Desktop Virtualization Virtual Machine Contributor - Azure Built-in Role Definition (a959dbd1-f747-45e3-8ba6-dd80f235f97c)

Role Information

Details and metadata

Role ID

a959dbd1-f747-45e3-8ba6-dd80f235f97c

Type

BuiltInRole

Last Updated (Azure)

2024-09-12 15:33:56

Change History

Track all modifications to this role since 2025-12-15 01:08:16+00:00

Updated On

Event Type

Summary & Details

2024-09-12 15:33:56

Initial Scan

Show full JSON

{
  "properties": {
    "roleName": "Desktop Virtualization Virtual Machine Contributor",
    "type": "BuiltInRole",
    "description": "This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.DesktopVirtualization/hostpools/read",
          "Microsoft.DesktopVirtualization/hostpools/write",
          "Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/read",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/write",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read",
          "Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action",
          "Microsoft.Compute/availabilitySets/read",
          "Microsoft.Compute/availabilitySets/write",
          "Microsoft.Compute/availabilitySets/vmSizes/read",
          "Microsoft.Compute/disks/read",
          "Microsoft.Compute/disks/write",
          "Microsoft.Compute/disks/delete",
          "Microsoft.Compute/galleries/read",
          "Microsoft.Compute/galleries/images/read",
          "Microsoft.Compute/galleries/images/versions/read",
          "Microsoft.Compute/images/read",
          "Microsoft.Compute/locations/usages/read",
          "Microsoft.Compute/locations/vmSizes/read",
          "Microsoft.Compute/operations/read",
          "Microsoft.Compute/skus/read",
          "Microsoft.Compute/virtualMachines/read",
          "Microsoft.Compute/virtualMachines/write",
          "Microsoft.Compute/virtualMachines/delete",
          "Microsoft.Compute/virtualMachines/start/action",
          "Microsoft.Compute/virtualMachines/powerOff/action",
          "Microsoft.Compute/virtualMachines/restart/action",
          "Microsoft.Compute/virtualMachines/deallocate/action",
          "Microsoft.Compute/virtualMachines/runCommand/action",
          "Microsoft.Compute/virtualMachines/extensions/read",
          "Microsoft.Compute/virtualMachines/extensions/write",
          "Microsoft.Compute/virtualMachines/extensions/delete",
          "Microsoft.Compute/virtualMachines/runCommands/read",
          "Microsoft.Compute/virtualMachines/runCommands/write",
          "Microsoft.Compute/virtualMachines/vmSizes/read",
          "Microsoft.Network/networkSecurityGroups/read",
          "Microsoft.Network/networkInterfaces/write",
          "Microsoft.Network/networkInterfaces/read",
          "Microsoft.Network/networkInterfaces/join/action",
          "Microsoft.Network/networkInterfaces/delete",
          "Microsoft.Network/virtualNetworks/subnets/read",
          "Microsoft.Network/virtualNetworks/subnets/join/action",
          "Microsoft.Network/virtualNetworks/usages/read",
          "Microsoft.Network/virtualNetworks/read",
          "Microsoft.Network/networkSecurityGroups/read",
          "Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read",
          "Microsoft.KeyVault/vaults/deploy/action",
          "Microsoft.Storage/storageAccounts/read",
          "Microsoft.Authorization/*/read",
          "Microsoft.Insights/alertRules/*",
          "Microsoft.Resources/deployments/*",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.DesktopVirtualization/scalingPlans/read",
          "Microsoft.DesktopVirtualization/scalingPlans/write"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2022-06-28T23:42:01.805Z",
    "updatedOn": "2024-09-12T15:33:56.027Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "a959dbd1-f747-45e3-8ba6-dd80f235f97c"
}

2024-09-12 15:33:56 Initial Scan

View details

{
  "properties": {
    "roleName": "Desktop Virtualization Virtual Machine Contributor",
    "type": "BuiltInRole",
    "description": "This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.DesktopVirtualization/hostpools/read",
          "Microsoft.DesktopVirtualization/hostpools/write",
          "Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/read",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/write",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read",
          "Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action",
          "Microsoft.Compute/availabilitySets/read",
          "Microsoft.Compute/availabilitySets/write",
          "Microsoft.Compute/availabilitySets/vmSizes/read",
          "Microsoft.Compute/disks/read",
          "Microsoft.Compute/disks/write",
          "Microsoft.Compute/disks/delete",
          "Microsoft.Compute/galleries/read",
          "Microsoft.Compute/galleries/images/read",
          "Microsoft.Compute/galleries/images/versions/read",
          "Microsoft.Compute/images/read",
          "Microsoft.Compute/locations/usages/read",
          "Microsoft.Compute/locations/vmSizes/read",
          "Microsoft.Compute/operations/read",
          "Microsoft.Compute/skus/read",
          "Microsoft.Compute/virtualMachines/read",
          "Microsoft.Compute/virtualMachines/write",
          "Microsoft.Compute/virtualMachines/delete",
          "Microsoft.Compute/virtualMachines/start/action",
          "Microsoft.Compute/virtualMachines/powerOff/action",
          "Microsoft.Compute/virtualMachines/restart/action",
          "Microsoft.Compute/virtualMachines/deallocate/action",
          "Microsoft.Compute/virtualMachines/runCommand/action",
          "Microsoft.Compute/virtualMachines/extensions/read",
          "Microsoft.Compute/virtualMachines/extensions/write",
          "Microsoft.Compute/virtualMachines/extensions/delete",
          "Microsoft.Compute/virtualMachines/runCommands/read",
          "Microsoft.Compute/virtualMachines/runCommands/write",
          "Microsoft.Compute/virtualMachines/vmSizes/read",
          "Microsoft.Network/networkSecurityGroups/read",
          "Microsoft.Network/networkInterfaces/write",
          "Microsoft.Network/networkInterfaces/read",
          "Microsoft.Network/networkInterfaces/join/action",
          "Microsoft.Network/networkInterfaces/delete",
          "Microsoft.Network/virtualNetworks/subnets/read",
          "Microsoft.Network/virtualNetworks/subnets/join/action",
          "Microsoft.Network/virtualNetworks/usages/read",
          "Microsoft.Network/virtualNetworks/read",
          "Microsoft.Network/networkSecurityGroups/read",
          "Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read",
          "Microsoft.KeyVault/vaults/deploy/action",
          "Microsoft.Storage/storageAccounts/read",
          "Microsoft.Authorization/*/read",
          "Microsoft.Insights/alertRules/*",
          "Microsoft.Resources/deployments/*",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.DesktopVirtualization/scalingPlans/read",
          "Microsoft.DesktopVirtualization/scalingPlans/write"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2022-06-28T23:42:01.805Z",
    "updatedOn": "2024-09-12T15:33:56.027Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "a959dbd1-f747-45e3-8ba6-dd80f235f97c"
}

Latest Role JSON

Raw definition from Azure

{
  "properties": {
    "roleName": "Desktop Virtualization Virtual Machine Contributor",
    "type": "BuiltInRole",
    "description": "This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.DesktopVirtualization/hostpools/read",
          "Microsoft.DesktopVirtualization/hostpools/write",
          "Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/read",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/write",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read",
          "Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action",
          "Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action",
          "Microsoft.Compute/availabilitySets/read",
          "Microsoft.Compute/availabilitySets/write",
          "Microsoft.Compute/availabilitySets/vmSizes/read",
          "Microsoft.Compute/disks/read",
          "Microsoft.Compute/disks/write",
          "Microsoft.Compute/disks/delete",
          "Microsoft.Compute/galleries/read",
          "Microsoft.Compute/galleries/images/read",
          "Microsoft.Compute/galleries/images/versions/read",
          "Microsoft.Compute/images/read",
          "Microsoft.Compute/locations/usages/read",
          "Microsoft.Compute/locations/vmSizes/read",
          "Microsoft.Compute/operations/read",
          "Microsoft.Compute/skus/read",
          "Microsoft.Compute/virtualMachines/read",
          "Microsoft.Compute/virtualMachines/write",
          "Microsoft.Compute/virtualMachines/delete",
          "Microsoft.Compute/virtualMachines/start/action",
          "Microsoft.Compute/virtualMachines/powerOff/action",
          "Microsoft.Compute/virtualMachines/restart/action",
          "Microsoft.Compute/virtualMachines/deallocate/action",
          "Microsoft.Compute/virtualMachines/runCommand/action",
          "Microsoft.Compute/virtualMachines/extensions/read",
          "Microsoft.Compute/virtualMachines/extensions/write",
          "Microsoft.Compute/virtualMachines/extensions/delete",
          "Microsoft.Compute/virtualMachines/runCommands/read",
          "Microsoft.Compute/virtualMachines/runCommands/write",
          "Microsoft.Compute/virtualMachines/vmSizes/read",
          "Microsoft.Network/networkSecurityGroups/read",
          "Microsoft.Network/networkInterfaces/write",
          "Microsoft.Network/networkInterfaces/read",
          "Microsoft.Network/networkInterfaces/join/action",
          "Microsoft.Network/networkInterfaces/delete",
          "Microsoft.Network/virtualNetworks/subnets/read",
          "Microsoft.Network/virtualNetworks/subnets/join/action",
          "Microsoft.Network/virtualNetworks/usages/read",
          "Microsoft.Network/virtualNetworks/read",
          "Microsoft.Network/networkSecurityGroups/read",
          "Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read",
          "Microsoft.KeyVault/vaults/deploy/action",
          "Microsoft.Storage/storageAccounts/read",
          "Microsoft.Authorization/*/read",
          "Microsoft.Insights/alertRules/*",
          "Microsoft.Resources/deployments/*",
          "Microsoft.Resources/subscriptions/resourceGroups/read",
          "Microsoft.DesktopVirtualization/scalingPlans/read",
          "Microsoft.DesktopVirtualization/scalingPlans/write"
        ],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
      }
    ],
    "createdOn": "2022-06-28T23:42:01.805Z",
    "updatedOn": "2024-09-12T15:33:56.027Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/a959dbd1-f747-45e3-8ba6-dd80f235f97c",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "a959dbd1-f747-45e3-8ba6-dd80f235f97c"
}

Effective Permissions

Operations granted by this role (99 total)

Permission Patterns (from role definition)

Actions 59 patterns

Microsoft.DesktopVirtualization/hostpools/read Microsoft.DesktopVirtualization/hostpools/write Microsoft.DesktopVirtualization/hostpools/retrieveRegistrationToken/action Microsoft.DesktopVirtualization/hostpools/sessionhosts/read Microsoft.DesktopVirtualization/hostpools/sessionhosts/write Microsoft.DesktopVirtualization/hostpools/sessionhosts/delete Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/read Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/disconnect/action Microsoft.DesktopVirtualization/hostpools/sessionhosts/usersessions/sendMessage/action Microsoft.DesktopVirtualization/hostpools/sessionHostConfigurations/read Microsoft.DesktopVirtualization/hostpools/doNotUseInternalAPI/action Microsoft.DesktopVirtualization/hostpools/sessionhosts/retryprovisioning/action Microsoft.Compute/availabilitySets/read Microsoft.Compute/availabilitySets/write Microsoft.Compute/availabilitySets/vmSizes/read Microsoft.Compute/disks/read Microsoft.Compute/disks/write Microsoft.Compute/disks/delete Microsoft.Compute/galleries/read Microsoft.Compute/galleries/images/read Microsoft.Compute/galleries/images/versions/read Microsoft.Compute/images/read Microsoft.Compute/locations/usages/read Microsoft.Compute/locations/vmSizes/read Microsoft.Compute/operations/read Microsoft.Compute/skus/read Microsoft.Compute/virtualMachines/read Microsoft.Compute/virtualMachines/write Microsoft.Compute/virtualMachines/delete Microsoft.Compute/virtualMachines/start/action Microsoft.Compute/virtualMachines/powerOff/action Microsoft.Compute/virtualMachines/restart/action Microsoft.Compute/virtualMachines/deallocate/action Microsoft.Compute/virtualMachines/runCommand/action Microsoft.Compute/virtualMachines/extensions/read Microsoft.Compute/virtualMachines/extensions/write Microsoft.Compute/virtualMachines/extensions/delete Microsoft.Compute/virtualMachines/runCommands/read Microsoft.Compute/virtualMachines/runCommands/write Microsoft.Compute/virtualMachines/vmSizes/read Microsoft.Network/networkSecurityGroups/read Microsoft.Network/networkInterfaces/write Microsoft.Network/networkInterfaces/read Microsoft.Network/networkInterfaces/join/action Microsoft.Network/networkInterfaces/delete Microsoft.Network/virtualNetworks/subnets/read Microsoft.Network/virtualNetworks/subnets/join/action Microsoft.Network/virtualNetworks/usages/read Microsoft.Network/virtualNetworks/read Microsoft.Network/networkSecurityGroups/read Microsoft.Marketplace/offerTypes/publishers/offers/plans/agreements/read Microsoft.KeyVault/vaults/deploy/action Microsoft.Storage/storageAccounts/read Microsoft.Authorization/*/read Microsoft.Insights/alertRules/* Microsoft.Resources/deployments/* Microsoft.Resources/subscriptions/resourceGroups/read Microsoft.DesktopVirtualization/scalingPlans/read Microsoft.DesktopVirtualization/scalingPlans/write

Control Plane Operations (99)

Data Plane Operations (0)

No data plane operations granted