a227fb39-f479-404b-96fd-0176f5d88ab4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a227fb39-f479-404b-96fd-0176f5d88ab4\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Reader Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:00:59.904969Z\",\n \"updatedOn\": \"2025-02-24T16:00:59.904969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/31ef6312-5b0c-4ce9-8c5d-587a91344fe7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"31ef6312-5b0c-4ce9-8c5d-587a91344fe7\"\n },\n {\n \"properties\": {\n \"roleName\": \"SSH PublicKeys Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for SSH PublicKeys Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/sshpublickeys/read\",\n \"Microsoft.Compute/sshpublickeys/write\",\n \"Microsoft.Compute/sshpublickeys/delete\",\n \"Microsoft.Compute/sshpublickeys/generatekeypair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"updatedOn\": \"2025-02-24T16:01:00.6011541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc6e3395-6a8c-4527-bb4c-d0abd41e8e74\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Agent Pool Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for agentpool related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/write\",\n \"Microsoft.ContainerService/managedClusters/agentPools/delete\",\n \"Microsoft.ContainerService/managedClusters/agentPools/upgradeNodeImageVersion/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/abort/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"updatedOn\": \"2025-03-06T01:19:12.8922307Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1b7f3653-4324-473a-9165-bc55e4d04ba8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1b7f3653-4324-473a-9165-bc55e4d04ba8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Serverless Scanner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Serverless resources and thier connections\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"microsoft.web/sites/publish/action\",\n \"microsoft.web/sites/slots/publish/action\",\n \"microsoft.web/sites/config/list/action\",\n \"microsoft.web/sites/slots/config/list/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-06T09:38:08.4219917Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68ac31b4-936a-4046-a6d2-ba6f8a757bf6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68ac31b4-936a-4046-a6d2-ba6f8a757bf6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dedicated Host Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"This is the role created for DedicatedHosts Contributor\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/hostGroups/read\",\n \"Microsoft.Compute/hostGroups/write\",\n \"Microsoft.Compute/hostGroups/delete\",\n \"Microsoft.Compute/hostGroups/hosts/read\",\n \"Microsoft.Compute/hostGroups/hosts/write\",\n \"Microsoft.Compute/hostGroups/hosts/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"updatedOn\": \"2025-03-11T15:14:12.4494747Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"96ebd254-ecc7-4590-aff5-e9af3ff5f3b3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Compute Fleet Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to manage Compute Fleet resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureFleet/fleets/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"updatedOn\": \"2025-03-18T15:18:48.7947012Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2bed379c-9fba-455b-99e4-6b911073bcf2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2bed379c-9fba-455b-99e4-6b911073bcf2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure API Center Credential Access Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for access to Azure API Center data plane get credentials operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/read\",\n \"Microsoft.ApiCenter/services/workspaces/apis/versions/securityRequirements/getCredentials/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"updatedOn\": \"2025-03-20T17:29:06.7183003Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1df7cd83-1d3f-41df-95b0-53b30d963369\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1df7cd83-1d3f-41df-95b0-53b30d963369\"\n },\n {\n \"properties\": {\n \"roleName\": \"Managed Identity Federated Identity Credential Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete User Assigned Identity Federated Identity Credentials(FIC)\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/write\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"updatedOn\": \"2025-03-21T19:09:30.5276974Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7e559ce2-48d7-4b27-9128-fa1b247f1308\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7e559ce2-48d7-4b27-9128-fa1b247f1308\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides full access to manage all Azure File Sync (Storage Sync Service) resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/register/action\",\n \"Microsoft.StorageSync/unregister/action\",\n \"Microsoft.StorageSync/locations/*\",\n \"Microsoft.StorageSync/deployments/preflight/action\",\n \"Microsoft.StorageSync/storageSyncServices/*\",\n \"Microsoft.StorageSync/operations/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/shares/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/read\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:11:32.1254077Z\",\n \"updatedOn\": \"2025-05-21T16:06:38.6938985Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"92b92042-07d9-4307-87f7-36a593fc5850\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure File Sync Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides read access to Azure File Sync service (Storage Sync Service).\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.StorageSync/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-27T21:26:47.840119Z\",\n \"updatedOn\": \"2025-03-27T21:26:47.840119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/754c1a27-40dc-4708-8ad4-2bffdeee09e8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"754c1a27-40dc-4708-8ad4-2bffdeee09e8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Cluster API Provider\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables permissions to allow cluster API to manage nodes, networks and disks for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Compute/disks/delete\",\n \"Microsoft.Compute/disks/read\",\n \"Microsoft.Compute/disks/write\",\n \"Microsoft.Compute/diskEncryptionSets/read\",\n \"Microsoft.Compute/availabilitySets/delete\",\n \"Microsoft.Compute/availabilitySets/read\",\n \"Microsoft.Compute/availabilitySets/write\",\n \"Microsoft.Compute/virtualMachines/delete\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.Compute/virtualMachines/write\",\n \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\",\n \"Microsoft.Network/networkInterfaces/delete\",\n \"Microsoft.Network/networkInterfaces/join/action\",\n \"Microsoft.Network/networkInterfaces/read\",\n \"Microsoft.Network/networkInterfaces/write\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-28T17:59:48.0497955Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5098891Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/88366f10-ed47-4cc0-9fab-c8a06148393e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"88366f10-ed47-4cc0-9fab-c8a06148393e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions for all management operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"updatedOn\": \"2025-03-31T15:13:34.3723645Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2c7a01fe-5518-4a42-93c2-658e45441691\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2c7a01fe-5518-4a42-93c2-658e45441691\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale Storage Vault Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale Storage Vaults\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exascaleDbStorageVaults/write\",\n \"Oracle.Database/exascaleDbStorageVaults/delete\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:34.3733644Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2643111Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a00ed373-f085-4b75-a950-53eacdc52ac0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a00ed373-f085-4b75-a950-53eacdc52ac0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Online Experimentation Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission for read operations to Online Experimentation resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OnlineExperimentation/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"updatedOn\": \"2025-03-31T15:13:33.5542926Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/58b80de8-4b34-424c-9e47-23faf0f7cfe2\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"58b80de8-4b34-424c-9e47-23faf0f7cfe2\"\n },\n {\n \"properties\": {\n \"roleName\": \"Flux Configurations Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can create, update, get, list and delete Flux Configurations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/write\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/read\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/delete\",\n \"Microsoft.KubernetesConfiguration/fluxConfigurations/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"updatedOn\": \"2025-04-01T15:25:06.8179221Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61eb6405-5f4a-440b-ad03-fe06c5c85e44\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61eb6405-5f4a-440b-ad03-fe06c5c85e44\"\n },\n {\n \"properties\": {\n \"roleName\": \"Issue Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can read all issues data and update issues settings.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AlertsManagement/Issues/*\",\n \"microsoft.monitor/accounts/issues/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:12.3898424Z\",\n \"updatedOn\": \"2025-08-08T06:45:21.8923687Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8d7ecc5c-f27b-43cf-883f-46409d445502\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8d7ecc5c-f27b-43cf-883f-46409d445502\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Credential Sets in Container Registry. This role doesn't affect the needed permissions for storing content inside Azure Key Vault. This role also doesn't grant permissions to manage Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/write\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/delete\",\n \"Microsoft.ContainerRegistry/registries/credentialSets/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f094fb07-0703-4400-ad6a-e16dd8000e14\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f094fb07-0703-4400-ad6a-e16dd8000e14\"\n },\n {\n \"properties\": {\n \"roleName\": \"Oracle.Database Exascale VmCluster Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Exascale VmClusters\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Oracle.Database/exascaleDbStorageVaults/read\",\n \"Oracle.Database/exadbVmClusters/*/read\",\n \"Oracle.Database/exadbVmClusters/*/write\",\n \"Oracle.Database/exadbVmClusters/*/delete\",\n \"Oracle.Database/exadbVmClusters/*/action\",\n \"Oracle.Database/Locations/*/read\",\n \"Oracle.Database/Locations/*/write\",\n \"Oracle.Database/Operations/read\",\n \"Oracle.Database/oracleSubscriptions/*/read\",\n \"Oracle.Database/resourceAnchors/*\",\n \"Oracle.Database/networkAnchors/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/locations/operations/read\",\n \"Microsoft.Compute/sshPublicKeys/read\",\n \"Microsoft.Compute/sshPublicKeys/write\",\n \"Microsoft.Compute/sshPublicKeys/generateKeyPair/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0024218Z\",\n \"updatedOn\": \"2025-05-26T15:05:38.2653119Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0869d06d-e3d1-4472-8764-1bb71b2bdaf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0869d06d-e3d1-4472-8764-1bb71b2bdaf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Credential Set Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Credential Sets in Container Registry. This permission doesn't allow permission to see content inside Azure Key vault only the content inside Container Registry. This permission doesn't grant permission to read Cache Rules.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/credentialSets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29093635-9924-4f2c-913b-650a12949526\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29093635-9924-4f2c-913b-650a12949526\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read the configuration of Cache Rules in Container Registry. This permission doesn't grant permission to read Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c357b964-0002-4b64-a50d-7a28f02edc52\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c357b964-0002-4b64-a50d-7a28f02edc52\"\n },\n {\n \"properties\": {\n \"roleName\": \"Container Registry Cache Rule Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Cache Rules in Container Registry. This role doesn't grant permissions to manage Credential Sets.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/cacheRules/read\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/write\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/delete\",\n \"Microsoft.ContainerRegistry/registries/cacheRules/operationStatuses/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"updatedOn\": \"2025-04-07T15:05:13.0014204Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/df87f177-bb12-4db1-9793-a413691eff94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"df87f177-bb12-4db1-9793-a413691eff94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Account resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/accounts/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2593f4c7-8bf4-4fff-9804-2ee069b41902\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2593f4c7-8bf4-4fff-9804-2ee069b41902\"\n },\n {\n \"properties\": {\n \"roleName\": \"Power Platform Enterprise Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, Read, Update, and Delete Power Platform Enterprise Policy resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.PowerPlatform/enterprisePolicies/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-11T17:35:36.24305Z\",\n \"updatedOn\": \"2025-04-11T17:35:36.24305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/babe7770-cdbc-4f46-9bd7-b90b34842946\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"babe7770-cdbc-4f46-9bd7-b90b34842946\"\n },\n {\n \"properties\": {\n \"roleName\": \"Usage Billing Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor access to Accounts\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.UsageBilling/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"updatedOn\": \"2025-04-21T15:02:46.3692356Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/33cdeeac-0940-4f85-9317-7e2432c17289\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"33cdeeac-0940-4f85-9317-7e2432c17289\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Solution External Validator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to fetch targets, solution templates, solutions and update the external validation status\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/targets/read\",\n \"Microsoft.Edge/solutionTemplates/read\",\n \"Microsoft.Edge/solutionTemplates/versions/read\",\n \"Microsoft.Edge/targets/solutions/versions/read\",\n \"Microsoft.Edge/targets/updateExternalValidationStatus/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/db9875ba-bd2b-4e98-934d-0daa549a07f0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"db9875ba-bd2b-4e98-934d-0daa549a07f0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Project Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/accounts/*/read\",\n \"Microsoft.CognitiveServices/accounts/projects/*\",\n \"Microsoft.CognitiveServices/locations/*/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-04-22T15:07:10.0211593Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.5915009Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eadc314b-1a2d-4efa-be10-5d325db5065e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Dashboards with Grafana Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage dashboards with Grafana.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Dashboard/dashboards/read\",\n \"Microsoft.Dashboard/dashboards/write\",\n \"Microsoft.Dashboard/dashboards/delete\",\n \"Microsoft.Dashboard/locations/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/deployments/write\",\n \"Microsoft.Resources/deployments/delete\",\n \"Microsoft.Resources/deployments/cancel/action\",\n \"Microsoft.Resources/deployments/validate/action\",\n \"Microsoft.Resources/deployments/whatIf/action\",\n \"Microsoft.Resources/deployments/exportTemplate/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"updatedOn\": \"2025-04-29T15:23:34.4327766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0618ae3d-2930-4bb7-aa00-718db34ee9f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0618ae3d-2930-4bb7-aa00-718db34ee9f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Account Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage AI projects and accounts. Grants conditional assignment of the Azure AI User role to other user principles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.CognitiveServices/*\",\n \"Microsoft.Features/features/read\",\n \"Microsoft.Features/providers/features/read\",\n \"Microsoft.Features/providers/features/register/action\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Insights/diagnosticSettings/*\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/deployments/operations/read\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourcegroups/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))\"\n }\n ],\n \"createdOn\": \"2025-05-01T00:11:10.589501Z\",\n \"updatedOn\": \"2025-05-01T00:11:10.589501Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e47c6f54-e4a2-4754-9501-8e0985b135e1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e47c6f54-e4a2-4754-9501-8e0985b135e1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Secrets Store Extension Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, create and modify secretsync and secretproviderclass objects. Register and deregister the provider from the subscription.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecretSyncController/register/action\",\n \"Microsoft.SecretSyncController/unregister/action\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/read\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/write\",\n \"Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/delete\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/read\",\n \"Microsoft.SecretSyncController/locations/operationStatuses/write\",\n \"Microsoft.SecretSyncController/operations/read\",\n \"Microsoft.SecretSyncController/secretSyncs/read\",\n \"Microsoft.SecretSyncController/secretSyncs/write\",\n \"Microsoft.SecretSyncController/secretSyncs/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"updatedOn\": \"2025-05-01T11:14:17.3011305Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5c227a58-cff3-4b51-9fa3-51bdafb6ca55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5c227a58-cff3-4b51-9fa3-51bdafb6ca55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants reader access to AI projects, reader access to AI accounts, and data actions for an AI project.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.CognitiveServices/*/read\",\n \"Microsoft.CognitiveServices/accounts/listkeys/action\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Insights/diagnosticSettings/read\",\n \"Microsoft.Insights/logDefinitions/read\",\n \"Microsoft.Insights/metricdefinitions/read\",\n \"Microsoft.Insights/metrics/read\",\n \"Microsoft.ResourceHealth/availabilityStatuses/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/operationresults/read\",\n \"Microsoft.Resources/subscriptions/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.CognitiveServices/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"updatedOn\": \"2025-05-01T19:30:12.3770408Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53ca6127-db72-4b80-b1b0-d745d6d5456d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53ca6127-db72-4b80-b1b0-d745d6d5456d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Control Plane Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables the control plane operator to read resources necessary for OpenShift cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/networkSecurityGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.113071Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.113071Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fc0c873f-45e9-4d0d-a7d1-585aab30c6ed\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Red Hat OpenShift Hosted Control Planes Service Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/subnets/write\",\n \"Microsoft.Network/routeTables/read\",\n \"Microsoft.Network/routeTables/join/action\",\n \"Microsoft.Network/natGateways/read\",\n \"Microsoft.Network/natGateways/join/action\",\n \"Microsoft.Network/networkSecurityGroups/read\",\n \"Microsoft.Network/networkSecurityGroups/join/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"updatedOn\": \"2025-05-02T13:54:20.6991664Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c0ff367d-66d8-445e-917c-583feb0ef0d4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c0ff367d-66d8-445e-917c-583feb0ef0d4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Agent Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to Azure resources needed by Azure Kubernetes Fleet Manager hub agents.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Network/trafficManagerProfiles/read\",\n \"Microsoft.Network/trafficManagerProfiles/write\",\n \"Microsoft.Network/trafficManagerProfiles/delete\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/read\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/write\",\n \"Microsoft.Network/trafficManagerProfiles/azureEndpoints/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-05T15:00:30.7938727Z\",\n \"updatedOn\": \"2025-05-23T17:06:06.3537994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/de2b316d-7a2c-4143-b4cd-c148f6a355a1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"de2b316d-7a2c-4143-b4cd-c148f6a355a1\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration IT Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants you access to manage the IT Admin operations for Workload Orchestration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/eventGridFilters/delete\",\n \"Microsoft.Edge/contexts/eventGridFilters/read\",\n \"Microsoft.Edge/contexts/eventGridFilters/write\",\n \"Microsoft.Edge/contexts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"updatedOn\": \"2025-05-07T21:12:59.0541184Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/63304235-eaf4-4c15-8e93-46c483611231\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"63304235-eaf4-4c15-8e93-46c483611231\"\n },\n {\n \"properties\": {\n \"roleName\": \"Arc Gateway Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Arc Gateway Resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridCompute/settings/write\",\n \"Microsoft.HybridCompute/settings/read\",\n \"Microsoft.HybridCompute/gateways/read\",\n \"Microsoft.HybridCompute/gateways/write\",\n \"Microsoft.HybridCompute/gateways/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-08T18:19:27.614475Z\",\n \"updatedOn\": \"2025-05-08T18:19:27.614475Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f6e92014-8af2-414d-9948-9b1abf559285\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f6e92014-8af2-414d-9948-9b1abf559285\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Machine Manager Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role for machine related actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/agentPools/deleteMachines/action\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/read\",\n \"Microsoft.ContainerService/managedClusters/agentPools/machines/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"updatedOn\": \"2025-05-14T23:28:30.9442269Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8e253927-1f29-4d89-baa2-c3a549eff423\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8e253927-1f29-4d89-baa2-c3a549eff423\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/DevicePools/read\",\n \"Microsoft.AzureStackHCI/DevicePools/ClaimDevices/action\",\n \"Microsoft.AzureStackHCI/DevicePools/ReleaseDevices/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:48.828656Z\",\n \"updatedOn\": \"2025-05-15T08:48:48.828656Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/adc3c795-c41e-4a89-a478-0b321783324c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"adc3c795-c41e-4a89-a478-0b321783324c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI EdgeMachine Reader\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureStackHCI/EdgeMachines/Read/*\",\n \"Microsoft.AzureStackHCI/EdgeMachines/Jobs/Read/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"updatedOn\": \"2025-05-15T08:48:49.1120843Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5f569efd-4da5-4123-99cd-d42fbb2a836e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5f569efd-4da5-4123-99cd-d42fbb2a836e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Monitoring Policy Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all monitoring data, update permissions for monitoring settings and permissions to deploy and remediate Azure Monitor alert policies.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"*/read\",\n \"Microsoft.AlertsManagement/alerts/*\",\n \"Microsoft.AlertsManagement/alertsSummary/*\",\n \"Microsoft.AlertsManagement/issues/*\",\n \"Microsoft.Insights/actiongroups/*\",\n \"Microsoft.Insights/activityLogAlerts/*\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Insights/components/*\",\n \"Microsoft.Insights/createNotifications/*\",\n \"Microsoft.Insights/dataCollectionEndpoints/*\",\n \"Microsoft.Insights/dataCollectionRules/*\",\n \"Microsoft.Insights/dataCollectionRuleAssociations/*\",\n \"Microsoft.Insights/DiagnosticSettings/*\",\n \"Microsoft.Insights/eventtypes/*\",\n \"Microsoft.Insights/LogDefinitions/*\",\n \"Microsoft.Insights/metricalerts/*\",\n \"Microsoft.Insights/MetricDefinitions/*\",\n \"Microsoft.Insights/Metrics/*\",\n \"Microsoft.Insights/notificationStatus/*\",\n \"Microsoft.Insights/Register/Action\",\n \"Microsoft.Insights/scheduledqueryrules/*\",\n \"Microsoft.Insights/webtests/*\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Insights/workbooktemplates/*\",\n \"Microsoft.Insights/privateLinkScopes/*\",\n \"Microsoft.Insights/privateLinkScopeOperationStatuses/*\",\n \"Microsoft.Monitor/accounts/*\",\n \"Microsoft.OperationalInsights/workspaces/write\",\n \"Microsoft.OperationalInsights/workspaces/intelligencepacks/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/search/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedKeys/read\",\n \"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*\",\n \"Microsoft.OperationalInsights/locations/workspaces/failover/action\",\n \"Microsoft.OperationalInsights/workspaces/failback/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.AlertsManagement/smartDetectorAlertRules/*\",\n \"Microsoft.AlertsManagement/actionRules/*\",\n \"Microsoft.AlertsManagement/smartGroups/*\",\n \"Microsoft.AlertsManagement/migrateFromSmartDetection/*\",\n \"Microsoft.AlertsManagement/investigations/*\",\n \"Microsoft.AlertsManagement/prometheusRuleGroups/*\",\n \"Microsoft.Monitor/investigations/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.PolicyInsights/remediations/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"updatedOn\": \"2025-05-15T11:52:21.0990017Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/47be4a87-7950-4631-9daf-b664a405f074\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"47be4a87-7950-4631-9daf-b664a405f074\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for a file or Azure file share that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"updatedOn\": \"2025-05-22T21:44:23.2806604Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"765a04e0-5de8-4bb2-9bf6-b2a30bc03e91\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Table Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage table that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/tableServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"updatedOn\": \"2025-05-22T21:59:43.2751792Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/965033a5-c8eb-4f35-b82f-fef460a3606d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"965033a5-c8eb-4f35-b82f-fef460a3606d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Queue Delegator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for generation of a user delegation key, which can then be used to create a shared access signature for an Azure Storage queue that is signed with Entra ID credentials.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/queueServices/generateUserDelegationKey/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"updatedOn\": \"2025-05-22T21:59:42.5496054Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7ee386e9-84f0-448e-80a6-f185f6533131\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7ee386e9-84f0-448e-80a6-f185f6533131\"\n },\n {\n \"properties\": {\n \"roleName\": \"Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/locations/virtualMachinesCancelOperations/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteStart/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteCreate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesExecuteDelete/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationErrors/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesGetOperationStatus/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitDeallocate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitHibernate/action\",\n \"Microsoft.ComputeSchedule/locations/virtualMachinesSubmitStart/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-23T15:34:55.7571301Z\",\n \"updatedOn\": \"2025-06-06T16:43:20.1338695Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6fbca9a8-3561-41fd-8b20-6576043c1076\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6fbca9a8-3561-41fd-8b20-6576043c1076\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.AzureStackHCI Device Pool Machine Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AzureStackHCI Device Pool Machine Manager \",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/write\",\n \"Microsoft.HybridConnectivity/endpoints/read\",\n \"Microsoft.HybridConnectivity/endpoints/delete\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/write\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/read\",\n \"Microsoft.HybridConnectivity/endpoints/serviceConfigurations/delete\",\n \"Microsoft.HybridConnectivity/endpoints/listCredentials/action\",\n \"Microsoft.HybridCompute/machines/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-05-28T15:24:16.9803048Z\",\n \"updatedOn\": \"2025-09-23T15:14:52.7881209Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b6d9c0f6-d69f-472b-91b4-7a6838c6d1cb\"\n },\n {\n \"properties\": {\n \"roleName\": \"AI Model Scanner Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for AI access to AI services and resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/read\",\n \"Microsoft.MachineLearningServices/workspaces/models/versions/read\",\n \"Microsoft.MachineLearningServices/workspaces/datastores/read\",\n \"Microsoft.MachineLearningServices/workspaces/metadata/artifacts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-11T15:26:11.6009304Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/8b9beb50-e28c-4879-8472-24c9d328085f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"8b9beb50-e28c-4879-8472-24c9d328085f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to read Azure Kubernetes Service namespace resources. In-cluster namespace access further requires assignment of Azure Kubernetes Service RBAC roles to the namespace resource for an Entra ID enabled cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/listCredential/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"updatedOn\": \"2025-06-12T17:55:19.3885549Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c9f76ca8-b262-4b10-8ed2-09cf0948aa35\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c9f76ca8-b262-4b10-8ed2-09cf0948aa35\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Service Namespace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Azure Kubernetes Service namespace resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.ContainerService/managedClusters/managedNamespaces/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"updatedOn\": \"2025-06-12T18:10:38.4291766Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/289d8817-ee69-43f1-a0af-43a45505b488\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"289d8817-ee69-43f1-a0af-43a45505b488\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevCenter Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevCenter/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))\"\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4834641Z\",\n \"updatedOn\": \"2025-07-03T17:24:32.4630198Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4c6569b6-f23e-4295-9b90-bd4cc4ff3292\"\n },\n {\n \"properties\": {\n \"roleName\": \"DevOps Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read, write, delete and perform actions on Managed DevOps Pools\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DevOpsInfrastructure/register/action\",\n \"Microsoft.DevOpsInfrastructure/unregister/action\",\n \"Microsoft.DevOpsInfrastructure/*/read\",\n \"Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write\",\n \"Microsoft.DevOpsInfrastructure/pools/write\",\n \"Microsoft.DevOpsInfrastructure/pools/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-16T15:06:49.4784655Z\",\n \"updatedOn\": \"2025-07-17T00:34:35.8546315Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"76153a9e-0edb-49bc-8e01-93c47e6b5180\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Billing Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view billing information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"updatedOn\": \"2025-06-20T22:46:01.7047929Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/32c34659-0f83-4a4c-80f2-63a244f8ae0b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"32c34659-0f83-4a4c-80f2-63a244f8ae0b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Service Health Security Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view sensitive security information present in service health events\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ResourceHealth/events/action\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/read\",\n \"Microsoft.ResourceHealth/AvailabilityStatuses/current/read\",\n \"Microsoft.ResourceHealth/Operations/read\",\n \"Microsoft.ResourceHealth/emergingissues/read\",\n \"Microsoft.ResourceHealth/events/read\",\n \"Microsoft.ResourceHealth/events/fetchEventDetails/action\",\n \"Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action\",\n \"Microsoft.ResourceHealth/events/impactedResources/read\",\n \"Microsoft.ResourceHealth/metadata/read\",\n \"Microsoft.ResourceHealth/potentialoutages/read\"\n ],\n \"notActions\": [\n \"Microsoft.ResourceHealth/events/fetchBillingCommunicationDetails/action\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"updatedOn\": \"2025-06-20T22:46:02.2504994Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1a928ab0-1fee-43cf-9266-f9d8c22a8ddb\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Stack Edge Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Built in role for managing operations in azure stack edge\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/downloadUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/generateCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/getExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/installUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/listDCAccessCode/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/scanForUpdates/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/update/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/refresh/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateExtendedInformation/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/uploadCertificate/action\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/delete\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/write\",\n \"Microsoft.DataBoxEdge/dataBoxEdgeDevices/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"updatedOn\": \"2025-06-24T15:14:50.5957122Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/12b8206a-0216-4469-908d-a3e2025fe085\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"12b8206a-0216-4469-908d-a3e2025fe085\"\n },\n {\n \"properties\": {\n \"roleName\": \"Grounding with Bing User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enable Approved Microsoft Applications to connect to Bing to retrieve and ground responses using real-time data\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Bing/accounts/useGrounding/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T15:16:52.842097Z\",\n \"updatedOn\": \"2025-06-25T15:16:52.842097Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2016c9ed-c18d-4120-93d7-178e583efe92\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2016c9ed-c18d-4120-93d7-178e583efe92\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Advisor Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permission to delete and write access for suppressions, configurations and assmessments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/suppressions/write\",\n \"Microsoft.Advisor/suppressions/delete\",\n \"Microsoft.Advisor/recommendations/suppressions/write\",\n \"Microsoft.Advisor/recommendations/suppressions/delete\",\n \"Microsoft.Advisor/assessments/write\",\n \"Microsoft.Advisor/configurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T19:21:21.1733164Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.2108089Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/69a41f41-6dce-4ea7-8a34-8e095ddba55c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"69a41f41-6dce-4ea7-8a34-8e095ddba55c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Experimentation Resource Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Experimentation Resource Admin\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Experimentation/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"updatedOn\": \"2025-06-25T20:37:54.1515777Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/548d7e7c-65ee-412b-ae37-2dbb419d4207\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"548d7e7c-65ee-412b-ae37-2dbb419d4207\"\n },\n {\n \"properties\": {\n \"roleName\": \"FHIR Data Bulk Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Role allows user or principal to perform bulk operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthcareApis/services/fhir/resources/read\",\n \"Microsoft.HealthcareApis/services/fhir/resources/write\",\n \"Microsoft.HealthcareApis/services/fhir/resources/delete\",\n \"Microsoft.HealthcareApis/services/fhir/resources/export/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/reindex/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/import/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/services/fhir/resources/bulkOperator/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/hardDelete/action\",\n \"Microsoft.HealthcareApis/workspaces/fhirservices/resources/bulkOperator/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"updatedOn\": \"2025-06-27T15:27:54.9502857Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"804db8d3-32c7-4ad4-a975-3f6f90d5f5f5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Administrator (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/checkNameAvailability/action\",\n \"Microsoft.Discovery/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Network/virtualNetworks/subnets/read\",\n \"Microsoft.Network/virtualNetworks/read\",\n \"Microsoft.Network/virtualNetworks/subnets/join/action\",\n \"Microsoft.Support/*\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4d97b98b-1d4f-4787-a291-c67834d212e7, f1a07417-d97a-45cb-824c-7a7467783830}))\"\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-23T16:53:36.843759Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7a2b6e6c-472e-4b39-8878-a26eb63d75c6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7a2b6e6c-472e-4b39-8878-a26eb63d75c6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Reader (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants readonly permissions to view Microsoft.Discovery resources. This role in preview and subjet to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Discovery/*/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3bb7c424-af4e-436b-bfcc-8779c8934c31\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3bb7c424-af4e-436b-bfcc-8779c8934c31\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft Discovery Platform Contributor (Preview)\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants permissions to view and operate on most Discovery platform resources, including workspaces, supercomputers, storages, agents, bookshelves, data containers, models, tools, workflows, and investigations, as well as perform data plane actions, but does not allow creating, updating, or deleting core resources such as workspaces, supercomputers, storages, bookshelves, node pools, or projects. This role is in preview and subject to change.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Discovery/locations/operationStatuses/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Discovery/workspaces/read\",\n \"Microsoft.Discovery/supercomputers/read\",\n \"Microsoft.Discovery/storages/read\",\n \"Microsoft.Discovery/agents/*\",\n \"Microsoft.Discovery/bookshelves/read\",\n \"Microsoft.Discovery/dataContainers/*\",\n \"Microsoft.Discovery/dataContainers/dataAssets/*\",\n \"Microsoft.Discovery/models/*\",\n \"Microsoft.Discovery/supercomputers/nodePools/read\",\n \"Microsoft.Discovery/tools/*\",\n \"Microsoft.Discovery/workflows/*\",\n \"Microsoft.Discovery/workspaces/projects/read\",\n \"Microsoft.Discovery/operations/read\",\n \"Microsoft.Insights/AlertRules/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Support/*\"\n ],\n \"notActions\": [\n \"Microsoft.Discovery/workspaces/write\",\n \"Microsoft.Discovery/workspaces/delete\",\n \"Microsoft.Discovery/supercomputers/write\",\n \"Microsoft.Discovery/supercomputers/delete\",\n \"Microsoft.Discovery/storages/write\",\n \"Microsoft.Discovery/storages/delete\",\n \"Microsoft.Discovery/bookshelves/write\",\n \"Microsoft.Discovery/bookshelves/delete\",\n \"Microsoft.Discovery/supercomputers/nodePools/write\",\n \"Microsoft.Discovery/supercomputers/nodePools/delete\",\n \"Microsoft.Discovery/workspaces/projects/write\",\n \"Microsoft.Discovery/workspaces/projects/delete\"\n ],\n \"dataActions\": [\n \"Microsoft.Discovery/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-01T15:14:22.6678767Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2814036Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/01288891-85ee-45a7-b367-9db3b752fc65\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"01288891-85ee-45a7-b367-9db3b752fc65\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View, create, edit and delete AIO resources. Manage all resources, including instance and its downstream resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.DeviceRegistry/Assets/*\",\n \"Microsoft.DeviceRegistry/AssetEndpointProfiles/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Assets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/Devices/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredAssets/*\",\n \"Microsoft.DeviceRegistry/Namespaces/DiscoveredDevices/*\",\n \"Microsoft.DeviceRegistry/SchemaRegistries/*\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T19:55:14.5761643Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"5bc02df6-6cd5-43fe-ad3d-4c93cf56cc16\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure IoT Operations Onboarding\",\n \"type\": \"BuiltInRole\",\n \"description\": \"User can Azure arc connect and deploy Azure IoT Operations securely.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTOperations/*\",\n \"Microsoft.DeviceRegistry/register/action\",\n \"Microsoft.DeviceRegistry/schemaRegistries/read\",\n \"Microsoft.DeviceRegistry/schemaRegistries/write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/*/write\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Edge/sites/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-03T20:10:17.4373209Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7b7c71ed-33fa-4ed2-a91a-e56d5da260b5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Connector Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write connectors and have basic customer permissions like reading authorizations, alert rules and resourceGroups\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Impact/Connectors/Write\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"updatedOn\": \"2025-07-04T07:30:50.7596538Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c459b115-f629-486b-b359-35feb5568b83\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c459b115-f629-486b-b359-35feb5568b83\"\n },\n {\n \"properties\": {\n \"roleName\": \"Virtual Enclave Owner Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Virtual Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Mission/Locations/OperationStatuses/read\",\n \"Microsoft.Mission/Locations/OperationStatuses/write\",\n \"Microsoft.Mission/Operations/read\",\n \"Microsoft.Mission/virtualEnclaves/read\",\n \"Microsoft.Mission/virtualEnclaves/write\",\n \"Microsoft.Mission/virtualEnclaves/delete\",\n \"Microsoft.Mission/virtualEnclaves/workloads/read\",\n \"Microsoft.Mission/virtualEnclaves/workloads/write\",\n \"Microsoft.Mission/virtualEnclaves/workloads/delete\",\n \"Microsoft.Mission/communities/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"updatedOn\": \"2025-07-09T15:22:28.7605161Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1abf4029-2200-4343-800c-e4c4c01eddbd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1abf4029-2200-4343-800c-e4c4c01eddbd\"\n },\n {\n \"properties\": {\n \"roleName\": \"NginxPlus Contributor service role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Nginx.NginxPlus Control Plane operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NGINX.NGINXPLUS/register/action\",\n \"NGINX.NGINXPLUS/unregister/action\",\n \"NGINX.NGINXPLUS/locations/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/read\",\n \"NGINX.NGINXPLUS/locations/operationStatuses/write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/apiKeys/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/certificates/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/configurations/Delete\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Read\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Write\",\n \"NGINX.NGINXPLUS/nginxDeployments/wafPolicies/Delete\",\n \"NGINX.NGINXPLUS/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-11T15:44:56.6598995Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.5007488Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/61aed14c-6c9a-4ed5-aa44-49fc5e96a167\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"61aed14c-6c9a-4ed5-aa44-49fc5e96a167\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Operator Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Azure CosmosDB Fleets and related child resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.DocumentDB/fleets/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"updatedOn\": \"2025-07-14T15:01:12.3759443Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/35ffec73-9cb8-4593-8718-40d5bc4b7f6f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"35ffec73-9cb8-4593-8718-40d5bc4b7f6f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Healthcare Apis contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows all actions on healthcareapis provider resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HealthcareApis/services/*\",\n \"Microsoft.HealthcareApis/workspaces/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"updatedOn\": \"2025-07-15T15:04:43.2804027Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/29f61507-bdfb-4987-b629-20033be2d6c3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"29f61507-bdfb-4987-b629-20033be2d6c3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Datadog Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Datadog Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Datadog/register/action\",\n \"Microsoft.Datadog/unregister/action\",\n \"Microsoft.Datadog/agreements/read\",\n \"Microsoft.Datadog/agreements/write\",\n \"Microsoft.Datadog/locations/read\",\n \"Microsoft.Datadog/locations/operationStatuses/read\",\n \"Microsoft.Datadog/locations/operationStatuses/write\",\n \"Microsoft.Datadog/monitors/read\",\n \"Microsoft.Datadog/monitors/write\",\n \"Microsoft.Datadog/monitors/delete\",\n \"Microsoft.Datadog/monitors/listApiKeys/action\",\n \"Microsoft.Datadog/monitors/getDefaultKey/action\",\n \"Microsoft.Datadog/monitors/setDefaultKey/action\",\n \"Microsoft.Datadog/monitors/refreshSetPasswordLink/action\",\n \"Microsoft.Datadog/monitors/listLinkedResources/action\",\n \"Microsoft.Datadog/monitors/listHosts/read\",\n \"Microsoft.Datadog/monitors/listLinkedResources/read\",\n \"Microsoft.Datadog/monitors/listMonitoredResources/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Datadog/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/write\",\n \"Microsoft.Datadog/monitors/singleSignOnConfigurations/read\",\n \"Microsoft.Datadog/monitors/tagRules/read\",\n \"Microsoft.Datadog/monitors/tagRules/write\",\n \"Microsoft.Datadog/registeredSubscriptions/read\",\n \"Microsoft.Datadog/subscriptionStatuses/read\",\n \"Microsoft.Datadog/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3027767Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/81b67e46-ef5b-4404-bddd-090985bb4a28\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"81b67e46-ef5b-4404-bddd-090985bb4a28\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Elastic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Elastic/getOrganizationApiKey/action\",\n \"Microsoft.Elastic/checkNameAvailability/action\",\n \"Microsoft.Elastic/register/action\",\n \"Microsoft.Elastic/locations/read\",\n \"Microsoft.Elastic/locations/operationStatuses/read\",\n \"Microsoft.Elastic/locations/operationStatuses/write\",\n \"Microsoft.Elastic/monitors/read\",\n \"Microsoft.Elastic/monitors/write\",\n \"Microsoft.Elastic/monitors/delete\",\n \"Microsoft.Elastic/monitors/listMonitoredResources/action\",\n \"Microsoft.Elastic/monitors/listVMHost/action\",\n \"Microsoft.Elastic/monitors/createOrUpdateExternalUser/action\",\n \"Microsoft.Elastic/monitors/listAllTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/listAssociatedTrafficFilters/action\",\n \"Microsoft.Elastic/monitors/createAndAssociateIPFilter/action\",\n \"Microsoft.Elastic/monitors/createAndAssociatePLFilter/action\",\n \"Microsoft.Elastic/monitors/associateTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachAndDeleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/detachTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/deleteTrafficFilter/action\",\n \"Microsoft.Elastic/monitors/listUpgradableVersions/action\",\n \"Microsoft.Elastic/monitors/getBillingInfo/action\",\n \"Microsoft.Elastic/monitors/listConnectedPartnerResources/action\",\n \"Microsoft.Elastic/monitors/upgrade/action\",\n \"Microsoft.Elastic/monitors/vmIngestionDetails/action\",\n \"Microsoft.Elastic/monitors/vmCollectionUpdate/action\",\n \"Microsoft.Elastic/monitors/listDeploymentInfo/action\",\n \"Microsoft.Elastic/monitors/resubscribe/action\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/read\",\n \"Microsoft.Elastic/monitors/monitoredSubscriptions/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/read\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/write\",\n \"Microsoft.Elastic/monitors/openAIIntegrations/getStatus/action\",\n \"Microsoft.Elastic/monitors/tagRules/read\",\n \"Microsoft.Elastic/monitors/tagRules/write\",\n \"Microsoft.Elastic/registeredSubscriptions/read\",\n \"Microsoft.Elastic/elasticVersions/read\",\n \"Microsoft.Elastic/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.3017765Z\",\n \"updatedOn\": \"2025-08-05T15:14:55.4997487Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d68eeb8d-afae-4932-a331-203b7957e509\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d68eeb8d-afae-4932-a331-203b7957e509\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Elastic Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants full access to manage Elastic resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Elastic/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/225efd4d-4ca0-42a1-ae53-5f233ba23c73\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"225efd4d-4ca0-42a1-ae53-5f233ba23c73\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Newrelic Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Newrelic Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"NewRelic.Observability/register/action\",\n \"NewRelic.Observability/unregister/action\",\n \"NewRelic.Observability/accounts/read\",\n \"NewRelic.Observability/plans/read\",\n \"NewRelic.Observability/organizations/read\",\n \"NewRelic.Observability/locations/read\",\n \"NewRelic.Observability/locations/operationStatuses/read\",\n \"NewRelic.Observability/locations/operationStatuses/write\",\n \"NewRelic.Observability/monitors/read\",\n \"NewRelic.Observability/monitors/write\",\n \"NewRelic.Observability/monitors/delete\",\n \"NewRelic.Observability/monitors/monitoredResources/action\",\n \"NewRelic.Observability/monitors/vmHostPayloads/action\",\n \"NewRelic.Observability/monitors/listAppServices/action\",\n \"NewRelic.Observability/monitors/listHosts/action\",\n \"NewRelic.Observability/monitors/refreshIngestionKey/action\",\n \"NewRelic.Observability/monitors/getMetricRules/action\",\n \"NewRelic.Observability/monitors/getMetricStatus/action\",\n \"NewRelic.Observability/monitors/switchBilling/action\",\n \"NewRelic.Observability/monitors/latestLinkedSaaS/action\",\n \"NewRelic.Observability/monitors/linkSaaS/action\",\n \"NewRelic.Observability/monitors/resubscribe/action\",\n \"NewRelic.Observability/monitors/getBillingInfo/action\",\n \"NewRelic.Observability/monitors/listConnectedPartnerResources/action\",\n \"NewRelic.Observability/monitors/listLinkedResources/action\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/read\",\n \"NewRelic.Observability/monitors/monitoredSubscriptions/write\",\n \"NewRelic.Observability/monitors/tagRules/read\",\n \"NewRelic.Observability/monitors/tagRules/write\",\n \"NewRelic.Observability/registeredSubscriptions/read\",\n \"NewRelic.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T15:09:04.2714387Z\",\n \"updatedOn\": \"2025-08-01T09:23:14.9310429Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a60da355-bdec-443f-8d42-a03f0422f04d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a60da355-bdec-443f-8d42-a03f0422f04d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Policy Enrollments Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows the creation and modification of policy enrollments\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/policyenrollments/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.PolicyInsights/*\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-16T16:55:07.415008Z\",\n \"updatedOn\": \"2025-07-16T16:55:07.415008Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/285ce6d6-fa11-43bd-94ef-42a9b3740bfd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"285ce6d6-fa11-43bd-94ef-42a9b3740bfd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dynatrace Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to Dynatrace Control Plane Operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Dynatrace.Observability/checkNameAvailability/action\",\n \"Dynatrace.Observability/register/action\",\n \"Dynatrace.Observability/unregister/action\",\n \"Dynatrace.Observability/getMarketplaceSaaSResourceDetails/action\",\n \"Dynatrace.Observability/locations/read\",\n \"Dynatrace.Observability/locations/operationStatuses/read\",\n \"Dynatrace.Observability/locations/operationStatuses/write\",\n \"Dynatrace.Observability/monitors/read\",\n \"Dynatrace.Observability/monitors/write\",\n \"Dynatrace.Observability/monitors/delete\",\n \"Dynatrace.Observability/monitors/listMonitoredResources/action\",\n \"Dynatrace.Observability/monitors/getVMHostPayload/action\",\n \"Dynatrace.Observability/monitors/listHosts/action\",\n \"Dynatrace.Observability/monitors/listAppServices/action\",\n \"Dynatrace.Observability/monitors/getSSODetails/action\",\n \"Dynatrace.Observability/monitors/listLinkableEnvironments/action\",\n \"Dynatrace.Observability/monitors/getMetricStatus/action\",\n \"Dynatrace.Observability/monitors/manageAgentInstallation/action\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/read\",\n \"Dynatrace.Observability/monitors/monitoredSubscriptions/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/write\",\n \"Dynatrace.Observability/monitors/singleSignOnConfigurations/read\",\n \"Dynatrace.Observability/monitors/tagRules/read\",\n \"Dynatrace.Observability/monitors/tagRules/write\",\n \"Dynatrace.Observability/registeredSubscriptions/read\",\n \"Dynatrace.Observability/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-17T04:54:12.9049103Z\",\n \"updatedOn\": \"2025-08-01T11:55:53.7346372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fa96a588-3fac-4adb-bfb2-f8404ece07e0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fa96a588-3fac-4adb-bfb2-f8404ece07e0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.OffAzureSpringBoot Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Microsoft.OffAzureSpringBoot Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OffAzureSpringBoot/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-18T10:13:03.6807059Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/79732128-7761-4733-aebf-35590da9f29b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"79732128-7761-4733-aebf-35590da9f29b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Network Fabric Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexus network fabric resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ManagedNetworkFabric/*/read\",\n \"Microsoft.ManagedNetworkFabric/*/write\",\n \"Microsoft.ManagedNetworkFabric/*/action\",\n \"Microsoft.ManagedNetworkFabric/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/46c70067-0f50-457f-8137-2449c90de518\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"46c70067-0f50-457f-8137-2449c90de518\"\n },\n {\n \"properties\": {\n \"roleName\": \"Nexus Identity Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides owner access to nexusidentity resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.NexusIdentity/*/read\",\n \"Microsoft.NexusIdentity/*/write\",\n \"Microsoft.NexusIdentity/*/action\",\n \"Microsoft.NexusIdentity/*/delete\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"updatedOn\": \"2025-07-21T15:02:41.4359877Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/374a1cc6-96cb-4946-8d8b-a41054c8ae97\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"374a1cc6-96cb-4946-8d8b-a41054c8ae97\"\n },\n {\n \"properties\": {\n \"roleName\": \"Conversation Session User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows sending a message to the agent and receive a response, using the conversation session API\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/ConversationSession/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"updatedOn\": \"2025-07-23T15:20:58.9086839Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b3eb788f-5426-48bd-821d-561701ede368\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b3eb788f-5426-48bd-821d-561701ede368\"\n },\n {\n \"properties\": {\n \"roleName\": \"CosmosDB Fleet Analytics Storage Data Writer\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Write telemetry data from the Fleet Analytics Synapse workspace to customer-provided storage accounts or Fabric Lakehouses.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T01:43:25.8457961Z\",\n \"updatedOn\": \"2025-08-28T01:46:02.2595107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bf41e52e-617f-4981-8b7a-47431bd4e011\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bf41e52e-617f-4981-8b7a-47431bd4e011\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Data Transfer Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Create, read, modify, and delete pipelines, connections, and flows in Azure Data Transfer. Also perform any appropriate control plane operations for managing Azure Data Transfer resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AzureDataTransfer/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"updatedOn\": \"2025-07-25T15:42:37.4812873Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/eded264d-1796-4e25-8500-a78427f8a316\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"eded264d-1796-4e25-8500-a78427f8a316\"\n },\n {\n \"properties\": {\n \"roleName\": \"Video Indexer Account Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can manage Video Indexer Account resources and generate access tokens for data plane operations.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.VideoIndexer/checknameavailability/action\",\n \"Microsoft.VideoIndexer/accounts/generateAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/generateExtensionRestrictedViewerAccessToken/action\",\n \"Microsoft.VideoIndexer/accounts/read\",\n \"Microsoft.VideoIndexer/accounts/write\",\n \"Microsoft.VideoIndexer/accounts/delete\",\n \"Microsoft.VideoIndexer/accounts/PrivateEndpointConnectionsApproval/action\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/read\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/write\",\n \"Microsoft.VideoIndexer/accounts/privateEndpointConnections/delete\",\n \"Microsoft.VideoIndexer/accounts/privateLinkResources/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/read\",\n \"Microsoft.VideoIndexer/locations/operationstatuses/write\",\n \"Microsoft.VideoIndexer/operations/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-07-28T15:04:33.545254Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3f99eaab-6f59-4877-adf5-1cacd22e20b0\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3f99eaab-6f59-4877-adf5-1cacd22e20b0\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity DUPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Deleted Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/deletedUnifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-28T15:04:33.545254Z\",\n \"updatedOn\": \"2025-08-21T13:32:13.8007194Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f4eb044f-76b9-47af-92f9-1d95c4c14ab5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f4eb044f-76b9-47af-92f9-1d95c4c14ab5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View all Sites related resources but does not allow you to make any changes.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurationReferences/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6122597Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/59f98be6-0817-488b-831e-36a353c8000b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"59f98be6-0817-488b-831e-36a353c8000b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Sites Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft Edge Sites Owner role - Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/sites/read\",\n \"Microsoft.Edge/sites/write\",\n \"Microsoft.Edge/sites/delete\",\n \"Microsoft.Edge/configurations/read\",\n \"Microsoft.Edge/configurations/write\",\n \"Microsoft.Edge/configurations/delete\",\n \"Microsoft.Edge/configurations/networkConfigurations/read\",\n \"Microsoft.Edge/configurations/networkConfigurations/write\",\n \"Microsoft.Edge/configurations/networkConfigurations/delete\",\n \"Microsoft.Edge/configurations/securityConfigurations/read\",\n \"Microsoft.Edge/configurations/securityConfigurations/write\",\n \"Microsoft.Edge/configurations/securityConfigurations/delete\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/read\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/write\",\n \"Microsoft.Edge/configurations/timeServerConfigurations/delete\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/read\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/write\",\n \"Microsoft.Edge/configurations/connectivityConfigurations/delete\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/read\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/write\",\n \"Microsoft.Edge/configurations/provisioningConfigurations/delete\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/read\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/write\",\n \"Microsoft.Edge/configurations/arcGatewayConfigurations/delete\",\n \"Microsoft.Edge/configurationReferences/read\",\n \"Microsoft.Edge/configurationReferences/write\",\n \"Microsoft.Edge/configurationReferences/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"updatedOn\": \"2025-07-29T15:07:14.6112571Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1cd7e4da-2789-457f-adbe-3e9e84037a93\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1cd7e4da-2789-457f-adbe-3e9e84037a93\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr PureStorage Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all PureStorage related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"PureStorage.Block/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/85546f1f-f28b-4cb3-b852-73e422a96897\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"85546f1f-f28b-4cb3-b852-73e422a96897\"\n },\n {\n \"properties\": {\n \"roleName\": \"Liftr Dell Owner role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Dell related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Dell.Storage/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"updatedOn\": \"2025-07-30T15:14:08.9428819Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d683b71b-2b91-4fc1-a43e-b53b3d85bed9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d683b71b-2b91-4fc1-a43e-b53b3d85bed9\"\n },\n {\n \"properties\": {\n \"roleName\": \"SupportPlan Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor role for Enterprise Support Resource Provider\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.EnterpriseSupport/services/delete\",\n \"Microsoft.EnterpriseSupport/services/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-30T21:45:45.323115Z\",\n \"updatedOn\": \"2025-07-30T21:45:45.323115Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/6d6f52ba-a7de-4c56-a58f-522154514fba\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"6d6f52ba-a7de-4c56-a58f-522154514fba\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Spring Apps Service Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full access to Azure Spring Apps Service REST APIs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.AppPlatform/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-07-31T11:03:44.7831528Z\",\n \"updatedOn\": \"2025-08-07T07:49:43.832969Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4037dd68-1cc7-4a64-8765-3a79963a9940\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4037dd68-1cc7-4a64-8765-3a79963a9940\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure AI Enterprise Networking Outbound Rules Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"A Built-in role that can authorize users to access and update the managed network settings of a machine learning workspace.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/read\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/write\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/outboundRules/delete\",\n \"Microsoft.MachineLearningServices/workspaces/managedNetworks/batchOutboundRules/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"updatedOn\": \"2025-08-04T15:10:36.5118889Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/25cabde7-1a6c-4350-8877-cb6fe59f1399\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"25cabde7-1a6c-4350-8877-cb6fe59f1399\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Business Continuity UPI Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you view Unified Protected items in Azure Business Continuity Center.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/roleDefinitions/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.AzureBusinessContinuity/unifiedProtectedItems/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-04T15:10:36.5108882Z\",\n \"updatedOn\": \"2025-08-21T13:32:14.8037229Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b5a0aa9-eccd-48dc-9011-f2fd03b5e5f9\"\n },\n {\n \"properties\": {\n \"roleName\": \"LambdaTest.HyperExecute Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all LambdaTest.HyperExecute related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"LambdaTest.HyperExecute/checkNameAvailability/action\",\n \"LambdaTest.HyperExecute/register/action\",\n \"LambdaTest.HyperExecute/unregister/action\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/read\",\n \"LambdaTest.HyperExecute/locations/operationStatuses/write\",\n \"LambdaTest.HyperExecute/operations/read\",\n \"LambdaTest.HyperExecute/organizations/read\",\n \"LambdaTest.HyperExecute/organizations/write\",\n \"LambdaTest.HyperExecute/organizations/delete\",\n \"LambdaTest.HyperExecute/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/44a00263-b2a0-45d5-a618-5d8d11709349\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"44a00263-b2a0-45d5-a618-5d8d11709349\"\n },\n {\n \"properties\": {\n \"roleName\": \"ArizeAi.ObservabilityEval Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all ArizeAi.ObservabilityEval related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"ArizeAi.ObservabilityEval/checkNameAvailability/action\",\n \"ArizeAi.ObservabilityEval/register/action\",\n \"ArizeAi.ObservabilityEval/unregister/action\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/read\",\n \"ArizeAi.ObservabilityEval/locations/operationStatuses/write\",\n \"ArizeAi.ObservabilityEval/operations/read\",\n \"ArizeAi.ObservabilityEval/organizations/read\",\n \"ArizeAi.ObservabilityEval/organizations/write\",\n \"ArizeAi.ObservabilityEval/organizations/delete\",\n \"ArizeAi.ObservabilityEval/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dca88c6f-5090-44cd-a0ff-a88f337b12a5\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dca88c6f-5090-44cd-a0ff-a88f337b12a5\"\n },\n {\n \"properties\": {\n \"roleName\": \"Pinecone.VectorDb Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Pinecone.VectorDb related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Pinecone.VectorDb/checkNameAvailability/action\",\n \"Pinecone.VectorDb/register/action\",\n \"Pinecone.VectorDb/unregister/action\",\n \"Pinecone.VectorDb/locations/operationStatuses/read\",\n \"Pinecone.VectorDb/locations/operationStatuses/write\",\n \"Pinecone.VectorDb/operations/read\",\n \"Pinecone.VectorDb/organizations/read\",\n \"Pinecone.VectorDb/organizations/write\",\n \"Pinecone.VectorDb/organizations/delete\",\n \"Pinecone.VectorDb/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"updatedOn\": \"2025-08-06T15:22:56.8948562Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/dd799a69-ffc8-4aa8-9701-b51f686857d9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"dd799a69-ffc8-4aa8-9701-b51f686857d9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Microsoft.WeightsAndBiases Contributor Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Provides access to all Microsoft.WeightsAndBiases related operations\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.WeightsAndBiases/checkNameAvailability/action\",\n \"Microsoft.WeightsAndBiases/register/action\",\n \"Microsoft.WeightsAndBiases/unregister/action\",\n \"Microsoft.WeightsAndBiases/instances/read\",\n \"Microsoft.WeightsAndBiases/instances/write\",\n \"Microsoft.WeightsAndBiases/instances/delete\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/read\",\n \"Microsoft.WeightsAndBiases/locations/operationStatuses/write\",\n \"Microsoft.WeightsAndBiases/operations/read\",\n \"Microsoft.WeightsAndBiases/registeredSubscriptions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T15:22:57.794372Z\",\n \"updatedOn\": \"2025-08-06T15:22:57.794372Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/246fffca-69ee-4945-bbf1-2a867dce4fda\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"246fffca-69ee-4945-bbf1-2a867dce4fda\"\n },\n {\n \"properties\": {\n \"roleName\": \"Recurring Scheduled Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to use Recurring Scheduled Actions offered by Microsoft.ComputeSchedule\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ComputeSchedule/scheduledActions/write\",\n \"Microsoft.ComputeSchedule/scheduledActions/delete\",\n \"Microsoft.ComputeSchedule/scheduledActions/attachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/cancelNextOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/detachResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/disable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/enable/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/listResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/patchResources/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/triggerManualOccurrence/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/cancel/action\",\n \"Microsoft.ComputeSchedule/scheduledActions/occurrences/delay/action\",\n \"Microsoft.ComputeSchedule/register/action\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"updatedOn\": \"2025-08-06T17:23:22.5612282Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/376d0802-aca8-4c2d-83a5-c88630f396fe\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"376d0802-aca8-4c2d-83a5-c88630f396fe\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Reader Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\",\n \"/providers/Microsoft.Management/serviceGroups\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-09-18T10:30:29.9987541Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d2e8fe82-9212-490f-af3e-34bb52d87d3d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d2e8fe82-9212-490f-af3e-34bb52d87d3d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Operator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ff09793b-be48-49f6-ad96-70d32039c0b9\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ff09793b-be48-49f6-ad96-70d32039c0b9\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Administrator Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/roleAssignments/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"updatedOn\": \"2025-08-11T15:12:49.7120823Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c914561b-1575-4601-af9c-a1356bf59818\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c914561b-1575-4601-af9c-a1356bf59818\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Resilience Management Drills Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Contributor Role of Azure Resilience Management Drills Service\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Advisor/recommendations/read\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Automation/automationAccounts/delete\",\n \"Microsoft.Automation/automationAccounts/read\",\n \"Microsoft.Automation/automationAccounts/write\",\n \"Microsoft.Automation/automationAccounts/runbooks/delete\",\n \"Microsoft.Automation/automationAccounts/runbooks/read\",\n \"Microsoft.Automation/automationAccounts/runbooks/write\",\n \"Microsoft.AzureResilienceManagement/drills/*/action\",\n \"Microsoft.AzureResilienceManagement/drills/*/delete\",\n \"Microsoft.AzureResilienceManagement/drills/*/read\",\n \"Microsoft.AzureResilienceManagement/drills/*/write\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/action\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/delete\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/read\",\n \"Microsoft.AzureResilienceManagement/recoveryPlans/*/write\",\n \"Microsoft.Chaos/experiments/delete\",\n \"Microsoft.Chaos/experiments/read\",\n \"Microsoft.Chaos/experiments/write\",\n \"Microsoft.Chaos/experiments/cancel/action\",\n \"Microsoft.Chaos/experiments/start/action\",\n \"Microsoft.Chaos/locations/operationResults/read\",\n \"Microsoft.Chaos/locations/operationStatuses/read\",\n \"Microsoft.Chaos/locations/targetTypes/capabilityTypes/read\",\n \"Microsoft.Chaos/locations/targetTypes/read\",\n \"Microsoft.Chaos/targets/capabilities/delete\",\n \"Microsoft.Chaos/targets/capabilities/read\",\n \"Microsoft.Chaos/targets/capabilities/write\",\n \"Microsoft.Chaos/targets/delete\",\n \"Microsoft.Chaos/targets/read\",\n \"Microsoft.Chaos/targets/write\",\n \"Microsoft.Compute/virtualMachineScaleSets/read\",\n \"Microsoft.Compute/virtualMachines/read\",\n \"Microsoft.ContainerRegistry/registries/read\",\n \"Microsoft.DBforPostgreSQL/flexibleServers/read\",\n \"Microsoft.DocumentDB/databaseAccounts/services/read\",\n \"Microsoft.Insights/alertRules/\",\n \"Microsoft.ManagedIdentity/userAssignedIdentities/read\",\n \"Microsoft.Management/ServiceGroups/read\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.Monitor/slis/read\",\n \"Microsoft.Network/applicationGateways/read\",\n \"Microsoft.Network/azurefirewalls/read\",\n \"Microsoft.Network/loadBalancers/probes/read\",\n \"Microsoft.Network/loadBalancers/read\",\n \"Microsoft.Network/publicIPAddresses/read\",\n \"Microsoft.Relationships/ServiceGroupMember/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/delete\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/write\",\n \"Microsoft.ServiceBus/namespaces/read\",\n \"Microsoft.Sql/managedInstances/read\",\n \"Microsoft.Sql/servers/databases/read\",\n \"Microsoft.Sql/servers/read\",\n \"Microsoft.Storage/storageAccounts/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"updatedOn\": \"2025-08-11T15:12:50.0258107Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e131102b-11a5-4ff4-8508-ed922132b74c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e131102b-11a5-4ff4-8508-ed922132b74c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Edge Order Partner Inventory Manager Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage inventory metadata and inventory links associated with Edge Order Partner scenarios. Enables configuration and control of inventory resources for tracking and fulfillment purposes\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageLink/action\",\n \"Microsoft.EdgeOrderPartner/locations/productFamilies/inventories/manageInventoryMetadata/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-12T15:18:36.5429246Z\",\n \"updatedOn\": \"2025-09-05T06:37:32.5466384Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f24a559b-c2fc-4409-b96e-9af4b0c28ad6\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f24a559b-c2fc-4409-b96e-9af4b0c28ad6\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender For Container Registries Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants Microsoft Defender for Cloud access to Azure Container Registries\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerRegistry/registries/pull/read\",\n \"Microsoft.ContainerRegistry/registries/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.ContainerRegistry/registries/repositories/content/read\",\n \"Microsoft.ContainerRegistry/registries/repositories/metadata/read\",\n \"Microsoft.ContainerRegistry/registries/catalog/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T15:27:47.0452902Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/c5c82243-e78e-43f9-8428-793bba85b28e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"c5c82243-e78e-43f9-8428-793bba85b28e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Change Safety Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage all Microsoft.ChangeSafety resources.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ChangeSafety/changeStates/read\",\n \"Microsoft.ChangeSafety/changeStates/write\",\n \"Microsoft.ChangeSafety/changeStates/delete\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/read\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/write\",\n \"Microsoft.ChangeSafety/changeStates/stageProgressions/delete\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/read\",\n \"Microsoft.ChangeSafety/locations/operationstatuses/write\",\n \"Microsoft.ChangeSafety/safeRollouts/read\",\n \"Microsoft.ChangeSafety/safeRollouts/write\",\n \"Microsoft.ChangeSafety/safeRollouts/delete\",\n \"Microsoft.ChangeSafety/safeRollouts/steps/read\",\n \"Microsoft.ChangeSafety/stageMaps/read\",\n \"Microsoft.ChangeSafety/stageMaps/write\",\n \"Microsoft.ChangeSafety/stageMaps/delete\",\n \"Microsoft.ChangeSafety/validations/read\",\n \"Microsoft.ChangeSafety/validations/write\",\n \"Microsoft.ChangeSafety/validations/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"updatedOn\": \"2025-08-13T20:30:20.4138285Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"fdb3df26-8dd6-49ff-9a74-e95dbfadcad3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Clinical Coder Data User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows processing of health data in Clinical Coder\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.HealthBot/healthBots/AIActions/ClinicalCoder/Process/Action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"updatedOn\": \"2025-08-20T15:33:41.4122914Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d0a94e7a-d791-4571-b2e0-8bdd8f867544\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d0a94e7a-d791-4571-b2e0-8bdd8f867544\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Data Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Data Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.operationalinsights/workspaces/read\",\n \"Microsoft.operationalinsights/workspaces/write\",\n \"Microsoft.operationalinsights/workspaces/query/read\",\n \"Microsoft.operationalinsights/workspaces/tables/write\",\n \"Microsoft.operationalinsights/workspaces/tables/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-22T09:09:13.51896Z\",\n \"updatedOn\": \"2025-08-22T09:09:13.51896Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/40ead2a5-466e-4039-8a80-325542d9d2dd\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"40ead2a5-466e-4039-8a80-325542d9d2dd\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Local Disconnected Operations Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Azure Local Disconnected Operations Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/disconnectedOperations/*/read\",\n \"Microsoft.Edge/disconnectedOperations/*/write\",\n \"Microsoft.Edge/disconnectedOperations/*/delete\",\n \"Microsoft.Edge/winfields/*/read\",\n \"Microsoft.Edge/winfields/*/write\",\n \"Microsoft.Edge/winfields/*/delete\",\n \"Microsoft.Edge/winfields/*/action\",\n \"Microsoft.Edge/disconnectedOperations/*/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"updatedOn\": \"2025-08-25T15:10:38.1474223Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/478d20ba-a53e-4946-b33c-8078a92f2d0a\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"478d20ba-a53e-4946-b33c-8078a92f2d0a\"\n },\n {\n \"properties\": {\n \"roleName\": \"Workload Orchestration Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Workload Orchestration Administrator Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/contexts/*\",\n \"Microsoft.Edge/configTemplates/*\",\n \"Microsoft.Edge/solutionTemplates/*\",\n \"Microsoft.Edge/configurations/*\",\n \"Microsoft.Edge/configurationreferences/*\",\n \"Microsoft.Edge/schemas/*\",\n \"Microsoft.Edge/schemaReferences/*\",\n \"Microsoft.Edge/targets/*\",\n \"Microsoft.Edge/jobs/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-25T15:10:38.1464227Z\",\n \"updatedOn\": \"2025-09-04T04:15:37.014131Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/cbb820e9-e561-45bb-84c2-ef45d0a13f7d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"cbb820e9-e561-45bb-84c2-ef45d0a13f7d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"View firmware images but not upload them or perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*/read\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/firmwares/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"updatedOn\": \"2025-08-26T15:16:15.8719556Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2a94a2fd-3c4f-45d1-847d-6585ba88af94\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2a94a2fd-3c4f-45d1-847d-6585ba88af94\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Owner\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read, write, destructive and scripting actions on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/*\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"updatedOn\": \"2025-08-27T15:52:20.9170435Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/04f6c337-ffae-414c-b00f-3e80c9ab8a2c\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"04f6c337-ffae-414c-b00f-3e80c9ab8a2c\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Script Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows execution and management of scripts on the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scripteval/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptevalsha/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptexists/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptflush/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scriptload/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:39:28.929238Z\",\n \"updatedOn\": \"2025-08-27T17:39:28.929238Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/7021ea36-e168-4bc0-af53-88de51d20665\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"7021ea36-e168-4bc0-af53-88de51d20665\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/d9cd91b9-dada-4fa9-9406-454c4659c137\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"d9cd91b9-dada-4fa9-9406-454c4659c137\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all keys within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/append/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/bzpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/decrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/del/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/exists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/expire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/get/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/getset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hdel/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexists/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hgetall/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hincrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/histogram/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hkeys/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hmset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpersist/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpire/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpireat/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpexpiretime/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hpttl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hrandfield/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hsetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hstrlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/httl/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/hvals/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incr/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/incrbyfloat/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/lcs/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/mset/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/msetnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psetex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readonly/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/readwrite/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/scard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/set/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setex/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setnx/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/setrange/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smembers/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smismember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/smove/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/spop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/srem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/strlen/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/substr/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/sunionstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unlink/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zadd/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiff/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zdiffstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zincrby/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinter/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zintercard/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zinterstore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zlexcount/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmpop/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zmscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmax/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zpopmin/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrandmember/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrangestore/write\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrem/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebylex/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyrank/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zremrangebyscore/delete\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrange/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebylex/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrangebyscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zrevrank/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscan/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zscore/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunion/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/zunionstore/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"updatedOn\": \"2025-08-27T17:54:31.3990567Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1694e55a-2496-4d07-b005-7259aa3fcbe8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1694e55a-2496-4d07-b005-7259aa3fcbe8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"updatedOn\": \"2025-08-29T09:06:24.5039382Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/ca62263b-07d5-4b48-b437-088803f5c2ff\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"ca62263b-07d5-4b48-b437-088803f5c2ff\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Authorization Manager\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Authorization Manager. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"updatedOn\": \"2025-08-29T12:37:45.3866495Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1fd5d8bf-9037-4ede-89bf-680f798e2765\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1fd5d8bf-9037-4ede-89bf-680f798e2765\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:38:33.2080873Z\",\n \"updatedOn\": \"2025-09-11T12:26:00.2449399Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"1bacae94-6c0f-4d2d-8dfa-408d5a28e6ec\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Contributor and Responder\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Contributor and Responder. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/*\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SecurityInsights/*\",\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/automationRules/*\",\n \"Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action\",\n \"Microsoft.SecurityInsights/cases/*\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/entities/runPlaybook/action\",\n \"Microsoft.SecurityInsights/incidents/*\",\n \"Microsoft.SecurityInsights/threatIntelligence/bulkTag/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/appendTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/replaceTags/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.Insights/workbooks/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/cases/*/Delete\",\n \"Microsoft.SecurityInsights/incidents/*/Delete\",\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T14:53:37.3243745Z\",\n \"updatedOn\": \"2025-09-18T08:00:00.7910377Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/625a1cea-653b-4a19-bd3a-df1d66ab6637\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"625a1cea-653b-4a19-bd3a-df1d66ab6637\"\n },\n {\n \"properties\": {\n \"roleName\": \"Defender Unified RBAC Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Defender Unified RBAC Reader. This role is managed and assigned automatically by the Defender Unified RBAC system. Manual assignment of this role is not recommended, as the Defender Unified RBAC system may modify or remove it at any time based on system requirements.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.SecurityInsights/*/read\",\n \"Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/indicators/query/action\",\n \"Microsoft.SecurityInsights/threatIntelligence/queryIndicators/action\",\n \"Microsoft.OperationalInsights/workspaces/analytics/query/action\",\n \"Microsoft.OperationalInsights/workspaces/*/read\",\n \"Microsoft.OperationalInsights/workspaces/LinkedServices/read\",\n \"Microsoft.OperationalInsights/workspaces/savedSearches/read\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/query/*/read\",\n \"Microsoft.OperationalInsights/querypacks/*/read\",\n \"Microsoft.OperationalInsights/workspaces/dataSources/read\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.Insights/workbooks/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [\n \"Microsoft.SecurityInsights/ConfidentialWatchlists/*\",\n \"Microsoft.OperationalInsights/workspaces/query/ConfidentialWatchlist/*\"\n ],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-08-29T15:23:46.8702579Z\",\n \"updatedOn\": \"2025-09-11T12:56:35.8009694Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/78b7345a-1e1b-483a-ac62-62228c6ea89d\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"78b7345a-1e1b-483a-ac62-62228c6ea89d\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Manage Azure Monitor Pipeline resources, providing full read and write access to pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/679dc20a-52e8-4ac0-a23c-3b557dfb1e24\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"679dc20a-52e8-4ac0-a23c-3b557dfb1e24\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Monitor Pipeline Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Read Azure Monitor Pipeline resources, including pipeline configurations and monitoring features.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Monitor/pipelineGroups/read\",\n \"Microsoft.Resources/deployments/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/alertRules/read\",\n \"Microsoft.Authorization/*/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"updatedOn\": \"2025-09-03T15:11:34.8616712Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d50f159-7b96-4f1e-8fc7-fee6957ab7cc\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read-only access to all SRE Agent data, including chats, incidents, logs, and configurations. Does not permit interaction with the agent.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.0394523Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a4b156ac-253f-4a1a-9851-96d62b71b047\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a4b156ac-253f-4a1a-9851-96d62b71b047\"\n },\n {\n \"properties\": {\n \"roleName\": \"Hybrid Connectivity contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.HybridConnectivity contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.HybridConnectivity/endpoints/listIngressGatewayCredentials/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/delete\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/testPermissions/action\",\n \"Microsoft.HybridConnectivity/publicCloudConnectors/write\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/delete\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/syncNow/action\",\n \"Microsoft.HybridConnectivity/solutionConfigurations/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.251471Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.251471Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/f0f57965-de58-41bc-ba76-2aaab4d09f30\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"f0f57965-de58-41bc-ba76-2aaab4d09f30\"\n },\n {\n \"properties\": {\n \"roleName\": \"Aws Connector contributor role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Microsoft.AwsConnector contributor role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/delete\",\n \"Microsoft.AwsConnector/accessAnalyzerAnalyzers/write\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/delete\",\n \"Microsoft.AwsConnector/acmCertificateSummaries/write\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/delete\",\n \"Microsoft.AwsConnector/apiGatewayRestApis/write\",\n \"Microsoft.AwsConnector/apiGatewayStages/delete\",\n \"Microsoft.AwsConnector/apiGatewayStages/write\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/delete\",\n \"Microsoft.AwsConnector/applicationAutoScalingScalableTargets/write\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/delete\",\n \"Microsoft.AwsConnector/appSyncGraphqlApis/write\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/delete\",\n \"Microsoft.AwsConnector/autoScalingAutoScalingGroups/write\",\n \"Microsoft.AwsConnector/cloudFormationStacks/delete\",\n \"Microsoft.AwsConnector/cloudFormationStacks/write\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/delete\",\n \"Microsoft.AwsConnector/cloudFormationStackSets/write\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/delete\",\n \"Microsoft.AwsConnector/cloudFrontDistributions/write\",\n \"Microsoft.AwsConnector/cloudTrailTrails/delete\",\n \"Microsoft.AwsConnector/cloudTrailTrails/write\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/delete\",\n \"Microsoft.AwsConnector/cloudWatchAlarms/write\",\n \"Microsoft.AwsConnector/codeBuildProjects/delete\",\n \"Microsoft.AwsConnector/codeBuildProjects/write\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/delete\",\n \"Microsoft.AwsConnector/codeBuildSourceCredentialsInfos/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorders/write\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/delete\",\n \"Microsoft.AwsConnector/configServiceConfigurationRecorderStatuses/write\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/delete\",\n \"Microsoft.AwsConnector/configServiceDeliveryChannels/write\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/delete\",\n \"Microsoft.AwsConnector/databaseMigrationServiceReplicationInstances/write\",\n \"Microsoft.AwsConnector/daxClusters/delete\",\n \"Microsoft.AwsConnector/daxClusters/write\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/delete\",\n \"Microsoft.AwsConnector/dynamoDBContinuousBackupsDescriptions/write\",\n \"Microsoft.AwsConnector/dynamoDBTables/delete\",\n \"Microsoft.AwsConnector/dynamoDBTables/write\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/delete\",\n \"Microsoft.AwsConnector/ec2AccountAttributes/write\",\n \"Microsoft.AwsConnector/ec2Addresses/delete\",\n \"Microsoft.AwsConnector/ec2Addresses/write\",\n \"Microsoft.AwsConnector/ec2FlowLogs/delete\",\n \"Microsoft.AwsConnector/ec2FlowLogs/write\",\n \"Microsoft.AwsConnector/ec2Images/delete\",\n \"Microsoft.AwsConnector/ec2Images/write\",\n \"Microsoft.AwsConnector/ec2Instances/delete\",\n \"Microsoft.AwsConnector/ec2Instances/start/action\",\n \"Microsoft.AwsConnector/ec2Instances/stop/action\",\n \"Microsoft.AwsConnector/ec2Instances/write\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/delete\",\n \"Microsoft.AwsConnector/ec2InstanceStatuses/write\",\n \"Microsoft.AwsConnector/ec2Ipams/delete\",\n \"Microsoft.AwsConnector/ec2Ipams/write\",\n \"Microsoft.AwsConnector/ec2KeyPairs/delete\",\n \"Microsoft.AwsConnector/ec2KeyPairs/write\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/delete\",\n \"Microsoft.AwsConnector/ec2NetworkAcls/write\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/delete\",\n \"Microsoft.AwsConnector/ec2NetworkInterfaces/write\",\n \"Microsoft.AwsConnector/ec2RouteTables/delete\",\n \"Microsoft.AwsConnector/ec2RouteTables/write\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/delete\",\n \"Microsoft.AwsConnector/ec2SecurityGroups/write\",\n \"Microsoft.AwsConnector/ec2Snapshots/delete\",\n \"Microsoft.AwsConnector/ec2Snapshots/write\",\n \"Microsoft.AwsConnector/ec2Subnets/delete\",\n \"Microsoft.AwsConnector/ec2Subnets/write\",\n \"Microsoft.AwsConnector/ec2Volumes/delete\",\n \"Microsoft.AwsConnector/ec2Volumes/write\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/delete\",\n \"Microsoft.AwsConnector/ec2VPCEndpoints/write\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/delete\",\n \"Microsoft.AwsConnector/ec2VPCPeeringConnections/write\",\n \"Microsoft.AwsConnector/ec2Vpcs/delete\",\n \"Microsoft.AwsConnector/ec2Vpcs/write\",\n \"Microsoft.AwsConnector/ecrImageDetails/delete\",\n \"Microsoft.AwsConnector/ecrImageDetails/write\",\n \"Microsoft.AwsConnector/ecrRepositories/delete\",\n \"Microsoft.AwsConnector/ecrRepositories/write\",\n \"Microsoft.AwsConnector/ecsClusters/delete\",\n \"Microsoft.AwsConnector/ecsClusters/write\",\n \"Microsoft.AwsConnector/ecsServices/delete\",\n \"Microsoft.AwsConnector/ecsServices/write\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/delete\",\n \"Microsoft.AwsConnector/ecsTaskDefinitions/write\",\n \"Microsoft.AwsConnector/efsFileSystems/delete\",\n \"Microsoft.AwsConnector/efsFileSystems/write\",\n \"Microsoft.AwsConnector/efsMountTargets/delete\",\n \"Microsoft.AwsConnector/efsMountTargets/write\",\n \"Microsoft.AwsConnector/eksClusters/delete\",\n \"Microsoft.AwsConnector/eksClusters/write\",\n \"Microsoft.AwsConnector/eksNodegroups/delete\",\n \"Microsoft.AwsConnector/eksNodegroups/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkApplications/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkConfigurationTemplates/write\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/delete\",\n \"Microsoft.AwsConnector/elasticBeanstalkEnvironments/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2Listeners/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2LoadBalancers/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetGroups/write\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/delete\",\n \"Microsoft.AwsConnector/elasticLoadBalancingV2TargetHealthDescriptions/write\",\n \"Microsoft.AwsConnector/elasticsearchDomains/delete\",\n \"Microsoft.AwsConnector/elasticsearchDomains/write\",\n \"Microsoft.AwsConnector/emrClusters/delete\",\n \"Microsoft.AwsConnector/emrClusters/write\",\n \"Microsoft.AwsConnector/guardDutyDetectors/delete\",\n \"Microsoft.AwsConnector/guardDutyDetectors/write\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyLastUseds/write\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/delete\",\n \"Microsoft.AwsConnector/iamAccessKeyMetadata/write\",\n \"Microsoft.AwsConnector/iamGroups/delete\",\n \"Microsoft.AwsConnector/iamGroups/write\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/delete\",\n \"Microsoft.AwsConnector/iamInstanceProfiles/write\",\n \"Microsoft.AwsConnector/iamManagedPolicies/delete\",\n \"Microsoft.AwsConnector/iamManagedPolicies/write\",\n \"Microsoft.AwsConnector/iamMFADevices/delete\",\n \"Microsoft.AwsConnector/iamMFADevices/write\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/delete\",\n \"Microsoft.AwsConnector/iamPasswordPolicies/write\",\n \"Microsoft.AwsConnector/iamPolicyVersions/delete\",\n \"Microsoft.AwsConnector/iamPolicyVersions/write\",\n \"Microsoft.AwsConnector/iamRoles/delete\",\n \"Microsoft.AwsConnector/iamRoles/write\",\n \"Microsoft.AwsConnector/iamServerCertificates/delete\",\n \"Microsoft.AwsConnector/iamServerCertificates/write\",\n \"Microsoft.AwsConnector/iamUserPolicies/delete\",\n \"Microsoft.AwsConnector/iamUserPolicies/write\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/delete\",\n \"Microsoft.AwsConnector/iamVirtualMFADevices/write\",\n \"Microsoft.AwsConnector/kmsAliases/delete\",\n \"Microsoft.AwsConnector/kmsAliases/write\",\n \"Microsoft.AwsConnector/kmsKeys/delete\",\n \"Microsoft.AwsConnector/kmsKeys/write\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionCodeLocations/write\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/delete\",\n \"Microsoft.AwsConnector/lambdaFunctionConfigurations/write\",\n \"Microsoft.AwsConnector/lambdaFunctions/delete\",\n \"Microsoft.AwsConnector/lambdaFunctions/write\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/delete\",\n \"Microsoft.AwsConnector/licenseManagerLicenses/write\",\n \"Microsoft.AwsConnector/lightsailBuckets/delete\",\n \"Microsoft.AwsConnector/lightsailBuckets/write\",\n \"Microsoft.AwsConnector/lightsailInstances/delete\",\n \"Microsoft.AwsConnector/lightsailInstances/write\",\n \"Microsoft.AwsConnector/Locations/OperationStatuses/write\",\n \"Microsoft.AwsConnector/logsLogGroups/delete\",\n \"Microsoft.AwsConnector/logsLogGroups/write\",\n \"Microsoft.AwsConnector/logsLogStreams/delete\",\n \"Microsoft.AwsConnector/logsLogStreams/write\",\n \"Microsoft.AwsConnector/logsMetricFilters/delete\",\n \"Microsoft.AwsConnector/logsMetricFilters/write\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/delete\",\n \"Microsoft.AwsConnector/logsSubscriptionFilters/write\",\n \"Microsoft.AwsConnector/macie2JobSummaries/delete\",\n \"Microsoft.AwsConnector/macie2JobSummaries/write\",\n \"Microsoft.AwsConnector/macieAllowLists/delete\",\n \"Microsoft.AwsConnector/macieAllowLists/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewallPolicies/write\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/delete\",\n \"Microsoft.AwsConnector/networkFirewallFirewalls/write\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/delete\",\n \"Microsoft.AwsConnector/networkFirewallRuleGroups/write\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/delete\",\n \"Microsoft.AwsConnector/openSearchDomainStatuses/write\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/delete\",\n \"Microsoft.AwsConnector/openSearchServiceDomains/write\",\n \"Microsoft.AwsConnector/organizationsAccounts/delete\",\n \"Microsoft.AwsConnector/organizationsAccounts/write\",\n \"Microsoft.AwsConnector/organizationsOrganizations/delete\",\n \"Microsoft.AwsConnector/organizationsOrganizations/write\",\n \"Microsoft.AwsConnector/rdsDBClusters/delete\",\n \"Microsoft.AwsConnector/rdsDBClusters/write\",\n \"Microsoft.AwsConnector/rdsDBInstances/delete\",\n \"Microsoft.AwsConnector/rdsDBInstances/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshotAttributesResults/write\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/delete\",\n \"Microsoft.AwsConnector/rdsDBSnapshots/write\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/delete\",\n \"Microsoft.AwsConnector/rdsEventSubscriptions/write\",\n \"Microsoft.AwsConnector/rdsExportTasks/delete\",\n \"Microsoft.AwsConnector/rdsExportTasks/write\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/delete\",\n \"Microsoft.AwsConnector/redshiftClusterParameterGroups/write\",\n \"Microsoft.AwsConnector/redshiftClusters/delete\",\n \"Microsoft.AwsConnector/redshiftClusters/write\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/delete\",\n \"Microsoft.AwsConnector/route53DomainsDomainSummaries/write\",\n \"Microsoft.AwsConnector/route53HostedZones/delete\",\n \"Microsoft.AwsConnector/route53HostedZones/write\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/delete\",\n \"Microsoft.AwsConnector/route53ResourceRecordSets/write\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/delete\",\n \"Microsoft.AwsConnector/s3AccessControlPolicies/write\",\n \"Microsoft.AwsConnector/s3AccessPoints/delete\",\n \"Microsoft.AwsConnector/s3AccessPoints/write\",\n \"Microsoft.AwsConnector/s3BucketPolicies/delete\",\n \"Microsoft.AwsConnector/s3BucketPolicies/write\",\n \"Microsoft.AwsConnector/s3Buckets/delete\",\n \"Microsoft.AwsConnector/s3Buckets/write\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/delete\",\n \"Microsoft.AwsConnector/s3ControlMultiRegionAccessPointPolicyDocuments/write\",\n \"Microsoft.AwsConnector/sageMakerApps/delete\",\n \"Microsoft.AwsConnector/sageMakerApps/write\",\n \"Microsoft.AwsConnector/sageMakerDevices/delete\",\n \"Microsoft.AwsConnector/sageMakerDevices/write\",\n \"Microsoft.AwsConnector/sageMakerImages/delete\",\n \"Microsoft.AwsConnector/sageMakerImages/write\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/delete\",\n \"Microsoft.AwsConnector/sageMakerNotebookInstanceSummaries/write\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/delete\",\n \"Microsoft.AwsConnector/secretsManagerResourcePolicies/write\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/delete\",\n \"Microsoft.AwsConnector/secretsManagerSecrets/write\",\n \"Microsoft.AwsConnector/snsSubscriptions/delete\",\n \"Microsoft.AwsConnector/snsSubscriptions/write\",\n \"Microsoft.AwsConnector/snsTopics/delete\",\n \"Microsoft.AwsConnector/snsTopics/write\",\n \"Microsoft.AwsConnector/sqsQueues/delete\",\n \"Microsoft.AwsConnector/sqsQueues/write\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/delete\",\n \"Microsoft.AwsConnector/ssmInstanceInformations/write\",\n \"Microsoft.AwsConnector/ssmParameters/delete\",\n \"Microsoft.AwsConnector/ssmParameters/write\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/delete\",\n \"Microsoft.AwsConnector/ssmResourceComplianceSummaryItems/write\",\n \"Microsoft.AwsConnector/wafv2IPSets/delete\",\n \"Microsoft.AwsConnector/wafv2IPSets/write\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/delete\",\n \"Microsoft.AwsConnector/wafv2LoggingConfigurations/write\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/delete\",\n \"Microsoft.AwsConnector/wafv2WebACLAssociations/write\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/delete\",\n \"Microsoft.AwsConnector/wafWebACLSummaries/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"updatedOn\": \"2025-09-08T15:10:31.7683351Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/98c206fe-ea1b-4578-93f8-83a99a5628fc\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"98c206fe-ea1b-4578-93f8-83a99a5628fc\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB MI Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin-level access for managed identities on files/directories in Azure file shares.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"updatedOn\": \"2025-09-09T15:23:13.2982998Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"a235d3ee-5935-4cfb-8cc5-a3303ad5995e\"\n },\n {\n \"properties\": {\n \"roleName\": \"Common Edge Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Common Edge Admin Role\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Edge/connectivityStatuses/delete\",\n \"Microsoft.Edge/connectivityStatuses/write\",\n \"Microsoft.Edge/locations/operationStatuses/write\",\n \"Microsoft.Edge/updates/delete\",\n \"Microsoft.Edge/updates/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/b256d512-9a3a-4a96-9366-9f54f900e58b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"b256d512-9a3a-4a96-9366-9f54f900e58b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Firmware Analysis User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Upload and analyze firmware images but not perform any workspace configuration\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.IoTFirmwareDefense/*\",\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Resources/deployments/*\"\n ],\n \"notActions\": [\n \"Microsoft.IoTFirmwareDefense/firmwareGroups/*\",\n \"Microsoft.IoTFirmwareDefense/register/action\",\n \"Microsoft.IoTFirmwareDefense/unregister/action\",\n \"Microsoft.IoTFirmwareDefense/workspaces/write\",\n \"Microsoft.IoTFirmwareDefense/workspaces/delete\"\n ],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"updatedOn\": \"2025-09-10T15:34:53.4393915Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/53b2724d-1e51-44fa-b586-bcace0c82609\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"53b2724d-1e51-44fa-b586-bcace0c82609\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Standard User\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to interact with the SRE Agent to triage incidents and run diagnostics.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/threads/read\",\n \"Microsoft.App/agents/graph/read\",\n \"Microsoft.App/agents/memory/read\",\n \"Microsoft.App/agents/incidentManagement/read\",\n \"Microsoft.App/agents/threads/write\",\n \"Microsoft.App/agents/graph/write\",\n \"Microsoft.App/agents/memory/write\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8379721Z\",\n \"updatedOn\": \"2025-09-16T15:14:52.3167343Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/2d84a65a-63b2-4343-bbb6-31105d857bc1\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"2d84a65a-63b2-4343-bbb6-31105d857bc1\"\n },\n {\n \"properties\": {\n \"roleName\": \"SRE Agent Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Full control of the agent—manage chats, incident response plans, and agent run modes; approve and execute commands.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.App/agents/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.App/agents/*/read\",\n \"Microsoft.App/agents/*/write\",\n \"Microsoft.App/agents/*/delete\",\n \"Microsoft.App/agents/threads/approve/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T20:06:45.8389733Z\",\n \"updatedOn\": \"2025-09-16T15:14:53.2394147Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/e79298df-d852-4c6d-84f9-5d13249d1e55\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"e79298df-d852-4c6d-84f9-5d13249d1e55\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Kubernetes Fleet Manager Hub Cluster User Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants read access to Azure Kubernetes Fleet Manager as well as the Kubernetes config file to connect to the fleet-managed hub cluster.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.ContainerService/fleets/listCredentials/action\",\n \"Microsoft.ContainerService/fleets/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"updatedOn\": \"2025-09-10T23:25:40.4325052Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/850c5848-fc51-4a9a-8823-f220370626e3\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"850c5848-fc51-4a9a-8823-f220370626e3\"\n },\n {\n \"properties\": {\n \"roleName\": \"Log Analytics Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Log Analytics Data Reader can query and search the logs it is allowed to view over Log Analytics workspaces and tables\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.OperationalInsights/workspaces/query/read\",\n \"Microsoft.OperationalInsights/workspaces/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.OperationalInsights/workspaces/tables/data/read\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"updatedOn\": \"2025-09-11T09:53:03.6783283Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/3b03c2da-16b3-4a49-8834-0f8130efdd3b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"3b03c2da-16b3-4a49-8834-0f8130efdd3b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Dynamics 365 Customer Insights Service Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Enables Diagnostic Logging setup for Customer Insights instances.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.D365CustomerInsights/instances/write\",\n \"Microsoft.D365CustomerInsights/instances/providers/Microsoft.Insights/diagnosticSettings/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"updatedOn\": \"2025-09-11T14:44:00.9623287Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"89f7a3ec-e9d0-40eb-9b96-c016a5c2a53f\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Blob Data Operator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions - Storage Task to list & perform operations on the Storage Account blobs\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/write\"\n ],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/runAsSuperUser/action\",\n \"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/immutableStorage/runAsSuperUser/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/4bad4d9e-2a13-4888-94bb-c8432f6f3040\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"4bad4d9e-2a13-4888-94bb-c8432f6f3040\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Task Assignment Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions assigner to create a Task Assignment on their target Storage Account, with RBAC privileges for Managed Identity\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Storage/storageAccounts/reports/read\",\n \"Microsoft.Storage/storageAccounts/read\",\n \"Microsoft.Storage/storageAccounts/blobServices/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/read\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/write\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/delete\",\n \"Microsoft.Storage/storageAccounts/storageTaskAssignments/reports/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n },\n {\n \"actions\": [\n \"Microsoft.Authorization/roleAssignments/write\",\n \"Microsoft.Authorization/roleAssignments/delete\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": [],\n \"conditionVersion\": \"2.0\",\n \"condition\": \"((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{4bad4d9e2a13488894bbc8432f6f3040}))\"\n }\n ],\n \"createdOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"updatedOn\": \"2025-09-12T21:16:43.9136753Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/77789c21-1643-48a2-8f27-47f858540b51\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"77789c21-1643-48a2-8f27-47f858540b51\"\n },\n {\n \"properties\": {\n \"roleName\": \"Azure Native Dynatrace Agent Management Role\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Grants access to manage Dynatrace Agent on compute resources\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.KubernetesConfiguration/extensions/write\",\n \"Microsoft.KubernetesConfiguration/extensions/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/55077723-1b30-4603-a70b-68de134cfa20\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"55077723-1b30-4603-a70b-68de134cfa20\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage Actions Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Used by the Storage Actions author to create, read, update, and delete Storage Actions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.StorageActions/storageTasks/read\",\n \"Microsoft.StorageActions/storageTasks/write\",\n \"Microsoft.StorageActions/storageTasks/delete\",\n \"Microsoft.StorageActions/storageTasks/storageTaskAssignments/read\",\n \"Microsoft.StorageActions/storageTasks/reports/read\",\n \"Microsoft.StorageActions/locations/previewActions/action\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"updatedOn\": \"2025-09-16T15:14:50.9389725Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bd8acdb0-202c-4493-a7fe-ef98eefbfbc4\"\n },\n {\n \"properties\": {\n \"roleName\": \"Essential Machine Management Administrator\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Can managed Essential Machine Management resources for subscriptions\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Insights/dataCollectionRules/read\",\n \"Microsoft.Insights/dataCollectionRules/write\",\n \"Microsoft.Monitor/accounts/write\",\n \"Microsoft.Monitor/accounts/read\",\n \"Microsoft.ManagedOps/managedOps/read\",\n \"Microsoft.ManagedOps/managedOps/write\",\n \"Microsoft.ManagedOps/managedOps/delete\",\n \"Microsoft.OperationsManagement/solutions/read\",\n \"Microsoft.OperationsManagement/solutions/write\",\n \"Microsoft.OperationalInsights/workspaces/read\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/action\",\n \"Microsoft.OperationalInsights/workspaces/sharedkeys/read\",\n \"Microsoft.OperationalInsights/workspaces/listKeys/action\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.Insights/metricAlerts/write\",\n \"Microsoft.Insights/metricAlerts/read\",\n \"Microsoft.Security/pricings/write\",\n \"Microsoft.Security/pricings/read\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"updatedOn\": \"2025-09-22T15:13:19.5975298Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/34013b0a-565b-43aa-8755-1b7c286f6cf7\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"34013b0a-565b-43aa-8755-1b7c286f6cf7\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Reader\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/da9adf61-39cd-41d5-87a0-30b21f7270d8\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"da9adf61-39cd-41d5-87a0-30b21f7270d8\"\n },\n {\n \"properties\": {\n \"roleName\": \"Garnet PubSub Data Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows read and write access to all channels within the Garnet resource\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.DocumentDB/garnetClusters/acl/clientid/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/clientinfo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/configget/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/echo/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/info/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/keyslot/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/nodes/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/ping/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/slots/read\",\n \"Microsoft.DocumentDB/garnetClusters/acl/channels/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numsub/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/numpat/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/psubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/publish/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/punsubscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/subscribe/action\",\n \"Microsoft.DocumentDB/garnetClusters/acl/unsubscribe/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"updatedOn\": \"2025-09-26T22:46:03.1347874Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/56e95fdc-3337-468d-b964-30d07f2a2018\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"56e95fdc-3337-468d-b964-30d07f2a2018\"\n },\n {\n \"properties\": {\n \"roleName\": \"Tenant Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows users to create and manage Entra ID Tenants.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [],\n \"createdOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"updatedOn\": \"2025-09-29T15:12:03.2996499Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/0a7c2fa1-6f28-41a4-86b8-e74937c63222\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"0a7c2fa1-6f28-41a4-86b8-e74937c63222\"\n },\n {\n \"properties\": {\n \"roleName\": \"Storage File Data SMB Admin\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Allows for admin access equivalent to storage account key for end users over SMB.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [],\n \"notActions\": [],\n \"dataActions\": [\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete\",\n \"Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action\",\n \"Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action\"\n ],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-09-30T15:23:51.084353Z\",\n \"updatedOn\": \"2025-09-30T15:23:51.084353Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"bbf004e3-0e4b-4f86-ae4f-1f8fb47b357b\"\n },\n {\n \"properties\": {\n \"roleName\": \"Supercomputer Infrastructure Contributor\",\n \"type\": \"BuiltInRole\",\n \"description\": \"Lets you manage Supercomputer Infrastructure resources, but not access to them.\",\n \"assignableScopes\": [\n \"/\"\n ],\n \"permissions\": [\n {\n \"actions\": [\n \"Microsoft.Authorization/*/read\",\n \"Microsoft.Insights/alertRules/*\",\n \"Microsoft.Resources/deployments/*\",\n \"Microsoft.Resources/subscriptions/resourceGroups/read\",\n \"Microsoft.SupercomputerInfrastructure/*\"\n ],\n \"notActions\": [],\n \"dataActions\": [],\n \"notDataActions\": []\n }\n ],\n \"createdOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"updatedOn\": \"2025-10-02T23:09:34.5476643Z\",\n \"createdBy\": null,\n \"updatedBy\": null\n },\n \"id\": \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/providers/Microsoft.Authorization/roleDefinitions/68899692-f960-4247-af28-82f55b357997\",\n \"type\": \"Microsoft.Authorization/roleDefinitions\",\n \"name\": \"68899692-f960-4247-af28-82f55b357997\"\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "/v1.0/directoryObjects/microsoft.graph.getByIds", + "EncodedRequestUri": "L3YxLjAvZGlyZWN0b3J5T2JqZWN0cy9taWNyb3NvZnQuZ3JhcGguZ2V0QnlJZHM=", + "RequestMethod": "POST", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "96a8d0a9-3c55-41e3-a0c4-f77f353b6b24" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Commands.Common.MSGraph.Version1.0.MicrosoftGraphClient/1.3.110" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Content-Length": [ + "105" + ] + }, + "RequestBody": "{\n \"ids\": [\n \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"69c9e264-690c-43c9-aba4-a195a62f1929\"\n ]\n}", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Transfer-Encoding": [ + "chunked" + ], + "Location": [ + "https://graph.microsoft.com/" + ], + "Strict-Transport-Security": [ + "max-age=31536000" + ], + "request-id": [ + "92f0856d-0901-40a5-a294-070d4ff64e77" + ], + "client-request-id": [ + "92f0856d-0901-40a5-a294-070d4ff64e77" + ], + "x-ms-ags-diagnostic": [ + "{\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"009\",\"RoleInstance\":\"DU2PEPF000289D6\"}}" + ], + "x-ms-resource-unit": [ + "3" + ], + "OData-Version": [ + "4.0" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:50 GMT" + ], + "Content-Type": [ + "application/json; odata.metadata=minimal; odata.streaming=true; IEEE754Compatible=false; charset=utf-8" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"@odata.context\": \"https://graph.microsoft.com/v1.0/$metadata#directoryObjects\",\n \"value\": [\n {\n \"@odata.type\": \"#microsoft.graph.user\",\n \"id\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"businessPhones\": [],\n \"displayName\": \"TestUser\",\n \"givenName\": \"Test\",\n \"jobTitle\": null,\n \"mail\": null,\n \"mobilePhone\": null,\n \"officeLocation\": null,\n \"preferredLanguage\": \"en\",\n \"surname\": \"Test\",\n \"userPrincipalName\": \"Test\"\n },\n {\n \"@odata.type\": \"#microsoft.graph.servicePrincipal\",\n \"id\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"deletedDateTime\": null,\n \"accountEnabled\": true,\n \"alternativeNames\": [\n \"isExplicit=True\",\n \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/resourcegroups/testRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test\"\n ],\n \"appDisplayName\": null,\n \"appDescription\": null,\n \"appId\": \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"applicationTemplateId\": null,\n \"appOwnerOrganizationId\": null,\n \"appRoleAssignmentRequired\": false,\n \"createdDateTime\": \"2025-10-04T08:38:04Z\",\n \"description\": null,\n \"disabledByMicrosoftStatus\": null,\n \"displayName\": \"test\",\n \"homepage\": null,\n \"loginUrl\": null,\n \"logoutUrl\": null,\n \"notes\": null,\n \"notificationEmailAddresses\": [],\n \"preferredSingleSignOnMode\": null,\n \"preferredTokenSigningKeyThumbprint\": null,\n \"replyUrls\": [],\n \"servicePrincipalNames\": [\n \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"https://identity.azure.net/N4dW10xySRQ9Y/JcNRmcJrxstoBqHfYR2R4VFNyahI8=\"\n ],\n \"servicePrincipalType\": \"ManagedIdentity\",\n \"signInAudience\": null,\n \"tags\": [],\n \"tokenEncryptionKeyId\": null,\n \"info\": null,\n \"samlSingleSignOnSettings\": null,\n \"addIns\": [],\n \"appRoles\": [],\n \"keyCredentials\": [\n {\n \"customKeyIdentifier\": \"1367CD8B94EBC49368A8FF8E88CF17794A6E7F9D\",\n \"displayName\": \"CN=d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"endDateTime\": \"2026-01-02T08:33:00Z\",\n \"key\": null,\n \"keyId\": \"15750080-c0c3-4854-b2d2-f08ac5c3f7fb\",\n \"startDateTime\": \"2025-10-04T08:33:00Z\",\n \"type\": \"AsymmetricX509Cert\",\n \"usage\": \"Verify\"\n }\n ],\n \"oauth2PermissionScopes\": [],\n \"passwordCredentials\": [],\n \"resourceSpecificApplicationPermissions\": [],\n \"verifiedPublisher\": {\n \"displayName\": null,\n \"verifiedPublisherId\": null,\n \"addedDateTime\": null\n }\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "/v1.0/directoryObjects/microsoft.graph.getByIds", + "EncodedRequestUri": "L3YxLjAvZGlyZWN0b3J5T2JqZWN0cy9taWNyb3NvZnQuZ3JhcGguZ2V0QnlJZHM=", + "RequestMethod": "POST", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "57ca87d1-f6da-4ede-b19a-6945018f877b" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Commands.Common.MSGraph.Version1.0.MicrosoftGraphClient/1.3.110" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Content-Length": [ + "105" + ] + }, + "RequestBody": "{\n \"ids\": [\n \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"69c9e264-690c-43c9-aba4-a195a62f1929\"\n ]\n}", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Transfer-Encoding": [ + "chunked" + ], + "Location": [ + "https://graph.microsoft.com/" + ], + "Strict-Transport-Security": [ + "max-age=31536000" + ], + "request-id": [ + "db90b0d4-dd6a-48fe-b293-fa4dee60c20a" + ], + "client-request-id": [ + "db90b0d4-dd6a-48fe-b293-fa4dee60c20a" + ], + "x-ms-ags-diagnostic": [ + "{\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"009\",\"RoleInstance\":\"DU2PEPF000255B0\"}}" + ], + "x-ms-resource-unit": [ + "3" + ], + "OData-Version": [ + "4.0" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:51 GMT" + ], + "Content-Type": [ + "application/json; odata.metadata=minimal; odata.streaming=true; IEEE754Compatible=false; charset=utf-8" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"@odata.context\": \"https://graph.microsoft.com/v1.0/$metadata#directoryObjects\",\n \"value\": [\n {\n \"@odata.type\": \"#microsoft.graph.user\",\n \"id\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"businessPhones\": [],\n \"displayName\": \"TestUser\",\n \"givenName\": \"Test\",\n \"jobTitle\": null,\n \"mail\": null,\n \"mobilePhone\": null,\n \"officeLocation\": null,\n \"preferredLanguage\": \"en\",\n \"surname\": \"Test\",\n \"userPrincipalName\": \"Test\"\n },\n {\n \"@odata.type\": \"#microsoft.graph.servicePrincipal\",\n \"id\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"deletedDateTime\": null,\n \"accountEnabled\": true,\n \"alternativeNames\": [\n \"isExplicit=True\",\n \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/resourcegroups/testRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test\"\n ],\n \"appDisplayName\": null,\n \"appDescription\": null,\n \"appId\": \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"applicationTemplateId\": null,\n \"appOwnerOrganizationId\": null,\n \"appRoleAssignmentRequired\": false,\n \"createdDateTime\": \"2025-10-04T08:38:04Z\",\n \"description\": null,\n \"disabledByMicrosoftStatus\": null,\n \"displayName\": \"test\",\n \"homepage\": null,\n \"loginUrl\": null,\n \"logoutUrl\": null,\n \"notes\": null,\n \"notificationEmailAddresses\": [],\n \"preferredSingleSignOnMode\": null,\n \"preferredTokenSigningKeyThumbprint\": null,\n \"replyUrls\": [],\n \"servicePrincipalNames\": [\n \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"https://identity.azure.net/N4dW10xySRQ9Y/JcNRmcJrxstoBqHfYR2R4VFNyahI8=\"\n ],\n \"servicePrincipalType\": \"ManagedIdentity\",\n \"signInAudience\": null,\n \"tags\": [],\n \"tokenEncryptionKeyId\": null,\n \"info\": null,\n \"samlSingleSignOnSettings\": null,\n \"addIns\": [],\n \"appRoles\": [],\n \"keyCredentials\": [\n {\n \"customKeyIdentifier\": \"1367CD8B94EBC49368A8FF8E88CF17794A6E7F9D\",\n \"displayName\": \"CN=d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"endDateTime\": \"2026-01-02T08:33:00Z\",\n \"key\": null,\n \"keyId\": \"15750080-c0c3-4854-b2d2-f08ac5c3f7fb\",\n \"startDateTime\": \"2025-10-04T08:33:00Z\",\n \"type\": \"AsymmetricX509Cert\",\n \"usage\": \"Verify\"\n }\n ],\n \"oauth2PermissionScopes\": [],\n \"passwordCredentials\": [],\n \"resourceSpecificApplicationPermissions\": [],\n \"verifiedPublisher\": {\n \"displayName\": null,\n \"verifiedPublisherId\": null,\n \"addedDateTime\": null\n }\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "/v1.0/directoryObjects/microsoft.graph.getByIds", + "EncodedRequestUri": "L3YxLjAvZGlyZWN0b3J5T2JqZWN0cy9taWNyb3NvZnQuZ3JhcGguZ2V0QnlJZHM=", + "RequestMethod": "POST", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "65e4c945-8111-4d8f-aac8-5e95cb5b217a" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Commands.Common.MSGraph.Version1.0.MicrosoftGraphClient/1.3.110" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Content-Length": [ + "105" + ] + }, + "RequestBody": "{\n \"ids\": [\n \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"69c9e264-690c-43c9-aba4-a195a62f1929\"\n ]\n}", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Transfer-Encoding": [ + "chunked" + ], + "Location": [ + "https://graph.microsoft.com/" + ], + "Strict-Transport-Security": [ + "max-age=31536000" + ], + "request-id": [ + "a2e0d7e6-90d9-458a-ab98-3ab6267740db" + ], + "client-request-id": [ + "a2e0d7e6-90d9-458a-ab98-3ab6267740db" + ], + "x-ms-ags-diagnostic": [ + "{\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"011\",\"RoleInstance\":\"DB1PEPF000508A1\"}}" + ], + "x-ms-resource-unit": [ + "3" + ], + "OData-Version": [ + "4.0" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:52 GMT" + ], + "Content-Type": [ + "application/json; odata.metadata=minimal; odata.streaming=true; IEEE754Compatible=false; charset=utf-8" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"@odata.context\": \"https://graph.microsoft.com/v1.0/$metadata#directoryObjects\",\n \"value\": [\n {\n \"@odata.type\": \"#microsoft.graph.user\",\n \"id\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"businessPhones\": [],\n \"displayName\": \"TestUser\",\n \"givenName\": \"Test\",\n \"jobTitle\": null,\n \"mail\": null,\n \"mobilePhone\": null,\n \"officeLocation\": null,\n \"preferredLanguage\": \"en\",\n \"surname\": \"Test\",\n \"userPrincipalName\": \"Test\"\n },\n {\n \"@odata.type\": \"#microsoft.graph.servicePrincipal\",\n \"id\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"deletedDateTime\": null,\n \"accountEnabled\": true,\n \"alternativeNames\": [\n \"isExplicit=True\",\n \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/resourcegroups/testRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test\"\n ],\n \"appDisplayName\": null,\n \"appDescription\": null,\n \"appId\": \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"applicationTemplateId\": null,\n \"appOwnerOrganizationId\": null,\n \"appRoleAssignmentRequired\": false,\n \"createdDateTime\": \"2025-10-04T08:38:04Z\",\n \"description\": null,\n \"disabledByMicrosoftStatus\": null,\n \"displayName\": \"test\",\n \"homepage\": null,\n \"loginUrl\": null,\n \"logoutUrl\": null,\n \"notes\": null,\n \"notificationEmailAddresses\": [],\n \"preferredSingleSignOnMode\": null,\n \"preferredTokenSigningKeyThumbprint\": null,\n \"replyUrls\": [],\n \"servicePrincipalNames\": [\n \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"https://identity.azure.net/N4dW10xySRQ9Y/JcNRmcJrxstoBqHfYR2R4VFNyahI8=\"\n ],\n \"servicePrincipalType\": \"ManagedIdentity\",\n \"signInAudience\": null,\n \"tags\": [],\n \"tokenEncryptionKeyId\": null,\n \"info\": null,\n \"samlSingleSignOnSettings\": null,\n \"addIns\": [],\n \"appRoles\": [],\n \"keyCredentials\": [\n {\n \"customKeyIdentifier\": \"1367CD8B94EBC49368A8FF8E88CF17794A6E7F9D\",\n \"displayName\": \"CN=d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"endDateTime\": \"2026-01-02T08:33:00Z\",\n \"key\": null,\n \"keyId\": \"15750080-c0c3-4854-b2d2-f08ac5c3f7fb\",\n \"startDateTime\": \"2025-10-04T08:33:00Z\",\n \"type\": \"AsymmetricX509Cert\",\n \"usage\": \"Verify\"\n }\n ],\n \"oauth2PermissionScopes\": [],\n \"passwordCredentials\": [],\n \"resourceSpecificApplicationPermissions\": [],\n \"verifiedPublisher\": {\n \"displayName\": null,\n \"verifiedPublisherId\": null,\n \"addedDateTime\": null\n }\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "/v1.0/directoryObjects/microsoft.graph.getByIds", + "EncodedRequestUri": "L3YxLjAvZGlyZWN0b3J5T2JqZWN0cy9taWNyb3NvZnQuZ3JhcGguZ2V0QnlJZHM=", + "RequestMethod": "POST", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "79788081-98b6-43a5-bb33-c1083a5d354f" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Commands.Common.MSGraph.Version1.0.MicrosoftGraphClient/1.3.110" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Content-Length": [ + "105" + ] + }, + "RequestBody": "{\n \"ids\": [\n \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"69c9e264-690c-43c9-aba4-a195a62f1929\"\n ]\n}", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Transfer-Encoding": [ + "chunked" + ], + "Location": [ + "https://graph.microsoft.com/" + ], + "Strict-Transport-Security": [ + "max-age=31536000" + ], + "request-id": [ + "b5db7eba-2c66-4101-8268-6e76b8ddd834" + ], + "client-request-id": [ + "b5db7eba-2c66-4101-8268-6e76b8ddd834" + ], + "x-ms-ags-diagnostic": [ + "{\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"009\",\"RoleInstance\":\"DU2PEPF000255B1\"}}" + ], + "x-ms-resource-unit": [ + "3" + ], + "OData-Version": [ + "4.0" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:53 GMT" + ], + "Content-Type": [ + "application/json; odata.metadata=minimal; odata.streaming=true; IEEE754Compatible=false; charset=utf-8" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"@odata.context\": \"https://graph.microsoft.com/v1.0/$metadata#directoryObjects\",\n \"value\": [\n {\n \"@odata.type\": \"#microsoft.graph.user\",\n \"id\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"businessPhones\": [],\n \"displayName\": \"TestUser\",\n \"givenName\": \"Test\",\n \"jobTitle\": null,\n \"mail\": null,\n \"mobilePhone\": null,\n \"officeLocation\": null,\n \"preferredLanguage\": \"en\",\n \"surname\": \"Test\",\n \"userPrincipalName\": \"Test\"\n },\n {\n \"@odata.type\": \"#microsoft.graph.servicePrincipal\",\n \"id\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"deletedDateTime\": null,\n \"accountEnabled\": true,\n \"alternativeNames\": [\n \"isExplicit=True\",\n \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/resourcegroups/testRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test\"\n ],\n \"appDisplayName\": null,\n \"appDescription\": null,\n \"appId\": \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"applicationTemplateId\": null,\n \"appOwnerOrganizationId\": null,\n \"appRoleAssignmentRequired\": false,\n \"createdDateTime\": \"2025-10-04T08:38:04Z\",\n \"description\": null,\n \"disabledByMicrosoftStatus\": null,\n \"displayName\": \"test\",\n \"homepage\": null,\n \"loginUrl\": null,\n \"logoutUrl\": null,\n \"notes\": null,\n \"notificationEmailAddresses\": [],\n \"preferredSingleSignOnMode\": null,\n \"preferredTokenSigningKeyThumbprint\": null,\n \"replyUrls\": [],\n \"servicePrincipalNames\": [\n \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"https://identity.azure.net/N4dW10xySRQ9Y/JcNRmcJrxstoBqHfYR2R4VFNyahI8=\"\n ],\n \"servicePrincipalType\": \"ManagedIdentity\",\n \"signInAudience\": null,\n \"tags\": [],\n \"tokenEncryptionKeyId\": null,\n \"info\": null,\n \"samlSingleSignOnSettings\": null,\n \"addIns\": [],\n \"appRoles\": [],\n \"keyCredentials\": [\n {\n \"customKeyIdentifier\": \"1367CD8B94EBC49368A8FF8E88CF17794A6E7F9D\",\n \"displayName\": \"CN=d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"endDateTime\": \"2026-01-02T08:33:00Z\",\n \"key\": null,\n \"keyId\": \"15750080-c0c3-4854-b2d2-f08ac5c3f7fb\",\n \"startDateTime\": \"2025-10-04T08:33:00Z\",\n \"type\": \"AsymmetricX509Cert\",\n \"usage\": \"Verify\"\n }\n ],\n \"oauth2PermissionScopes\": [],\n \"passwordCredentials\": [],\n \"resourceSpecificApplicationPermissions\": [],\n \"verifiedPublisher\": {\n \"displayName\": null,\n \"verifiedPublisherId\": null,\n \"addedDateTime\": null\n }\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "/v1.0/directoryObjects/microsoft.graph.getByIds", + "EncodedRequestUri": "L3YxLjAvZGlyZWN0b3J5T2JqZWN0cy9taWNyb3NvZnQuZ3JhcGguZ2V0QnlJZHM=", + "RequestMethod": "POST", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "4f60e104-3c2e-4bed-b05f-9977062d8be7" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Commands.Common.MSGraph.Version1.0.MicrosoftGraphClient/1.3.110" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Content-Length": [ + "105" + ] + }, + "RequestBody": "{\n \"ids\": [\n \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"69c9e264-690c-43c9-aba4-a195a62f1929\"\n ]\n}", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Transfer-Encoding": [ + "chunked" + ], + "Location": [ + "https://graph.microsoft.com/" + ], + "Strict-Transport-Security": [ + "max-age=31536000" + ], + "request-id": [ + "f060b0cb-025e-4bc9-adc6-252136b38bda" + ], + "client-request-id": [ + "f060b0cb-025e-4bc9-adc6-252136b38bda" + ], + "x-ms-ags-diagnostic": [ + "{\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"011\",\"RoleInstance\":\"DB1PEPF00045B01\"}}" + ], + "x-ms-resource-unit": [ + "3" + ], + "OData-Version": [ + "4.0" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:54 GMT" + ], + "Content-Type": [ + "application/json; odata.metadata=minimal; odata.streaming=true; IEEE754Compatible=false; charset=utf-8" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"@odata.context\": \"https://graph.microsoft.com/v1.0/$metadata#directoryObjects\",\n \"value\": [\n {\n \"@odata.type\": \"#microsoft.graph.user\",\n \"id\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"businessPhones\": [],\n \"displayName\": \"TestUser\",\n \"givenName\": \"Test\",\n \"jobTitle\": null,\n \"mail\": null,\n \"mobilePhone\": null,\n \"officeLocation\": null,\n \"preferredLanguage\": \"en\",\n \"surname\": \"Test\",\n \"userPrincipalName\": \"Test\"\n },\n {\n \"@odata.type\": \"#microsoft.graph.servicePrincipal\",\n \"id\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"deletedDateTime\": null,\n \"accountEnabled\": true,\n \"alternativeNames\": [\n \"isExplicit=True\",\n \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/resourcegroups/testRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test\"\n ],\n \"appDisplayName\": null,\n \"appDescription\": null,\n \"appId\": \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"applicationTemplateId\": null,\n \"appOwnerOrganizationId\": null,\n \"appRoleAssignmentRequired\": false,\n \"createdDateTime\": \"2025-10-04T08:38:04Z\",\n \"description\": null,\n \"disabledByMicrosoftStatus\": null,\n \"displayName\": \"test\",\n \"homepage\": null,\n \"loginUrl\": null,\n \"logoutUrl\": null,\n \"notes\": null,\n \"notificationEmailAddresses\": [],\n \"preferredSingleSignOnMode\": null,\n \"preferredTokenSigningKeyThumbprint\": null,\n \"replyUrls\": [],\n \"servicePrincipalNames\": [\n \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"https://identity.azure.net/N4dW10xySRQ9Y/JcNRmcJrxstoBqHfYR2R4VFNyahI8=\"\n ],\n \"servicePrincipalType\": \"ManagedIdentity\",\n \"signInAudience\": null,\n \"tags\": [],\n \"tokenEncryptionKeyId\": null,\n \"info\": null,\n \"samlSingleSignOnSettings\": null,\n \"addIns\": [],\n \"appRoles\": [],\n \"keyCredentials\": [\n {\n \"customKeyIdentifier\": \"1367CD8B94EBC49368A8FF8E88CF17794A6E7F9D\",\n \"displayName\": \"CN=d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"endDateTime\": \"2026-01-02T08:33:00Z\",\n \"key\": null,\n \"keyId\": \"15750080-c0c3-4854-b2d2-f08ac5c3f7fb\",\n \"startDateTime\": \"2025-10-04T08:33:00Z\",\n \"type\": \"AsymmetricX509Cert\",\n \"usage\": \"Verify\"\n }\n ],\n \"oauth2PermissionScopes\": [],\n \"passwordCredentials\": [],\n \"resourceSpecificApplicationPermissions\": [],\n \"verifiedPublisher\": {\n \"displayName\": null,\n \"verifiedPublisherId\": null,\n \"addedDateTime\": null\n }\n }\n ]\n}", + "StatusCode": 200 + }, + { + "RequestUri": "/v1.0/directoryObjects/microsoft.graph.getByIds", + "EncodedRequestUri": "L3YxLjAvZGlyZWN0b3J5T2JqZWN0cy9taWNyb3NvZnQuZ3JhcGguZ2V0QnlJZHM=", + "RequestMethod": "POST", + "RequestHeaders": { + "Accept-Language": [ + "en-US" + ], + "x-ms-client-request-id": [ + "7eba5950-5e3f-43d7-92fd-98bbcaa1b7a8" + ], + "User-Agent": [ + "FxVersion/8.0.2025.41914", + "OSName/MacOs", + "OSVersion/Darwin.24.6.0.Darwin.Kernel.Version.24.6.0.Mon.Aug.11.21.16.30.PDT.2025.root.xnu.11417.140.69.701.11.1RELEASE.ARM64.T8132", + "Microsoft.Azure.Commands.Common.MSGraph.Version1.0.MicrosoftGraphClient/1.3.110" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Content-Length": [ + "105" + ] + }, + "RequestBody": "{\n \"ids\": [\n \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"69c9e264-690c-43c9-aba4-a195a62f1929\"\n ]\n}", + "ResponseHeaders": { + "Cache-Control": [ + "no-cache" + ], + "Transfer-Encoding": [ + "chunked" + ], + "Location": [ + "https://graph.microsoft.com/" + ], + "Strict-Transport-Security": [ + "max-age=31536000" + ], + "request-id": [ + "c36967da-762f-468e-8590-c133be634330" + ], + "client-request-id": [ + "c36967da-762f-468e-8590-c133be634330" + ], + "x-ms-ags-diagnostic": [ + "{\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"009\",\"RoleInstance\":\"DU2PEPF00026068\"}}" + ], + "x-ms-resource-unit": [ + "3" + ], + "OData-Version": [ + "4.0" + ], + "Date": [ + "Sat, 04 Oct 2025 10:19:55 GMT" + ], + "Content-Type": [ + "application/json; odata.metadata=minimal; odata.streaming=true; IEEE754Compatible=false; charset=utf-8" + ], + "Retry-After": [ + "0" + ] + }, + "ResponseBody": "{\n \"@odata.context\": \"https://graph.microsoft.com/v1.0/$metadata#directoryObjects\",\n \"value\": [\n {\n \"@odata.type\": \"#microsoft.graph.user\",\n \"id\": \"69c9e264-690c-43c9-aba4-a195a62f1929\",\n \"businessPhones\": [],\n \"displayName\": \"TestUser\",\n \"givenName\": \"Test\",\n \"jobTitle\": null,\n \"mail\": null,\n \"mobilePhone\": null,\n \"officeLocation\": null,\n \"preferredLanguage\": \"en\",\n \"surname\": \"Test\",\n \"userPrincipalName\": \"Test\"\n },\n {\n \"@odata.type\": \"#microsoft.graph.servicePrincipal\",\n \"id\": \"35e5fdfa-e80b-49b9-abf3-4c9a54f6b7a3\",\n \"deletedDateTime\": null,\n \"accountEnabled\": true,\n \"alternativeNames\": [\n \"isExplicit=True\",\n \"/subscriptions/696ead19-866d-4e9d-99e5-f061e4c34b84/resourcegroups/testRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test\"\n ],\n \"appDisplayName\": null,\n \"appDescription\": null,\n \"appId\": \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"applicationTemplateId\": null,\n \"appOwnerOrganizationId\": null,\n \"appRoleAssignmentRequired\": false,\n \"createdDateTime\": \"2025-10-04T08:38:04Z\",\n \"description\": null,\n \"disabledByMicrosoftStatus\": null,\n \"displayName\": \"test\",\n \"homepage\": null,\n \"loginUrl\": null,\n \"logoutUrl\": null,\n \"notes\": null,\n \"notificationEmailAddresses\": [],\n \"preferredSingleSignOnMode\": null,\n \"preferredTokenSigningKeyThumbprint\": null,\n \"replyUrls\": [],\n \"servicePrincipalNames\": [\n \"d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"https://identity.azure.net/N4dW10xySRQ9Y/JcNRmcJrxstoBqHfYR2R4VFNyahI8=\"\n ],\n \"servicePrincipalType\": \"ManagedIdentity\",\n \"signInAudience\": null,\n \"tags\": [],\n \"tokenEncryptionKeyId\": null,\n \"info\": null,\n \"samlSingleSignOnSettings\": null,\n \"addIns\": [],\n \"appRoles\": [],\n \"keyCredentials\": [\n {\n \"customKeyIdentifier\": \"1367CD8B94EBC49368A8FF8E88CF17794A6E7F9D\",\n \"displayName\": \"CN=d739b6ff-230e-4c69-9c08-1016b8f1acef\",\n \"endDateTime\": \"2026-01-02T08:33:00Z\",\n \"key\": null,\n \"keyId\": \"15750080-c0c3-4854-b2d2-f08ac5c3f7fb\",\n \"startDateTime\": \"2025-10-04T08:33:00Z\",\n \"type\": \"AsymmetricX509Cert\",\n \"usage\": \"Verify\"\n }\n ],\n \"oauth2PermissionScopes\": [],\n \"passwordCredentials\": [],\n \"resourceSpecificApplicationPermissions\": [],\n \"verifiedPublisher\": {\n \"displayName\": null,\n \"verifiedPublisherId\": null,\n \"addedDateTime\": null\n }\n }\n ]\n}", + "StatusCode": 200 + } + ], + "Names": {}, + "Variables": { + "SubscriptionId": "696ead19-866d-4e9d-99e5-f061e4c34b84" + } +} \ No newline at end of file diff --git a/src/Resources/Resources/ChangeLog.md b/src/Resources/Resources/ChangeLog.md index a599e47c7187..115899b97706 100644 --- a/src/Resources/Resources/ChangeLog.md +++ b/src/Resources/Resources/ChangeLog.md @@ -20,6 +20,7 @@ ## Upcoming Release * Fixed issue where RoleAssignment cmdlets did not properly handle insufficient MSGraph permissions [#28583] +* Fixed bug for objectID filtering in `Get-AzRoleAssignment`. [#28640] ## Version 8.1.0 * Added functionality for cmdlet `GetAzureResourceGroup`[#27865] diff --git a/src/Resources/Resources/Models.Authorization/AuthorizationClient.cs b/src/Resources/Resources/Models.Authorization/AuthorizationClient.cs index fab7d30b9cc6..5be6a927216b 100644 --- a/src/Resources/Resources/Models.Authorization/AuthorizationClient.cs +++ b/src/Resources/Resources/Models.Authorization/AuthorizationClient.cs @@ -234,6 +234,13 @@ public List FilterRoleAssignments(FilterRoleAssignmentsOptions * objectId could represent a group, so can't use atScope() and assignedTo('{objectId}') as alternative, * must filter after the results return from server. */ + + // Only GUIDs are currently supported as ObjectId. If the value is not a GUID, the call and result filtering can be skipped. + if (!Guid.TryParse(principalId, out Guid _)) + { + return new List(); + } + odataQuery = new ODataQuery(f => f.AtScope()); needsFilterPrincipalId = true; } @@ -265,9 +272,17 @@ public List FilterRoleAssignments(FilterRoleAssignmentsOptions } if (needsFilterPrincipalId) - { - result = result.Where(r => r.ObjectId?.Equals(principalId, StringComparison.OrdinalIgnoreCase) ?? false).ToList(); - } + { + if (Guid.TryParse(principalId, out Guid principalAsGuid)){ + result = result + .Where(r => Guid.TryParse(r.ObjectId, out Guid objectIdAsGuid) && objectIdAsGuid == principalAsGuid) + .ToList(); + } + else + { + result = new List(); + } + } if (options.IncludeClassicAdministrators) {