Adding DevOps Infrastrucutre Contributor Role

jenniferf-skc · jenniferf-skc · commit c33f93372778 · 2025-07-07T11:41:34.000-06:00
diff --git a/articles/role-based-access-control/built-in-roles.md b/articles/role-based-access-control/built-in-roles.md
@@ -7,7 +7,7 @@ ms.workload: identity
 author: jenniferf-skc    
 manager: pmwongera
 ms.author: jfields
-ms.date: 07/02/2025
+ms.date: 07/07/2025
 ms.custom: generated
 ---
 
@@ -487,6 +487,7 @@ The following table provides a brief description of each built-in role. Click th
 > | <a name='deployment-environments-user'></a>[Deployment Environments User](./built-in-roles/devops.md#deployment-environments-user) | Provides access to manage environment resources. | 18e40d4e-8d2e-438d-97e1-9528336e149c |
 > | <a name='devcenter-dev-box-user'></a>[DevCenter Dev Box User](./built-in-roles/devops.md#devcenter-dev-box-user) | Provides access to create and manage dev boxes. | 45d50f46-0b78-4001-a660-4198cbe8cd05 |
 > | <a name='devcenter-project-admin'></a>[DevCenter Project Admin](./built-in-roles/devops.md#devcenter-project-admin) | Provides access to manage project resources. | 331c37c6-af14-46d9-b9f4-e1909e1b95a0 |
+> | <a name='devops-infrastructure-contributor-role'></a>[DevOps Infrastructure Contributor Role](./built-in-roles/devops.md#devops-infrastructure-contributor-role) | Read, write, delete and perform actions on Managed DevOps Pools | 76153a9e-0edb-49bc-8e01-93c47e6b5180 |
 > | <a name='devtest-labs-user'></a>[DevTest Labs User](./built-in-roles/devops.md#devtest-labs-user) | Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs. | 76283e04-6283-4c54-8f91-bcf1374a3c64 |
 > | <a name='lab-assistant'></a>[Lab Assistant](./built-in-roles/devops.md#lab-assistant) | Enables you to view an existing lab, perform actions on the lab VMs and send invitations to the lab. | ce40b423-cede-4313-a93f-9b28290b72e1 |
 > | <a name='lab-contributor'></a>[Lab Contributor](./built-in-roles/devops.md#lab-contributor) | Applied at lab level, enables you to manage the lab. Applied at a resource group, enables you to create and manage labs. | 5daaa2af-1fe8-407c-9122-bba179798270 |
diff --git a/articles/role-based-access-control/built-in-roles/devops.md b/articles/role-based-access-control/built-in-roles/devops.md
@@ -522,6 +522,89 @@ Provides access to manage project resources.
 }
 ```
 
+## DevOps Infrastructure Contributor Role
+
+Read, write, delete and perform actions on Managed DevOps Pools
+
+> [!div class="mx-tableFixed"]
+> | Actions | Description |
+> | --- | --- |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/register/action | Register the subscription for Microsoft.DevOpsInfrastructure |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/unregister/action | Unregister the subscription for Microsoft.DevOpsInfrastructure |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/*/read |  |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/Locations/OperationStatuses/write | write OperationStatuses |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/pools/write | Update a Pool |
+> | [Microsoft.DevOpsInfrastructure](../permissions/devops.md#microsoftdevopsinfrastructure)/pools/delete | Delete a Pool |
+> | [Microsoft.Authorization](../permissions/management-and-governance.md#microsoftauthorization)/*/read | Read roles and role assignments |
+> | [Microsoft.Insights](../permissions/monitor.md#microsoftinsights)/alertRules/* | Create and manage a classic metric alert |
+> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/deployments/* | Create and manage a deployment |
+> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/subscriptions/resourceGroups/read | Gets or lists resource groups. |
+> | **NotActions** |  |
+> | *none* |  |
+> | **DataActions** |  |
+> | *none* |  |
+> | **NotDataActions** |  |
+> | *none* |  |
+
+```json
+{
+  "assignableScopes": [
+    "/"
+  ],
+  "description": "Read, write, delete and perform actions on Managed DevOps Pools",
+  "id": "/providers/Microsoft.Authorization/roleDefinitions/76153a9e-0edb-49bc-8e01-93c47e6b5180",
+  "name": "76153a9e-0edb-49bc-8e01-93c47e6b5180",
+  "permissions": [
+    {
+      "actions": [
+        "Microsoft.DevOpsInfrastructure/register/action",
+        "Microsoft.DevOpsInfrastructure/unregister/action",
+        "Microsoft.DevOpsInfrastructure/*/read",
+        "Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write",
+        "Microsoft.DevOpsInfrastructure/pools/write",
+        "Microsoft.DevOpsInfrastructure/pools/delete",
+        "Microsoft.Authorization/*/read",
+        "Microsoft.Insights/alertRules/*",
+        "Microsoft.Resources/deployments/*",
+        "Microsoft.Resources/subscriptions/resourceGroups/read"
+      ],
+      "notActions": [],
+      "dataActions": [],
+      "notDataActions": []
+    }
+  ],
+  "roleName": "DevOps Infrastructure Contributor Role",
+  "roleType": "BuiltInRole",
+  "type": "Microsoft.Authorization/roleDefinitions"
+}
+```
+
+
+> | [Microsoft.DevOpsInfrastructure](./permissions/devops.md#microsoftdevopsinfrastructure) |  | [Managed DevOps Pools](/azure/devops/managed-devops-pools/overview) |
+
+## Microsoft.DevOpsInfrastructure
+
+Azure service: [Managed DevOps Pools](/azure/devops/managed-devops-pools/overview)
+
+> [!div class="mx-tableFixed"]
+> | Action | Description |
+> | --- | --- |
+> | Microsoft.DevOpsInfrastructure/register/action | Register the subscription for Microsoft.DevOpsInfrastructure |
+> | Microsoft.DevOpsInfrastructure/unregister/action | Unregister the subscription for Microsoft.DevOpsInfrastructure |
+> | Microsoft.DevOpsInfrastructure/images/versions/read | List ImageVersion resources by Image |
+> | Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/read | read OperationStatuses |
+> | Microsoft.DevOpsInfrastructure/Locations/OperationStatuses/write | write OperationStatuses |
+> | Microsoft.DevOpsInfrastructure/locations/skus/read | List ResourceSku resources by subscription ID |
+> | Microsoft.DevOpsInfrastructure/locations/usages/read | List Quota resources by subscription ID |
+> | Microsoft.DevOpsInfrastructure/Operations/read | read Operations |
+> | Microsoft.DevOpsInfrastructure/pools/read | List Pool resources by subscription ID |
+> | Microsoft.DevOpsInfrastructure/pools/read | List Pool resources by resource group |
+> | Microsoft.DevOpsInfrastructure/pools/read | Get a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/write | Create a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/delete | Delete a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/write | Update a Pool |
+> | Microsoft.DevOpsInfrastructure/pools/resources/read | List ResourceDetailsObject resources by Pool |
+
 ## DevTest Labs User
 
 Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.
