Role Information
Details and metadata
24208841-77f2-463a-ab3d-f8343716e8af
Change History
Track all modifications to this role since 2025-12-15 01:08:16+00:00
Updated On
Event Type
Summary & Details
2024-12-18 16:29:45
Initial Scan
Show full JSON
{
"properties": {
"roleName": "MySQL Access Administrator",
"type": "BuiltInRole",
"description": "Manage access to Azure MySQL flexible server by adding or removing role assignments for the MySQL Access Administrator, MySQL Control Plane, MySQL User Data Reader, or MySQL User Data Writer. Includes an ABAC condition to constrain role assignments.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/deployments/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{b5207fd742d340fa8cc6a7e189aef39e, abed7cd4f35843849d17def9303b3b53, 8894c184eeb645cc868a1be782055af3, 2420884177f2463aab3df8343716e8af})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{b5207fd742d340fa8cc6a7e189aef39e, abed7cd4f35843849d17def9303b3b53, 8894c184eeb645cc868a1be782055af3, 2420884177f2463aab3df8343716e8af}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-12-12T09:30:04.542Z",
"updatedOn": "2024-12-18T16:29:45.022Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/24208841-77f2-463a-ab3d-f8343716e8af",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "24208841-77f2-463a-ab3d-f8343716e8af"
}
2024-12-18 16:29:45
Initial Scan
View details
{
"properties": {
"roleName": "MySQL Access Administrator",
"type": "BuiltInRole",
"description": "Manage access to Azure MySQL flexible server by adding or removing role assignments for the MySQL Access Administrator, MySQL Control Plane, MySQL User Data Reader, or MySQL User Data Writer. Includes an ABAC condition to constrain role assignments.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/deployments/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{b5207fd742d340fa8cc6a7e189aef39e, abed7cd4f35843849d17def9303b3b53, 8894c184eeb645cc868a1be782055af3, 2420884177f2463aab3df8343716e8af})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{b5207fd742d340fa8cc6a7e189aef39e, abed7cd4f35843849d17def9303b3b53, 8894c184eeb645cc868a1be782055af3, 2420884177f2463aab3df8343716e8af}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-12-12T09:30:04.542Z",
"updatedOn": "2024-12-18T16:29:45.022Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/24208841-77f2-463a-ab3d-f8343716e8af",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "24208841-77f2-463a-ab3d-f8343716e8af"
}
Latest Role JSON
Raw definition from Azure
{
"properties": {
"roleName": "MySQL Access Administrator",
"type": "BuiltInRole",
"description": "Manage access to Azure MySQL flexible server by adding or removing role assignments for the MySQL Access Administrator, MySQL Control Plane, MySQL User Data Reader, or MySQL User Data Writer. Includes an ABAC condition to constrain role assignments.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/deployments/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{b5207fd742d340fa8cc6a7e189aef39e, abed7cd4f35843849d17def9303b3b53, 8894c184eeb645cc868a1be782055af3, 2420884177f2463aab3df8343716e8af})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{b5207fd742d340fa8cc6a7e189aef39e, abed7cd4f35843849d17def9303b3b53, 8894c184eeb645cc868a1be782055af3, 2420884177f2463aab3df8343716e8af}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-12-12T09:30:04.542Z",
"updatedOn": "2024-12-18T16:29:45.022Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/24208841-77f2-463a-ab3d-f8343716e8af",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "24208841-77f2-463a-ab3d-f8343716e8af"
}
Effective Permissions
Operations granted by this role (44 total)
Conditional Permissions
This role has conditions that may restrict effective permissions based on context (e.g., resource attributes, request properties).
Permission Patterns (from role definition)
Actions
6 patterns
Microsoft.Authorization/roleAssignments/write
Microsoft.Authorization/roleAssignments/delete
Microsoft.Authorization/*/read
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.Resources/subscriptions/read
Microsoft.Resources/deployments/*