Merge pull request #268275 from sshankMSFT/docs-editor/storage-task-assignment-create-1709750162

Update details on roles, permissions and other improvements in Storage Tasks documentation

Author: prmerger-automator[bot]

articles/event-grid/event-schema-storage-actions.md

@@ -14,8 +14,6 @@ This article provides the properties and schema for Azure Storage Actions events
 > [!IMPORTANT]
 > Azure Storage Actions is currently in PREVIEW and is available these [regions](../storage-actions/overview.md#supported-regions).
 > See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
-> To enroll, see \<sign-up form link here\>.
-
 ## Available event types
 
 ## Storage Actions events

articles/storage-actions/storage-tasks/storage-task-assignment-create.md

@@ -68,7 +68,7 @@ The following table describes each field in the **Select Scope** section:
 
 ## Add a role assignment
 
-In the **Role assignment** section, in the **Role** drop-down list, select the role that you want to assign to the system-assigned managed identity of the storage task. Only roles that are assigned to your user identity appear in this drop-down list. Roles not assigned to your user identity do not appear in this list. To learn more, see [Azure roles for storage tasks](storage-task-authorization-roles.md)
+In the **Role assignment** section, in the **Role** drop-down list, select the role that you want to assign to the system-assigned managed identity of the storage task. To ensure a successful task assignment, use roles that have the Blob Data Owner permissions. To learn more, see [Azure roles for storage tasks](storage-task-authorization-roles.md)
 
 > [!div class="mx-imgBorder"]
 > ![Screenshot of the Role assignment section of the assignment pane.](../media/storage-tasks/storage-task-assignment-create/assignment-role.png)

articles/storage-actions/storage-tasks/storage-task-authorization-roles.md

@@ -53,13 +53,13 @@ The following table shows the least privileged built-in Azure role as well as th
 
 | Permission | Built-in role | RBAC actions for a custom role |
 |---|---|---|
-| SetBlobTier | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner)| Microsoft.Storage/storageAccounts/blobServices/read<br>Microsoft.Storage/storageAccounts/blobServices/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/delete |
-| SetBlobExpiry | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) | Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write |
-| SetBlobTags | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) | Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write |
-| SetBlobImmutabilityPolicy | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) | Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/delete<br>Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/extend/action<br>Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/lock/action |
-| SetBlobLegalHold | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) | Microsoft.Storage/storageAccounts/blobServices/containers/setLegalHold/action<br>Microsoft.Storage/storageAccounts/blobServices/containers/clearLegalHold/action |
-| DeleteBlob | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) | Microsoft.Storage/storageAccounts/blobServices/containers/delete |
-| UndeleteBlob | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) | Microsoft.Storage/storageAccounts/blobServices/containers/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/delete |
+| SetBlobTier | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner)|Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write
+| SetBlobExpiry | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) |Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write |
+| SetBlobTags | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) |Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write |
+| SetBlobImmutabilityPolicy | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) |Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/write |
+| SetBlobLegalHold | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) |Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/write |
+| DeleteBlob | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) |Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete |
+| UndeleteBlob | [Storage Blob Data Owner](../../role-based-access-control/built-in-roles.md#storage-blob-data-owner) |Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read<br>Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write<br>Microsoft.Storage/storageAccounts/blobServices/containers/write |
 
 ## See also