Azure Container Storage Operator - Azure Built-in Role Definition (08d4c71a-cc63-4ce4-a9c8-5dd251b4d619)

Role Information

Details and metadata

Role ID

08d4c71a-cc63-4ce4-a9c8-5dd251b4d619

Type

BuiltInRole

Last Updated (Azure)

2024-03-25 15:06:22

Change History

Track all modifications to this role

Updated On

Event Type

Summary & Details

2025-12-14 23:49:13

Initial Scan

Show full JSON

{
  "properties": {
    "roleName": "Azure Container Storage Operator",
    "type": "BuiltInRole",
    "description": "Role required by a Managed Identity for Azure Container Storage operations",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.ElasticSan/elasticSans/*",
          "Microsoft.ElasticSan/locations/asyncoperations/read",
          "Microsoft.Network/routeTables/join/action",
          "Microsoft.Network/networkSecurityGroups/join/action",
          "Microsoft.Network/virtualNetworks/write",
          "Microsoft.Network/virtualNetworks/delete",
          "Microsoft.Network/virtualNetworks/join/action",
          "Microsoft.Network/virtualNetworks/subnets/read",
          "Microsoft.Network/virtualNetworks/subnets/write",
          "Microsoft.Compute/virtualMachines/read",
          "Microsoft.Compute/virtualMachines/write",
          "Microsoft.Compute/virtualMachineScaleSets/read",
          "Microsoft.Compute/virtualMachineScaleSets/write",
          "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write",
          "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read",
          "Microsoft.Resources/subscriptions/providers/read",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.Network/virtualNetworks/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2024-03-08T18:26:30.755Z",
    "updatedOn": "2024-03-25T15:06:22.61Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "08d4c71a-cc63-4ce4-a9c8-5dd251b4d619"
}

2025-12-14 23:49:13 Initial Scan

View details

{
  "properties": {
    "roleName": "Azure Container Storage Operator",
    "type": "BuiltInRole",
    "description": "Role required by a Managed Identity for Azure Container Storage operations",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.ElasticSan/elasticSans/*",
          "Microsoft.ElasticSan/locations/asyncoperations/read",
          "Microsoft.Network/routeTables/join/action",
          "Microsoft.Network/networkSecurityGroups/join/action",
          "Microsoft.Network/virtualNetworks/write",
          "Microsoft.Network/virtualNetworks/delete",
          "Microsoft.Network/virtualNetworks/join/action",
          "Microsoft.Network/virtualNetworks/subnets/read",
          "Microsoft.Network/virtualNetworks/subnets/write",
          "Microsoft.Compute/virtualMachines/read",
          "Microsoft.Compute/virtualMachines/write",
          "Microsoft.Compute/virtualMachineScaleSets/read",
          "Microsoft.Compute/virtualMachineScaleSets/write",
          "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write",
          "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read",
          "Microsoft.Resources/subscriptions/providers/read",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.Network/virtualNetworks/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2024-03-08T18:26:30.755Z",
    "updatedOn": "2024-03-25T15:06:22.61Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "08d4c71a-cc63-4ce4-a9c8-5dd251b4d619"
}

Latest Role JSON

Raw definition from Azure

{
  "properties": {
    "roleName": "Azure Container Storage Operator",
    "type": "BuiltInRole",
    "description": "Role required by a Managed Identity for Azure Container Storage operations",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.ElasticSan/elasticSans/*",
          "Microsoft.ElasticSan/locations/asyncoperations/read",
          "Microsoft.Network/routeTables/join/action",
          "Microsoft.Network/networkSecurityGroups/join/action",
          "Microsoft.Network/virtualNetworks/write",
          "Microsoft.Network/virtualNetworks/delete",
          "Microsoft.Network/virtualNetworks/join/action",
          "Microsoft.Network/virtualNetworks/subnets/read",
          "Microsoft.Network/virtualNetworks/subnets/write",
          "Microsoft.Compute/virtualMachines/read",
          "Microsoft.Compute/virtualMachines/write",
          "Microsoft.Compute/virtualMachineScaleSets/read",
          "Microsoft.Compute/virtualMachineScaleSets/write",
          "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write",
          "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read",
          "Microsoft.Resources/subscriptions/providers/read",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.Network/virtualNetworks/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2024-03-08T18:26:30.755Z",
    "updatedOn": "2024-03-25T15:06:22.61Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/08d4c71a-cc63-4ce4-a9c8-5dd251b4d619",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "08d4c71a-cc63-4ce4-a9c8-5dd251b4d619"
}

Effective Permissions

Operations granted by this role (41 total)

Permission Patterns (from role definition)

Actions 18 patterns

Microsoft.ElasticSan/elasticSans/* Microsoft.ElasticSan/locations/asyncoperations/read Microsoft.Network/routeTables/join/action Microsoft.Network/networkSecurityGroups/join/action Microsoft.Network/virtualNetworks/write Microsoft.Network/virtualNetworks/delete Microsoft.Network/virtualNetworks/join/action Microsoft.Network/virtualNetworks/subnets/read Microsoft.Network/virtualNetworks/subnets/write Microsoft.Compute/virtualMachines/read Microsoft.Compute/virtualMachines/write Microsoft.Compute/virtualMachineScaleSets/read Microsoft.Compute/virtualMachineScaleSets/write Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read Microsoft.Resources/subscriptions/providers/read Microsoft.Resources/subscriptions/resourceGroups/read Microsoft.Network/virtualNetworks/read

Control Plane Operations (41)

Data Plane Operations (0)

No data plane operations granted