Merge pull request #302323 from jenniferf-skc/RBACDevOpsAdd

Adding DevOps Infrastructure Contributor Role

Author: prmerger-automator[bot]

articles/role-based-access-control/built-in-roles.md

@@ -7,7 +7,7 @@ ms.workload: identity
 author: jenniferf-skc    
 manager: pmwongera
 ms.author: jfields
-ms.date: 07/02/2025
+ms.date: 07/07/2025
 ms.custom: generated
 ---
 
@@ -487,6 +487,7 @@ The following table provides a brief description of each built-in role. Click th
 > | <a name='deployment-environments-user'></a>[Deployment Environments User](./built-in-roles/devops.md#deployment-environments-user) | Provides access to manage environment resources. | 18e40d4e-8d2e-438d-97e1-9528336e149c |
 > | <a name='devcenter-dev-box-user'></a>[DevCenter Dev Box User](./built-in-roles/devops.md#devcenter-dev-box-user) | Provides access to create and manage dev boxes. | 45d50f46-0b78-4001-a660-4198cbe8cd05 |
 > | <a name='devcenter-project-admin'></a>[DevCenter Project Admin](./built-in-roles/devops.md#devcenter-project-admin) | Provides access to manage project resources. | 331c37c6-af14-46d9-b9f4-e1909e1b95a0 |
+> | <a name='devops-infrastructure-contributor-role'></a>[DevOps Infrastructure Contributor Role](./built-in-roles/devops.md#devops-infrastructure-contributor-role) | Read, write, delete and perform actions on Managed DevOps Pools | 76153a9e-0edb-49bc-8e01-93c47e6b5180 |
 > | <a name='devtest-labs-user'></a>[DevTest Labs User](./built-in-roles/devops.md#devtest-labs-user) | Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs. | 76283e04-6283-4c54-8f91-bcf1374a3c64 |
 > | <a name='lab-assistant'></a>[Lab Assistant](./built-in-roles/devops.md#lab-assistant) | Enables you to view an existing lab, perform actions on the lab VMs and send invitations to the lab. | ce40b423-cede-4313-a93f-9b28290b72e1 |
 > | <a name='lab-contributor'></a>[Lab Contributor](./built-in-roles/devops.md#lab-contributor) | Applied at lab level, enables you to manage the lab. Applied at a resource group, enables you to create and manage labs. | 5daaa2af-1fe8-407c-9122-bba179798270 |

articles/role-based-access-control/built-in-roles/devops.md

@@ -522,6 +522,63 @@ Provides access to manage project resources.
 }
 ```
 
+## DevOps Infrastructure Contributor Role
+
+Read, write, delete and perform actions on Managed DevOps Pools
+
+> [!div class="mx-tableFixed"]
+> | Actions | Description |
+> | --- | --- |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/register/action | Register the subscription for Microsoft.DevOpsInfrastructure |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/unregister/action | Unregister the subscription for Microsoft.DevOpsInfrastructure |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/*/read |  |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/Locations/OperationStatuses/write | Write OperationStatuses |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/pools/write | Update a Pool |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/pools/delete | Delete a Pool |
+> | [Microsoft.Authorization](../permissions/management-and-governance.md#microsoftauthorization)/*/read | Read roles and role assignments |
+> | [Microsoft.Insights](../permissions/monitor.md#microsoftinsights)/alertRules/* | Create and manage a classic metric alert |
+> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/deployments/* | Create and manage a deployment |
+> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/subscriptions/resourceGroups/read | Gets or lists resource groups. |
+> | **NotActions** |  |
+> | *none* |  |
+> | **DataActions** |  |
+> | *none* |  |
+> | **NotDataActions** |  |
+> | *none* |  |
+
+```json
+{
+  "assignableScopes": [
+    "/"
+  ],
+  "description": "Read, write, delete and perform actions on Managed DevOps Pools",
+  "id": "/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180",
+  "name": "76153a9e-0edb-49bc-8e01-93c47e6b5180",
+  "permissions": [
+    {
+      "actions": [
+        "Microsoft.DevOpsInfrastructure/register/action",
+        "Microsoft.DevOpsInfrastructure/unregister/action",
+        "Microsoft.DevOpsInfrastructure/*/read",
+        "Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write",
+        "Microsoft.DevOpsInfrastructure/pools/write",
+        "Microsoft.DevOpsInfrastructure/pools/delete",
+        "Microsoft.Authorization/*/read",
+        "Microsoft.Insights/alertRules/*",
+        "Microsoft.Resources/deployments/*",
+        "Microsoft.Resources/subscriptions/resourceGroups/read"
+      ],
+      "notActions": [],
+      "dataActions": [],
+      "notDataActions": []
+    }
+  ],
+  "roleName": "DevOps Infrastructure Contributor Role",
+  "roleType": "BuiltInRole",
+  "type": "Microsoft.Authorization/roleDefinitions"
+}
+```
+
 ## DevTest Labs User
 
 Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.

articles/role-based-access-control/permissions/devops.md

@@ -6,7 +6,7 @@ ms.topic: generated-reference
 author: jenniferf-skc
 manager: pmwongera
 ms.author: jfields
-ms.date: 05/25/2025
+ms.date: 07/07/2025
 ms.custom: generated
 ---
 
@@ -332,6 +332,31 @@ Azure service: [Azure Lab Services](/azure/lab-services/)
 > | Microsoft.DevTestLab/schedules/Execute/action | Execute a schedule. |
 > | Microsoft.DevTestLab/schedules/Retarget/action | Updates a schedule's target resource Id. |
 
+## Microsoft.DevOpsInfrastructure
+
+Read, write, delete and perform actions on Managed DevOps Pools
+
+Azure service: [Managed DevOps Pools](/azure/devops/managed-devops-pools/overview)
+
+> [!div class="mx-tableFixed"]
+> | Action | Description |
+> | --- | --- |
+> | Microsoft.DevOpsInfrastructure/register/action | Register the subscription for Microsoft.DevOpsInfrastructure |
+> | Microsoft.DevOpsInfrastructure/unregister/action | Unregister the subscription for Microsoft.DevOpsInfrastructure |
+> | Microsoft.DevOpsInfrastructure/images/versions/read | List ImageVersion resources by Image |
+> | Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/read | Read OperationStatuses |
+> | Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write | Write OperationStatuses |
+> | Microsoft.DevOpsInfrastructure/locations/skus/read | List ResourceSku resources by subscription ID |
+> | Microsoft.DevOpsInfrastructure/locations/usages/read | List Quota resources by subscription ID |
+> | Microsoft.DevOpsInfrastructure/Operations/read | Read Operations |
+> | Microsoft.DevOpsInfrastructure/pools/read | List Pool resources by subscription ID |
+> | Microsoft.DevOpsInfrastructure/pools/read | List Pool resources by resource group |
+> | Microsoft.DevOpsInfrastructure/pools/read | Get a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/write | Create a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/delete | Delete a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/write | Update a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/resources/read | List ResourceDetailsObject resources by Pool |
+
 ## Microsoft.LabServices
 
 Set up labs for classrooms, trials, development and testing, and other scenarios.

articles/role-based-access-control/resource-provider-operations.md

@@ -7,7 +7,7 @@ ms.workload: identity
 author: jenniferf-skc
 manager: pmwongera
 ms.author: jfields
-ms.date: 05/25/2025
+ms.date: 07/07/2025
 ms.custom: generated
 ---
 
@@ -232,6 +232,7 @@ Click the resource provider name in the following list to see the list of permis
 > | --- | --- | --- |
 > | [Microsoft.Chaos](./permissions/devops.md#microsoftchaos) |  | [Azure Chaos Studio](/azure/chaos-studio/) |
 > | [Microsoft.DevCenter](./permissions/devops.md#microsoftdevcenter) |  | [Azure Deployment Environments](/azure/deployment-environments/overview-what-is-azure-deployment-environments) |
+> | [Microsoft.DevOpsInfrastructure](./permissions/devops.md#microsoftdevopsinfrastructure) |  | [Managed DevOps Pools](/azure/devops/managed-devops-pools/overview) |
 > | [Microsoft.DevTestLab](./permissions/devops.md#microsoftdevtestlab) | Quickly create environments using reusable templates and artifacts. | [Azure Lab Services](/azure/lab-services/) |
 > | [Microsoft.LabServices](./permissions/devops.md#microsoftlabservices) | Set up labs for classrooms, trials, development and testing, and other scenarios. | [Azure Lab Services](/azure/lab-services/) |
 > | [Microsoft.LoadTestService](./permissions/devops.md#microsoftloadtestservice) |  | [Azure Load Testing](/azure/load-testing/) |