Merge pull request #292727 from Bradben/quantum-roles

prmerger-automator[bot] · web-flow · commit 7f1c4539d5f3 · 2025-01-08T02:41:45.000Z
Add new pages for quantum service roles
diff --git a/articles/role-based-access-control/built-in-roles.md b/articles/role-based-access-control/built-in-roles.md
@@ -7,7 +7,7 @@ ms.workload: identity
 author: rolyon
 manager: amycolannino
 ms.author: rolyon
-ms.date: 12/12/2024
+ms.date: 01/07/2025
 ms.custom: generated
 ---
 
@@ -67,6 +67,7 @@ The following table provides a brief description of each built-in role. Click th
 > | <a name='disk-pool-operator'></a>[Disk Pool Operator](./built-in-roles/compute.md#disk-pool-operator) | Provide permission to StoragePool Resource Provider to manage disks added to a disk pool. | 60fc6e62-5479-42d4-8bf4-67625fcc2840 |
 > | <a name='disk-restore-operator'></a>[Disk Restore Operator](./built-in-roles/compute.md#disk-restore-operator) | Provides permission to backup vault to perform disk restore. | b50d9833-a0cb-478e-945f-707fcc997c13 |
 > | <a name='disk-snapshot-contributor'></a>[Disk Snapshot Contributor](./built-in-roles/compute.md#disk-snapshot-contributor) | Provides permission to backup vault to manage disk snapshots. | 7efff54f-a5b4-42b5-a1c5-5411624893ce |
+> | <a name='quantum-workspace-data-contributor'></a>[Quantum Workspace Data Contributor](./built-in-roles/compute.md#quantum-workspace-data-contributor) | Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change. | c1410b24-3e69-4857-8f86-4d0a2e603250 |
 > | <a name='virtual-machine-administrator-login'></a>[Virtual Machine Administrator Login](./built-in-roles/compute.md#virtual-machine-administrator-login) | View Virtual Machines in the portal and login as administrator | 1c0163c0-47e6-4577-8991-ea5c82e286e4 |
 > | <a name='virtual-machine-contributor'></a>[Virtual Machine Contributor](./built-in-roles/compute.md#virtual-machine-contributor) | Create and manage virtual machines, manage disks, install and run software, reset password of the root user of the virtual machine using VM extensions, and manage local user accounts using VM extensions. This role does not grant you management access to the virtual network or storage account the virtual machines are connected to. This role does not allow you to assign roles in Azure RBAC. | 9980e02c-c2be-4d73-94e8-173b1dc7cf3c |
 > | <a name='virtual-machine-data-access-administrator-preview'></a>[Virtual Machine Data Access Administrator (preview)](./built-in-roles/compute.md#virtual-machine-data-access-administrator-preview) | Manage access to Virtual Machines by adding or removing role assignments for the Virtual Machine Administrator Login and Virtual Machine User Login roles. Includes an ABAC condition to constrain role assignments. | 66f75aeb-eabe-4b70-9f1e-c350c4c9ad04 |
@@ -537,6 +538,7 @@ The following table provides a brief description of each built-in role. Click th
 > | <a name='azure-stack-registration-owner'></a>[Azure Stack Registration Owner](./built-in-roles/hybrid-multicloud.md#azure-stack-registration-owner) | Lets you manage Azure Stack registrations. | 6f12a6df-dd06-4f3e-bcb1-ce8be600526a |
 > | <a name='hybrid-server-resource-administrator'></a>[Hybrid Server Resource Administrator](./built-in-roles/hybrid-multicloud.md#hybrid-server-resource-administrator) | Can read, write, delete, and re-onboard Hybrid servers to the Hybrid Resource Provider. | 48b40c6e-82e0-4eb3-90d5-19e40f49b624 |
 
+
 ## Next steps
 
 - [Assign Azure roles using the Azure portal](/azure/role-based-access-control/role-assignments-portal)
diff --git a/articles/role-based-access-control/built-in-roles/compute.md b/articles/role-based-access-control/built-in-roles/compute.md
@@ -1544,6 +1544,61 @@ Provides permission to backup vault to manage disk snapshots.
 }
 ```
 
+## Quantum Workspace Data Contributor
+
+Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.
+
+[Learn more](/azure/quantum/manage-workspace-access)
+
+> [!div class="mx-tableFixed"]
+> | Actions | Description |
+> | --- | --- |
+> | [Microsoft.Authorization](../permissions/management-and-governance.md#microsoftauthorization)/*/read | Read roles and role assignments |
+> | [Microsoft.Insights](../permissions/monitor.md#microsoftinsights)/alertRules/* | Create and manage a classic metric alert |
+> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/deployments/* | Create and manage a deployment |
+> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/subscriptions/resourceGroups/read | Gets or lists resource groups. |
+> | [Microsoft.Quantum](../permissions/compute.md#microsoftquantum)/Workspaces/read | Read Workspace |
+> | [Microsoft.Quantum](../permissions/compute.md#microsoftquantum)/locations/offerings/read | Read providers supported |
+> | **NotActions** |  |
+> | *none* |  |
+> | **DataActions** |  |
+> | [Microsoft.Quantum](../permissions/compute.md#microsoftquantum)/Workspaces/jobs/read | Read jobs and other data |
+> | [Microsoft.Quantum](../permissions/compute.md#microsoftquantum)/Workspaces/jobs/write | Write jobs and other data |
+> | **NotDataActions** |  |
+> | *none* |  |
+
+```json
+{
+  "assignableScopes": [
+    "/"
+  ],
+  "description": "Create, read, and modify jobs and other Workspace data. This role is in preview and subject to change.",
+  "id": "/providers/Microsoft.Authorization/roleDefinitions/c1410b24-3e69-4857-8f86-4d0a2e603250",
+  "name": "c1410b24-3e69-4857-8f86-4d0a2e603250",
+  "permissions": [
+    {
+      "actions": [
+        "Microsoft.Authorization/*/read",
+        "Microsoft.Insights/alertRules/*",
+        "Microsoft.Resources/deployments/*",
+        "Microsoft.Resources/subscriptions/resourceGroups/read",
+        "Microsoft.Quantum/Workspaces/read",
+        "Microsoft.Quantum/locations/offerings/read"
+      ],
+      "notActions": [],
+      "dataActions": [
+        "Microsoft.Quantum/Workspaces/jobs/read",
+        "Microsoft.Quantum/Workspaces/jobs/write"
+      ],
+      "notDataActions": []
+    }
+  ],
+  "roleName": "Quantum Workspace Data Contributor",
+  "roleType": "BuiltInRole",
+  "type": "Microsoft.Authorization/roleDefinitions"
+}
+```
+
 ## Virtual Machine Administrator Login
 
 View Virtual Machines in the portal and login as administrator
diff --git a/articles/role-based-access-control/permissions/compute.md b/articles/role-based-access-control/permissions/compute.md
@@ -1150,6 +1150,24 @@ Azure service: [Azure Virtual Desktop](/azure/virtual-desktop/)
 > | Microsoft.DesktopVirtualization/appattachpackages/useapplications/action | Allow user permissioning on app attach packages in an application group |
 > | Microsoft.DesktopVirtualization/applicationgroups/useapplications/action | Use ApplicationGroup |
 
+## Microsoft.Quantum
+
+Azure service: [Azure Quantum](/azure/quantum/overview-azure-quantum)
+
+> [!div class="mx-tableFixed"]
+> | Action | Description |
+> | --- | --- |
+> | Microsoft.Quantum/register/action | Registers the subscription for the quantum resource provider and enables the creation of quantum workspaces. |
+> | Microsoft.Quantum/locations/offerings/read | Read providers supported |
+> | Microsoft.Quantum/Workspaces/read | Read Workspace |
+> | Microsoft.Quantum/Workspaces/write | Writes Workspace |
+> | Microsoft.Quantum/Workspaces/delete | Deletes Workspace |
+> | Microsoft.Quantum/Workspaces/regenerateKey/action | Regenerate workspace api key |
+> | Microsoft.Quantum/Workspaces/listKeys/action | List workspace api keys |
+> | **DataAction** | **Description** |
+> | Microsoft.Quantum/Workspaces/jobs/read | Read jobs and other data |
+> | Microsoft.Quantum/Workspaces/jobs/write | Write jobs and other data |
+
 ## Microsoft.ServiceFabric
 
 Develop microservices and orchestrate containers on Windows or Linux.
diff --git a/articles/role-based-access-control/resource-provider-operations.md b/articles/role-based-access-control/resource-provider-operations.md
@@ -47,6 +47,7 @@ Click the resource provider name in the following list to see the list of permis
 > | [Microsoft.ComputeSchedule](./permissions/compute.md#microsoftcomputeschedule) |  | [Azure Virtual Desktop](/azure/virtual-desktop/overview) |
 > | [microsoft.connectedvmwarevsphere](./permissions/compute.md#microsoftconnectedvmwarevsphere) |  | [Azure Arc-enabled VMware vSphere](/azure/azure-arc/vmware-vsphere/) |
 > | [Microsoft.DesktopVirtualization](./permissions/compute.md#microsoftdesktopvirtualization) | The best virtual desktop experience, delivered on Azure. | [Azure Virtual Desktop](/azure/virtual-desktop/) |
+> | [Microsoft.Quantum](./permissions/compute.md#microsoftquantum) |  | [Azure Quantum](/azure/quantum/overview-azure-quantum) |
 > | [Microsoft.ServiceFabric](./permissions/compute.md#microsoftservicefabric) | Develop microservices and orchestrate containers on Windows or Linux. | [Service Fabric](/azure/service-fabric/) |
 
 <a name='microsoftnetwork'></a>
