@@ -12,7 +12,7 @@ ms.devlang:
1212ms.topic : reference
1313ms.tgt_pltfrm :
1414ms.workload : identity
15- ms.date : 04/25 /2019
15+ ms.date : 05/16 /2019
1616ms.author : rolyon
1717ms.reviewer : bagovind
1818
@@ -52,12 +52,14 @@ The following table provides a brief description of each built-in role. Click th
5252| [ Avere Operator] ( #avere-operator ) | Used by the Avere vFXT cluster to manage the cluster |
5353| [ Azure Kubernetes Service Cluster Admin Role] ( #azure-kubernetes-service-cluster-admin-role ) | List cluster admin credential action. |
5454| [ Azure Kubernetes Service Cluster User Role] ( #azure-kubernetes-service-cluster-user-role ) | List cluster user credential action. |
55+ | [ Azure Maps Data Reader (Preview)] ( #azure-maps-data-reader-preview ) | Grants access to read map related data from an Azure maps account. |
5556| [ Azure Stack Registration Owner] ( #azure-stack-registration-owner ) | Lets you manage Azure Stack registrations. |
5657| [ Backup Contributor] ( #backup-contributor ) | Lets you manage backup service,but can't create vaults and give access to others |
5758| [ Backup Operator] ( #backup-operator ) | Lets you manage backup services, except removal of backup, vault creation and giving access to others |
5859| [ Backup Reader] ( #backup-reader ) | Can view backup services, but can't make changes |
5960| [ Billing Reader] ( #billing-reader ) | Allows read access to billing data |
6061| [ BizTalk Contributor] ( #biztalk-contributor ) | Lets you manage BizTalk services, but not access to them. |
62+ | [ Blockchain Member Node Access (Preview)] ( #blockchain-member-node-access-preview ) | Allows for access to Blockchain Member nodes |
6163| [ CDN Endpoint Contributor] ( #cdn-endpoint-contributor ) | Can manage CDN endpoints, but can’t grant access to other users. |
6264| [ CDN Endpoint Reader] ( #cdn-endpoint-reader ) | Can view CDN endpoints, but can’t make changes. |
6365| [ CDN Profile Contributor] ( #cdn-profile-contributor ) | Can manage CDN profiles and their endpoints, but can’t grant access to other users. |
@@ -571,6 +573,21 @@ The following table provides a brief description of each built-in role. Click th
571573> | ** NotDataActions** | |
572574> | * none* | |
573575
576+ ## Azure Maps Data Reader (Preview)
577+ > [ !div class="mx-tableFixed"]
578+ > | | |
579+ > | --- | --- |
580+ > | ** Description** | Grants access to read map related data from an Azure maps account. |
581+ > | ** Id** | 423170ca-a8f6-4b0f-8487-9e4eb8f49bfa |
582+ > | ** Actions** | |
583+ > | * none* | |
584+ > | ** NotActions** | |
585+ > | * none* | |
586+ > | ** DataActions** | |
587+ > | Microsoft.Maps/accounts/data/read | Grants data read access to a maps account. |
588+ > | ** NotDataActions** | |
589+ > | * none* | |
590+
574591## Azure Stack Registration Owner
575592> [ !div class="mx-tableFixed"]
576593> | | |
@@ -812,6 +829,21 @@ The following table provides a brief description of each built-in role. Click th
812829> | ** NotDataActions** | |
813830> | * none* | |
814831
832+ ## Blockchain Member Node Access (Preview)
833+ > [ !div class="mx-tableFixed"]
834+ > | | |
835+ > | --- | --- |
836+ > | ** Description** | Allows for access to Blockchain Member nodes |
837+ > | ** Id** | 31a002a1-acaf-453e-8a5b-297c9ca1ea24 |
838+ > | ** Actions** | |
839+ > | Microsoft.Blockchain/blockchainMembers/transactionNodes/read | Gets or Lists existing Blockchain Member Transaction Node(s). |
840+ > | ** NotActions** | |
841+ > | * none* | |
842+ > | ** DataActions** | |
843+ > | Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action | Connects to a Blockchain Member Transaction Node. |
844+ > | ** NotDataActions** | |
845+ > | * none* | |
846+
815847## CDN Endpoint Contributor
816848> [ !div class="mx-tableFixed"]
817849> | | |
@@ -1136,6 +1168,8 @@ The following table provides a brief description of each built-in role. Click th
11361168> | Microsoft.Resources/subscriptions/read | Gets the list of subscriptions. |
11371169> | Microsoft.Resources/subscriptions/resourceGroups/read | Gets or lists resource groups. |
11381170> | Microsoft.Support/* | Create and manage support tickets |
1171+ > | Microsoft.Advisor/configurations/read | Get configurations |
1172+ > | Microsoft.Advisor/recommendations/read | Reads recommendations |
11391173> | ** NotActions** | |
11401174> | * none* | |
11411175> | ** DataActions** | |
@@ -1156,6 +1190,8 @@ The following table provides a brief description of each built-in role. Click th
11561190> | Microsoft.Resources/subscriptions/read | Gets the list of subscriptions. |
11571191> | Microsoft.Resources/subscriptions/resourceGroups/read | Gets or lists resource groups. |
11581192> | Microsoft.Support/* | Create and manage support tickets |
1193+ > | Microsoft.Advisor/configurations/read | Get configurations |
1194+ > | Microsoft.Advisor/recommendations/read | Reads recommendations |
11591195> | ** NotActions** | |
11601196> | * none* | |
11611197> | ** DataActions** | |
@@ -1195,6 +1231,7 @@ The following table provides a brief description of each built-in role. Click th
11951231> | Microsoft.Databox/jobs/listsecrets/action | |
11961232> | Microsoft.Databox/jobs/listcredentials/action | Lists the unencrypted credentials related to the order. |
11971233> | Microsoft.Databox/locations/availableSkus/action | This method returns the list of available skus. |
1234+ > | Microsoft.Databox/locations/validateAddress/action | Validates the shipping address and provides alternate addresses if any. |
11981235> | Microsoft.ResourceHealth/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |
11991236> | Microsoft.Support/* | Create and manage support tickets |
12001237> | ** NotActions** | |
@@ -1296,6 +1333,7 @@ The following table provides a brief description of each built-in role. Click th
12961333> | Microsoft.DevTestLab/* /read | Read the properties of a lab |
12971334> | Microsoft.DevTestLab/labs/claimAnyVm/action | Claim a random claimable virtual machine in the lab. |
12981335> | Microsoft.DevTestLab/labs/createEnvironment/action | Create virtual machines in a lab. |
1336+ > | Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action | Ensure the current user has a valid profile in the lab. |
12991337> | Microsoft.DevTestLab/labs/formulas/delete | Delete formulas. |
13001338> | Microsoft.DevTestLab/labs/formulas/read | Read formulas. |
13011339> | Microsoft.DevTestLab/labs/formulas/write | Add or modify formulas. |
@@ -1423,6 +1461,7 @@ The following table provides a brief description of each built-in role. Click th
14231461> | Microsoft.Resources/subscriptions/resourceGroups/read | Gets or lists resource groups. |
14241462> | Microsoft.Resources/deployments/operations/read | Gets or lists deployment operations. |
14251463> | Microsoft.Insights/alertRules/* | Create and manage Insights alert rules |
1464+ > | Microsoft.Authorization/* /read | Read roles and role assignments |
14261465> | Microsoft.Support/* | Create and manage support tickets |
14271466> | ** NotActions** | |
14281467> | * none* | |
@@ -2495,7 +2534,7 @@ The following table provides a brief description of each built-in role. Click th
24952534> | ** Description** | Provides full access to Azure Storage blob containers and data, including assigning POSIX access control. To learn which actions are required for a given data operation, see [ Permissions for calling blob and queue data operations] ( https://docs.microsoft.com/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-rest-operations ) . |
24962535> | ** Id** | b7e6dc6d-f1e8-4753-8033-0f276bb0955b |
24972536> | ** Actions** | |
2498- > | Microsoft.Storage/storageAccounts/blobServices/containers/* | Full permissions on containers. |
2537+ > | Microsoft.Storage/storageAccounts/blobServices/containers/* | Full permissions on containers. |
24992538> | ** NotActions** | |
25002539> | * none* | |
25012540> | ** DataActions** | |
0 commit comments