Role Information
Details and metadata
4c6569b6-f23e-4295-9b90-bd4cc4ff3292
Change History
Track all modifications to this role
Updated On
Event Type
Summary & Details
2025-07-07 15:00:15
Initial Scan
Show full JSON
{
"properties": {
"roleName": "DevCenter Owner",
"type": "BuiltInRole",
"description": "Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.DevCenter/*",
"Microsoft.Authorization/*/read",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2025-06-18T15:29:44.642Z",
"updatedOn": "2025-07-07T15:00:15.297Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "4c6569b6-f23e-4295-9b90-bd4cc4ff3292"
}
2025-07-07 15:00:15
Initial Scan
View details
{
"properties": {
"roleName": "DevCenter Owner",
"type": "BuiltInRole",
"description": "Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.DevCenter/*",
"Microsoft.Authorization/*/read",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2025-06-18T15:29:44.642Z",
"updatedOn": "2025-07-07T15:00:15.297Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "4c6569b6-f23e-4295-9b90-bd4cc4ff3292"
}
Latest Role JSON
Raw definition from Azure
{
"properties": {
"roleName": "DevCenter Owner",
"type": "BuiltInRole",
"description": "Provides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.DevCenter/*",
"Microsoft.Authorization/*/read",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{331c37c6-af14-46d9-b9f4-e1909e1b95a0, 45d50f46-0b78-4001-a660-4198cbe8cd05}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2025-06-18T15:29:44.642Z",
"updatedOn": "2025-07-07T15:00:15.297Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/4c6569b6-f23e-4295-9b90-bd4cc4ff3292",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "4c6569b6-f23e-4295-9b90-bd4cc4ff3292"
}
Effective Permissions
Operations granted by this role (125 total)
Conditional Permissions
This role has conditions that may restrict effective permissions based on context (e.g., resource attributes, request properties).
Permission Patterns (from role definition)
Actions
6 patterns
Microsoft.DevCenter/*
Microsoft.Authorization/*/read
Microsoft.Authorization/roleAssignments/write
Microsoft.Authorization/roleAssignments/delete
Microsoft.Resources/deployments/*
Microsoft.Resources/subscriptions/resourceGroups/read