Managed HSM contributor - Azure Built-in Role Definition (18500a29-7fe2-46b2-a342-b16a415e101d)

Role Information

Details and metadata

Role ID

18500a29-7fe2-46b2-a342-b16a415e101d

Type

BuiltInRole

Last Updated (Azure)

2022-03-07 20:20:03

Change History

Track all modifications to this role

Updated On

Event Type

Summary & Details

2022-03-07 20:20:03

Initial Scan

Show full JSON

{
  "properties": {
    "roleName": "Managed HSM contributor",
    "type": "BuiltInRole",
    "description": "Lets you manage managed HSM pools, but not access to them.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.KeyVault/managedHSMs/*",
          "Microsoft.KeyVault/deletedManagedHsms/read",
          "Microsoft.KeyVault/locations/deletedManagedHsms/read",
          "Microsoft.KeyVault/locations/deletedManagedHsms/purge/action",
          "Microsoft.KeyVault/locations/managedHsmOperationResults/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2020-09-16T21:47:01.129Z",
    "updatedOn": "2022-03-07T20:20:03.178Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "18500a29-7fe2-46b2-a342-b16a415e101d"
}

2022-03-07 20:20:03 Initial Scan

View details

{
  "properties": {
    "roleName": "Managed HSM contributor",
    "type": "BuiltInRole",
    "description": "Lets you manage managed HSM pools, but not access to them.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.KeyVault/managedHSMs/*",
          "Microsoft.KeyVault/deletedManagedHsms/read",
          "Microsoft.KeyVault/locations/deletedManagedHsms/read",
          "Microsoft.KeyVault/locations/deletedManagedHsms/purge/action",
          "Microsoft.KeyVault/locations/managedHsmOperationResults/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2020-09-16T21:47:01.129Z",
    "updatedOn": "2022-03-07T20:20:03.178Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "18500a29-7fe2-46b2-a342-b16a415e101d"
}

Latest Role JSON

Raw definition from Azure

{
  "properties": {
    "roleName": "Managed HSM contributor",
    "type": "BuiltInRole",
    "description": "Lets you manage managed HSM pools, but not access to them.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.KeyVault/managedHSMs/*",
          "Microsoft.KeyVault/deletedManagedHsms/read",
          "Microsoft.KeyVault/locations/deletedManagedHsms/read",
          "Microsoft.KeyVault/locations/deletedManagedHsms/purge/action",
          "Microsoft.KeyVault/locations/managedHsmOperationResults/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2020-09-16T21:47:01.129Z",
    "updatedOn": "2022-03-07T20:20:03.178Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/18500a29-7fe2-46b2-a342-b16a415e101d",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "18500a29-7fe2-46b2-a342-b16a415e101d"
}

Effective Permissions

Operations granted by this role (23 total)

Permission Patterns (from role definition)

Actions 5 patterns

Microsoft.KeyVault/managedHSMs/* Microsoft.KeyVault/deletedManagedHsms/read Microsoft.KeyVault/locations/deletedManagedHsms/read Microsoft.KeyVault/locations/deletedManagedHsms/purge/action Microsoft.KeyVault/locations/managedHsmOperationResults/read

Control Plane Operations (23)

Data Plane Operations (0)

No data plane operations granted