Back to Dashboard

Azure File Sync Administrator

Azure Built-in Role

Role Information

Details and metadata

Role ID
92b92042-07d9-4307-87f7-36a593fc5850
Type
BuiltInRole
Last Updated (Azure)
2025-11-12 16:16:32

Change History

Track all modifications to this role since 2025-12-15 01:08:16+00:00

2025-11-12 16:16:32 Initial Scan
View details 
{
  "properties": {
    "roleName": "Azure File Sync Administrator",
    "type": "BuiltInRole",
    "description": "Provides full access to manage all Azure File Sync (Storage Sync Service) resources.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.StorageSync/register/action",
          "Microsoft.StorageSync/unregister/action",
          "Microsoft.StorageSync/locations/*",
          "Microsoft.StorageSync/deployments/preflight/action",
          "Microsoft.StorageSync/storageSyncServices/*",
          "Microsoft.StorageSync/operations/read",
          "Microsoft.Authorization/roleAssignments/write",
          "Microsoft.Insights/AlertRules/*",
          "Microsoft.Resources/deployments/*",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.Storage/storageAccounts/read",
          "Microsoft.Storage/storageAccounts/fileServices/shares/read",
          "Microsoft.Storage/storageAccounts/fileServices/read",
          "Microsoft.Support/*",
          "Microsoft.Authorization/*/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": [],
        "Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {c12c1c16-33a1-487b-954d-41c89c60f349, 69566ab7-960f-475b-8e7c-b3118f30c6bd, 17d1049b-9a84-46fb-8f53-869881c3d3ab}))",
        "ConditionVersion": "2.0"
      }
    ],
    "createdOn": "2025-03-31T15:13:36.803Z",
    "updatedOn": "2025-11-12T16:16:32.973Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "92b92042-07d9-4307-87f7-36a593fc5850"
}

Latest Role JSON

Raw definition from Azure

{
  "properties": {
    "roleName": "Azure File Sync Administrator",
    "type": "BuiltInRole",
    "description": "Provides full access to manage all Azure File Sync (Storage Sync Service) resources.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.StorageSync/register/action",
          "Microsoft.StorageSync/unregister/action",
          "Microsoft.StorageSync/locations/*",
          "Microsoft.StorageSync/deployments/preflight/action",
          "Microsoft.StorageSync/storageSyncServices/*",
          "Microsoft.StorageSync/operations/read",
          "Microsoft.Authorization/roleAssignments/write",
          "Microsoft.Insights/AlertRules/*",
          "Microsoft.Resources/deployments/*",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.Storage/storageAccounts/read",
          "Microsoft.Storage/storageAccounts/fileServices/shares/read",
          "Microsoft.Storage/storageAccounts/fileServices/read",
          "Microsoft.Support/*",
          "Microsoft.Authorization/*/read"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": [],
        "Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {c12c1c16-33a1-487b-954d-41c89c60f349, 69566ab7-960f-475b-8e7c-b3118f30c6bd, 17d1049b-9a84-46fb-8f53-869881c3d3ab}))",
        "ConditionVersion": "2.0"
      }
    ],
    "createdOn": "2025-03-31T15:13:36.803Z",
    "updatedOn": "2025-11-12T16:16:32.973Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/92b92042-07d9-4307-87f7-36a593fc5850",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "92b92042-07d9-4307-87f7-36a593fc5850"
}

Effective Permissions

Operations granted by this role (108 total)

Conditional Permissions

This role has conditions that may restrict effective permissions based on context (e.g., resource attributes, request properties).

Permission Patterns (from role definition)

Actions 15 patterns
Microsoft.StorageSync/register/action Microsoft.StorageSync/unregister/action Microsoft.StorageSync/locations/* Microsoft.StorageSync/deployments/preflight/action Microsoft.StorageSync/storageSyncServices/* Microsoft.StorageSync/operations/read Microsoft.Authorization/roleAssignments/write Microsoft.Insights/AlertRules/* Microsoft.Resources/deployments/* Microsoft.Resources/subscriptions/resourceGroups/read Microsoft.Storage/storageAccounts/read Microsoft.Storage/storageAccounts/fileServices/shares/read Microsoft.Storage/storageAccounts/fileServices/read Microsoft.Support/* Microsoft.Authorization/*/read

Control Plane Operations (108)

Data Plane Operations (0)

No data plane operations granted