Role Information
Details and metadata
30b3bcf2-670a-4bdc-8669-7e0ae0c0dfda
Change History
Track all modifications to this role
Updated On
Event Type
Summary & Details
2024-06-24 15:12:46
Initial Scan
Show full JSON
{
"properties": {
"roleName": "Quantum Workspace Owner",
"type": "BuiltInRole",
"description": "Allows creating an Azure Quantum Workspace with a linked Storage Account with any Providers. Includes an ABAC condition to constrain role assignments.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Quantum/*",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/read",
"Microsoft.Storage/storageAccounts/fileServices/write",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/resourceGroups/write",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Management/managementGroups/read",
"Microsoft.Support/*",
"Microsoft.Solutions/applications/read",
"Microsoft.Solutions/register/action",
"Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/*"
],
"notActions": [],
"dataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
],
"notDataActions": []
},
{
"actions": [
"Microsoft.Authorization/roleAssignments/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{17d1049b-9a84-46fb-8f53-869881c3d3ab}",
"ConditionVersion": "2.0"
},
{
"actions": [
"Microsoft.Authorization/roleAssignments/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{17d1049b-9a84-46fb-8f53-869881c3d3ab}",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-04-08T15:07:50.507Z",
"updatedOn": "2024-06-24T15:12:46.718Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/30b3bcf2-670a-4bdc-8669-7e0ae0c0dfda",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "30b3bcf2-670a-4bdc-8669-7e0ae0c0dfda"
}
2024-06-24 15:12:46
Initial Scan
View details
{
"properties": {
"roleName": "Quantum Workspace Owner",
"type": "BuiltInRole",
"description": "Allows creating an Azure Quantum Workspace with a linked Storage Account with any Providers. Includes an ABAC condition to constrain role assignments.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Quantum/*",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/read",
"Microsoft.Storage/storageAccounts/fileServices/write",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/resourceGroups/write",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Management/managementGroups/read",
"Microsoft.Support/*",
"Microsoft.Solutions/applications/read",
"Microsoft.Solutions/register/action",
"Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/*"
],
"notActions": [],
"dataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
],
"notDataActions": []
},
{
"actions": [
"Microsoft.Authorization/roleAssignments/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{17d1049b-9a84-46fb-8f53-869881c3d3ab}",
"ConditionVersion": "2.0"
},
{
"actions": [
"Microsoft.Authorization/roleAssignments/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{17d1049b-9a84-46fb-8f53-869881c3d3ab}",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-04-08T15:07:50.507Z",
"updatedOn": "2024-06-24T15:12:46.718Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/30b3bcf2-670a-4bdc-8669-7e0ae0c0dfda",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "30b3bcf2-670a-4bdc-8669-7e0ae0c0dfda"
}
Latest Role JSON
Raw definition from Azure
{
"properties": {
"roleName": "Quantum Workspace Owner",
"type": "BuiltInRole",
"description": "Allows creating an Azure Quantum Workspace with a linked Storage Account with any Providers. Includes an ABAC condition to constrain role assignments.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Quantum/*",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/read",
"Microsoft.Storage/storageAccounts/fileServices/write",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/resourceGroups/write",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Management/managementGroups/read",
"Microsoft.Support/*",
"Microsoft.Solutions/applications/read",
"Microsoft.Solutions/register/action",
"Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/*"
],
"notActions": [],
"dataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
],
"notDataActions": []
},
{
"actions": [
"Microsoft.Authorization/roleAssignments/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{17d1049b-9a84-46fb-8f53-869881c3d3ab}",
"ConditionVersion": "2.0"
},
{
"actions": [
"Microsoft.Authorization/roleAssignments/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{17d1049b-9a84-46fb-8f53-869881c3d3ab}",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-04-08T15:07:50.507Z",
"updatedOn": "2024-06-24T15:12:46.718Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/30b3bcf2-670a-4bdc-8669-7e0ae0c0dfda",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "30b3bcf2-670a-4bdc-8669-7e0ae0c0dfda"
}
Effective Permissions
Operations granted by this role (94 total)
Conditional Permissions
This role has conditions that may restrict effective permissions based on context (e.g., resource attributes, request properties).
Permission Patterns (from role definition)
Actions
23 patterns
Microsoft.ResourceHealth/availabilityStatuses/read
Microsoft.Authorization/*/read
Microsoft.Insights/alertRules/*
Microsoft.Resources/deployments/*
Microsoft.Quantum/*
Microsoft.Storage/storageAccounts/listKeys/action
Microsoft.Storage/storageAccounts/write
Microsoft.Storage/storageAccounts/read
Microsoft.Storage/storageAccounts/blobServices/containers/delete
Microsoft.Storage/storageAccounts/blobServices/containers/read
Microsoft.Storage/storageAccounts/blobServices/containers/write
Microsoft.Storage/storageAccounts/blobServices/read
Microsoft.Storage/storageAccounts/fileServices/write
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.Resources/subscriptions/resourceGroups/write
Microsoft.Resources/subscriptions/read
Microsoft.Management/managementGroups/read
Microsoft.Support/*
Microsoft.Solutions/applications/read
Microsoft.Solutions/register/action
Microsoft.MarketplaceOrdering/offertypes/publishers/offers/plans/agreements/*
Microsoft.Authorization/roleAssignments/write
Microsoft.Authorization/roleAssignments/delete
Data Actions
3 patterns
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write
Control Plane Operations (91)
No matching operations
/ shown
Data Plane Operations (3)
No matching operations
/ shown