Back to Dashboard

Storage File Data SMB MI Admin

Azure Built-in Role

Role Information

Details and metadata

Role ID

a235d3ee-5935-4cfb-8cc5-a3303ad5995e

Type

BuiltInRole

Last Updated (Azure)

2025-09-11 15:45:14

Change History

Track all modifications to this role

Updated On

Event Type

Summary & Details

2025-09-11 15:45:14

Created

Show full JSON diff

+ {

+ "properties": {

+ "roleName": "Storage File Data SMB MI Admin",

+ "type": "BuiltInRole",

+ "description": "Allows for admin-level access for managed identities on files/directories in Azure file shares.",

+ "assignableScopes": [

+ "/"

+ ],

+ "permissions": [

+ {

+ "actions": [],

+ "notActions": [],

+ "dataActions": [

+ "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action",

+ "Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action",

+ "Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action",

+ "Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action"

+ ],

+ "notDataActions": []

+ }

+ ],

+ "createdOn": "2025-09-11T15:45:14.735Z",

+ "updatedOn": "2025-09-11T15:45:14.735Z",

+ "createdBy": null,

+ "updatedBy": null

+ },

+ "id": "/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e",

+ "type": "Microsoft.Authorization/roleDefinitions",

+ "name": "a235d3ee-5935-4cfb-8cc5-a3303ad5995e"

+ }

2025-09-11 15:45:14 Created

View details

+ {

+ "properties": {

+ "roleName": "Storage File Data SMB MI Admin",

+ "type": "BuiltInRole",

+ "description": "Allows for admin-level access for managed identities on files/directories in Azure file shares.",

+ "assignableScopes": [

+ "/"

+ ],

+ "permissions": [

+ {

+ "actions": [],

+ "notActions": [],

+ "dataActions": [

+ "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action",

+ "Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action",

+ "Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action",

+ "Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete",

+ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action"

+ ],

+ "notDataActions": []

+ }

+ ],

+ "createdOn": "2025-09-11T15:45:14.735Z",

+ "updatedOn": "2025-09-11T15:45:14.735Z",

+ "createdBy": null,

+ "updatedBy": null

+ },

+ "id": "/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e",

+ "type": "Microsoft.Authorization/roleDefinitions",

+ "name": "a235d3ee-5935-4cfb-8cc5-a3303ad5995e"

+ }

Latest Role JSON

Raw definition from Azure

{
  "properties": {
    "roleName": "Storage File Data SMB MI Admin",
    "type": "BuiltInRole",
    "description": "Allows for admin-level access for managed identities on files/directories in Azure file shares.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [],
        "notActions": [],
        "dataActions": [
          "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action",
          "Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action",
          "Microsoft.Storage/storageAccounts/fileServices/takeOwnership/action",
          "Microsoft.Storage/storageAccounts/fileServices/runAsBuiltInFileAdministrator/action",
          "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read",
          "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write",
          "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete",
          "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action"
        ],
        "notDataActions": []
      }
    ],
    "createdOn": "2025-09-11T15:45:14.735Z",
    "updatedOn": "2025-09-11T15:45:14.735Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/a235d3ee-5935-4cfb-8cc5-a3303ad5995e",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "a235d3ee-5935-4cfb-8cc5-a3303ad5995e"
}

Effective Permissions

Operations granted by this role (8 total)

Control Plane Operations (0)

No control plane operations granted

Data Plane Operations (8)