Role Information
Details and metadata
cc3c084f-9a2e-4664-b2bc-47a6685a5f99
Change History
Track all modifications to this role since 2025-12-15 01:08:16+00:00
Updated On
Event Type
Summary & Details
2025-11-17 16:01:34
Initial Scan
Show full JSON
{
"properties": {
"roleName": "PostgreSQL Flexible Management Contributor",
"type": "BuiltInRole",
"description": "Create, read, modify, and delete required resources objects to be used by Azure PostgreSQL Flexible servers.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.CognitiveServices/accounts/write",
"Microsoft.CognitiveServices/accounts/delete",
"Microsoft.CognitiveServices/accounts/read",
"Microsoft.CognitiveServices/accounts/deployments/write",
"Microsoft.CognitiveServices/accounts/deployments/delete",
"Microsoft.CognitiveServices/accounts/deployments/read",
"Microsoft.CognitiveServices/locations/usages/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/delete",
"Microsoft.CognitiveServices/accounts/privateEndpointConnectionsApproval/action",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.DocumentDB/databaseAccounts/read",
"Microsoft.DocumentDB/databaseAccounts/listKeys/action",
"Microsoft.Storage/locations/usages/read",
"Microsoft.Storage/operations/read",
"Microsoft.Storage/skus/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/read",
"Microsoft.Storage/storageAccounts/delete",
"Microsoft.Storage/storageAccounts/fileServices/shares/read",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Storage/storageAccounts/managementPolicies/delete",
"Microsoft.Storage/storageAccounts/managementPolicies/read",
"Microsoft.Storage/storageAccounts/managementPolicies/write",
"Microsoft.Storage/storageAccounts/privateEndpointConnections/read",
"Microsoft.Storage/storageAccounts/queueServices/queues/read",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/sharedIdentities/write",
"Microsoft.Storage/storageAccounts/sharedIdentities/read",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/tableServices/tables/read",
"Microsoft.Security/assessments/read",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/deployments/read",
"Microsoft.Resources/subscriptions/providers/read",
"Microsoft.Resources/subscriptions/resourcegroups/read",
"Microsoft.Resources/subscriptions/resourcegroups/write",
"Microsoft.Insights/diagnosticSettings/read",
"microsoft.insights/diagnosticSettings/write",
"microsoft.insights/metrics/read",
"Microsoft.KeyVault/vaults/read",
"Microsoft.KeyVault/vaults/write",
"Microsoft.KeyVault/vaults/delete",
"Microsoft.KeyVault/vaults/deploy/action",
"Microsoft.Network/loadBalancers/read",
"Microsoft.Network/loadBalancers/write",
"Microsoft.Network/loadBalancers/delete",
"Microsoft.Network/loadBalancers/probes/read",
"Microsoft.Network/loadBalancers/loadBalancingRules/read",
"Microsoft.Network/loadBalancers/outboundRules/read",
"Microsoft.Network/loadBalancers/inboundNatRules/read",
"Microsoft.Network/loadBalancers/inboundNatRules/write",
"Microsoft.Network/loadBalancers/inboundNatRules/delete",
"Microsoft.Network/loadBalancers/inboundNatRules/join/action",
"Microsoft.Network/loadBalancers/backendAddressPools/health/action",
"Microsoft.Network/loadBalancers/backendAddressPools/read",
"Microsoft.Network/loadBalancers/backendAddressPools/write",
"Microsoft.Network/loadBalancers/backendAddressPools/delete",
"Microsoft.Network/loadBalancers/backendAddressPools/join/action",
"Microsoft.Network/loadBalancers/backendAddressPools/backendPoolAddresses/read",
"Microsoft.Network/locations/operationResults/read",
"Microsoft.Network/locations/operations/read",
"Microsoft.Network/locations/serviceTags/read",
"Microsoft.Network/locations/supportedVirtualMachineSizes/read",
"Microsoft.Network/locations/usages/read",
"Microsoft.Network/networkInterfaces/delete",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Network/networkInterfaces/write",
"Microsoft.Network/networkInterfaces/join/action",
"Microsoft.Network/networkSecurityGroups/delete",
"Microsoft.Network/networkSecurityGroups/read",
"Microsoft.Network/networkSecurityGroups/securityRules/read",
"Microsoft.Network/networkSecurityGroups/write",
"Microsoft.Network/networkSecurityGroups/join/action",
"Microsoft.Network/networkWatchers/read",
"Microsoft.Network/privateDnsOperationStatuses/read",
"Microsoft.Network/privateDnsZones/delete",
"Microsoft.Network/privateDnsZones/read",
"Microsoft.Network/privateDnsZones/write",
"Microsoft.Network/publicIPAddresses/delete",
"Microsoft.Network/publicIPAddresses/read",
"Microsoft.Network/publicIPAddresses/write",
"Microsoft.Network/publicIPAddresses/join/action",
"Microsoft.Network/virtualNetworks/delete",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/virtualNetworks/write",
"Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/delete",
"Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/write",
"Microsoft.Network/virtualNetworks/subnets/delete",
"Microsoft.Network/virtualNetworks/subnets/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/Details/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/validate/action",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write",
"Microsoft.Network/virtualNetworks/subnets/write",
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write",
"Microsoft.Network/privateEndpoints/write",
"Microsoft.Network/privateEndpoints/delete",
"Microsoft.Network/privateEndpoints/read",
"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action",
"Microsoft.Compute/disks/read",
"Microsoft.Compute/disks/write",
"Microsoft.Compute/disks/delete",
"Microsoft.Compute/disks/beginGetAccess/action",
"Microsoft.Compute/disks/endGetAccess/action",
"Microsoft.Compute/snapshots/read",
"Microsoft.Compute/snapshots/write",
"Microsoft.Compute/snapshots/delete",
"Microsoft.Compute/snapshots/beginGetAccess/action",
"Microsoft.Compute/snapshots/endGetAccess/action",
"Microsoft.Compute/virtualMachines/extensions/read",
"Microsoft.Compute/virtualMachines/extensions/write",
"Microsoft.Compute/virtualMachines/extensions/delete",
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Compute/virtualMachines/write",
"Microsoft.Compute/virtualMachines/delete",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/powerOff/action",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Compute/virtualMachines/deallocate/action",
"Microsoft.Compute/virtualMachines/runCommand/action",
"Microsoft.Compute/diskEncryptionSets/delete",
"Microsoft.Compute/diskEncryptionSets/read",
"Microsoft.Compute/diskEncryptionSets/*",
"Microsoft.Compute/diskEncryptionSets/write",
"Microsoft.Compute/galleries/images/versions/read",
"Microsoft.Compute/locations/DiskOperations/read",
"Microsoft.Compute/locations/operations/read",
"Microsoft.Compute/locations/usages/read",
"Microsoft.Compute/locations/capsOperations/read",
"Microsoft.Compute/skus/read",
"Microsoft.Compute/capacityReservationGroups/share/action",
"Microsoft.Compute/capacityReservationGroups/read",
"Microsoft.Compute/capacityReservationGroups/deploy/action",
"Microsoft.Compute/capacityReservationGroups/write",
"Microsoft.Compute/capacityReservationGroups/capacityReservations/read",
"Microsoft.Compute/capacityReservationGroups/capacityReservations/write",
"Microsoft.Storage/storageAccounts/fileservices/read",
"Microsoft.Storage/storageAccounts/regenerateKey/action",
"Microsoft.ManagedIdentity/userAssignedIdentities/read",
"Microsoft.ManagedIdentity/userAssignedIdentities/write",
"Microsoft.ManagedIdentity/userAssignedIdentities/delete",
"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read",
"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action",
"Microsoft.RecoveryServices/backupprotecteditems/read",
"Microsoft.ContainerInstance/containerGroups/read",
"Microsoft.ContainerInstance/containerGroups/write",
"Microsoft.ContainerInstance/containerGroups/delete",
"Microsoft.ContainerInstance/containerGroups/restart/action",
"Microsoft.ContainerInstance/containerGroups/stop/action",
"Microsoft.ContainerInstance/containerGroups/start/action",
"Microsoft.ContainerInstance/locations/operations/read",
"Microsoft.ContainerInstance/locations/usages/read",
"Microsoft.CostManagement/exports/read",
"Microsoft.CostManagement/exports/write",
"Microsoft.CostManagement/exports/run/action",
"Microsoft.CostManagement/exports/action",
"Microsoft.Storage/storageAccounts/listAccountSas/action"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action"
],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {ba92f5b4-2d11-453d-a403-e96b0029c9fe, c12c1c16-33a1-487b-954d-41c89c60f349})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {ba92f5b4-2d11-453d-a403-e96b0029c9fe, c12c1c16-33a1-487b-954d-41c89c60f349}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-09-03T15:18:13.433Z",
"updatedOn": "2025-11-17T16:01:34.393Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/cc3c084f-9a2e-4664-b2bc-47a6685a5f99",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "cc3c084f-9a2e-4664-b2bc-47a6685a5f99"
}
2025-11-17 16:01:34
Initial Scan
View details
{
"properties": {
"roleName": "PostgreSQL Flexible Management Contributor",
"type": "BuiltInRole",
"description": "Create, read, modify, and delete required resources objects to be used by Azure PostgreSQL Flexible servers.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.CognitiveServices/accounts/write",
"Microsoft.CognitiveServices/accounts/delete",
"Microsoft.CognitiveServices/accounts/read",
"Microsoft.CognitiveServices/accounts/deployments/write",
"Microsoft.CognitiveServices/accounts/deployments/delete",
"Microsoft.CognitiveServices/accounts/deployments/read",
"Microsoft.CognitiveServices/locations/usages/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/delete",
"Microsoft.CognitiveServices/accounts/privateEndpointConnectionsApproval/action",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.DocumentDB/databaseAccounts/read",
"Microsoft.DocumentDB/databaseAccounts/listKeys/action",
"Microsoft.Storage/locations/usages/read",
"Microsoft.Storage/operations/read",
"Microsoft.Storage/skus/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/read",
"Microsoft.Storage/storageAccounts/delete",
"Microsoft.Storage/storageAccounts/fileServices/shares/read",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Storage/storageAccounts/managementPolicies/delete",
"Microsoft.Storage/storageAccounts/managementPolicies/read",
"Microsoft.Storage/storageAccounts/managementPolicies/write",
"Microsoft.Storage/storageAccounts/privateEndpointConnections/read",
"Microsoft.Storage/storageAccounts/queueServices/queues/read",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/sharedIdentities/write",
"Microsoft.Storage/storageAccounts/sharedIdentities/read",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/tableServices/tables/read",
"Microsoft.Security/assessments/read",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/deployments/read",
"Microsoft.Resources/subscriptions/providers/read",
"Microsoft.Resources/subscriptions/resourcegroups/read",
"Microsoft.Resources/subscriptions/resourcegroups/write",
"Microsoft.Insights/diagnosticSettings/read",
"microsoft.insights/diagnosticSettings/write",
"microsoft.insights/metrics/read",
"Microsoft.KeyVault/vaults/read",
"Microsoft.KeyVault/vaults/write",
"Microsoft.KeyVault/vaults/delete",
"Microsoft.KeyVault/vaults/deploy/action",
"Microsoft.Network/loadBalancers/read",
"Microsoft.Network/loadBalancers/write",
"Microsoft.Network/loadBalancers/delete",
"Microsoft.Network/loadBalancers/probes/read",
"Microsoft.Network/loadBalancers/loadBalancingRules/read",
"Microsoft.Network/loadBalancers/outboundRules/read",
"Microsoft.Network/loadBalancers/inboundNatRules/read",
"Microsoft.Network/loadBalancers/inboundNatRules/write",
"Microsoft.Network/loadBalancers/inboundNatRules/delete",
"Microsoft.Network/loadBalancers/inboundNatRules/join/action",
"Microsoft.Network/loadBalancers/backendAddressPools/health/action",
"Microsoft.Network/loadBalancers/backendAddressPools/read",
"Microsoft.Network/loadBalancers/backendAddressPools/write",
"Microsoft.Network/loadBalancers/backendAddressPools/delete",
"Microsoft.Network/loadBalancers/backendAddressPools/join/action",
"Microsoft.Network/loadBalancers/backendAddressPools/backendPoolAddresses/read",
"Microsoft.Network/locations/operationResults/read",
"Microsoft.Network/locations/operations/read",
"Microsoft.Network/locations/serviceTags/read",
"Microsoft.Network/locations/supportedVirtualMachineSizes/read",
"Microsoft.Network/locations/usages/read",
"Microsoft.Network/networkInterfaces/delete",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Network/networkInterfaces/write",
"Microsoft.Network/networkInterfaces/join/action",
"Microsoft.Network/networkSecurityGroups/delete",
"Microsoft.Network/networkSecurityGroups/read",
"Microsoft.Network/networkSecurityGroups/securityRules/read",
"Microsoft.Network/networkSecurityGroups/write",
"Microsoft.Network/networkSecurityGroups/join/action",
"Microsoft.Network/networkWatchers/read",
"Microsoft.Network/privateDnsOperationStatuses/read",
"Microsoft.Network/privateDnsZones/delete",
"Microsoft.Network/privateDnsZones/read",
"Microsoft.Network/privateDnsZones/write",
"Microsoft.Network/publicIPAddresses/delete",
"Microsoft.Network/publicIPAddresses/read",
"Microsoft.Network/publicIPAddresses/write",
"Microsoft.Network/publicIPAddresses/join/action",
"Microsoft.Network/virtualNetworks/delete",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/virtualNetworks/write",
"Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/delete",
"Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/write",
"Microsoft.Network/virtualNetworks/subnets/delete",
"Microsoft.Network/virtualNetworks/subnets/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/Details/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/validate/action",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write",
"Microsoft.Network/virtualNetworks/subnets/write",
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write",
"Microsoft.Network/privateEndpoints/write",
"Microsoft.Network/privateEndpoints/delete",
"Microsoft.Network/privateEndpoints/read",
"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action",
"Microsoft.Compute/disks/read",
"Microsoft.Compute/disks/write",
"Microsoft.Compute/disks/delete",
"Microsoft.Compute/disks/beginGetAccess/action",
"Microsoft.Compute/disks/endGetAccess/action",
"Microsoft.Compute/snapshots/read",
"Microsoft.Compute/snapshots/write",
"Microsoft.Compute/snapshots/delete",
"Microsoft.Compute/snapshots/beginGetAccess/action",
"Microsoft.Compute/snapshots/endGetAccess/action",
"Microsoft.Compute/virtualMachines/extensions/read",
"Microsoft.Compute/virtualMachines/extensions/write",
"Microsoft.Compute/virtualMachines/extensions/delete",
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Compute/virtualMachines/write",
"Microsoft.Compute/virtualMachines/delete",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/powerOff/action",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Compute/virtualMachines/deallocate/action",
"Microsoft.Compute/virtualMachines/runCommand/action",
"Microsoft.Compute/diskEncryptionSets/delete",
"Microsoft.Compute/diskEncryptionSets/read",
"Microsoft.Compute/diskEncryptionSets/*",
"Microsoft.Compute/diskEncryptionSets/write",
"Microsoft.Compute/galleries/images/versions/read",
"Microsoft.Compute/locations/DiskOperations/read",
"Microsoft.Compute/locations/operations/read",
"Microsoft.Compute/locations/usages/read",
"Microsoft.Compute/locations/capsOperations/read",
"Microsoft.Compute/skus/read",
"Microsoft.Compute/capacityReservationGroups/share/action",
"Microsoft.Compute/capacityReservationGroups/read",
"Microsoft.Compute/capacityReservationGroups/deploy/action",
"Microsoft.Compute/capacityReservationGroups/write",
"Microsoft.Compute/capacityReservationGroups/capacityReservations/read",
"Microsoft.Compute/capacityReservationGroups/capacityReservations/write",
"Microsoft.Storage/storageAccounts/fileservices/read",
"Microsoft.Storage/storageAccounts/regenerateKey/action",
"Microsoft.ManagedIdentity/userAssignedIdentities/read",
"Microsoft.ManagedIdentity/userAssignedIdentities/write",
"Microsoft.ManagedIdentity/userAssignedIdentities/delete",
"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read",
"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action",
"Microsoft.RecoveryServices/backupprotecteditems/read",
"Microsoft.ContainerInstance/containerGroups/read",
"Microsoft.ContainerInstance/containerGroups/write",
"Microsoft.ContainerInstance/containerGroups/delete",
"Microsoft.ContainerInstance/containerGroups/restart/action",
"Microsoft.ContainerInstance/containerGroups/stop/action",
"Microsoft.ContainerInstance/containerGroups/start/action",
"Microsoft.ContainerInstance/locations/operations/read",
"Microsoft.ContainerInstance/locations/usages/read",
"Microsoft.CostManagement/exports/read",
"Microsoft.CostManagement/exports/write",
"Microsoft.CostManagement/exports/run/action",
"Microsoft.CostManagement/exports/action",
"Microsoft.Storage/storageAccounts/listAccountSas/action"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action"
],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {ba92f5b4-2d11-453d-a403-e96b0029c9fe, c12c1c16-33a1-487b-954d-41c89c60f349})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {ba92f5b4-2d11-453d-a403-e96b0029c9fe, c12c1c16-33a1-487b-954d-41c89c60f349}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-09-03T15:18:13.433Z",
"updatedOn": "2025-11-17T16:01:34.393Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/cc3c084f-9a2e-4664-b2bc-47a6685a5f99",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "cc3c084f-9a2e-4664-b2bc-47a6685a5f99"
}
Latest Role JSON
Raw definition from Azure
{
"properties": {
"roleName": "PostgreSQL Flexible Management Contributor",
"type": "BuiltInRole",
"description": "Create, read, modify, and delete required resources objects to be used by Azure PostgreSQL Flexible servers.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.CognitiveServices/accounts/write",
"Microsoft.CognitiveServices/accounts/delete",
"Microsoft.CognitiveServices/accounts/read",
"Microsoft.CognitiveServices/accounts/deployments/write",
"Microsoft.CognitiveServices/accounts/deployments/delete",
"Microsoft.CognitiveServices/accounts/deployments/read",
"Microsoft.CognitiveServices/locations/usages/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/delete",
"Microsoft.CognitiveServices/accounts/privateEndpointConnectionsApproval/action",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.DocumentDB/databaseAccounts/read",
"Microsoft.DocumentDB/databaseAccounts/listKeys/action",
"Microsoft.Storage/locations/usages/read",
"Microsoft.Storage/operations/read",
"Microsoft.Storage/skus/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/read",
"Microsoft.Storage/storageAccounts/delete",
"Microsoft.Storage/storageAccounts/fileServices/shares/read",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Storage/storageAccounts/managementPolicies/delete",
"Microsoft.Storage/storageAccounts/managementPolicies/read",
"Microsoft.Storage/storageAccounts/managementPolicies/write",
"Microsoft.Storage/storageAccounts/privateEndpointConnections/read",
"Microsoft.Storage/storageAccounts/queueServices/queues/read",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/sharedIdentities/write",
"Microsoft.Storage/storageAccounts/sharedIdentities/read",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/tableServices/tables/read",
"Microsoft.Security/assessments/read",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/deployments/read",
"Microsoft.Resources/subscriptions/providers/read",
"Microsoft.Resources/subscriptions/resourcegroups/read",
"Microsoft.Resources/subscriptions/resourcegroups/write",
"Microsoft.Insights/diagnosticSettings/read",
"microsoft.insights/diagnosticSettings/write",
"microsoft.insights/metrics/read",
"Microsoft.KeyVault/vaults/read",
"Microsoft.KeyVault/vaults/write",
"Microsoft.KeyVault/vaults/delete",
"Microsoft.KeyVault/vaults/deploy/action",
"Microsoft.Network/loadBalancers/read",
"Microsoft.Network/loadBalancers/write",
"Microsoft.Network/loadBalancers/delete",
"Microsoft.Network/loadBalancers/probes/read",
"Microsoft.Network/loadBalancers/loadBalancingRules/read",
"Microsoft.Network/loadBalancers/outboundRules/read",
"Microsoft.Network/loadBalancers/inboundNatRules/read",
"Microsoft.Network/loadBalancers/inboundNatRules/write",
"Microsoft.Network/loadBalancers/inboundNatRules/delete",
"Microsoft.Network/loadBalancers/inboundNatRules/join/action",
"Microsoft.Network/loadBalancers/backendAddressPools/health/action",
"Microsoft.Network/loadBalancers/backendAddressPools/read",
"Microsoft.Network/loadBalancers/backendAddressPools/write",
"Microsoft.Network/loadBalancers/backendAddressPools/delete",
"Microsoft.Network/loadBalancers/backendAddressPools/join/action",
"Microsoft.Network/loadBalancers/backendAddressPools/backendPoolAddresses/read",
"Microsoft.Network/locations/operationResults/read",
"Microsoft.Network/locations/operations/read",
"Microsoft.Network/locations/serviceTags/read",
"Microsoft.Network/locations/supportedVirtualMachineSizes/read",
"Microsoft.Network/locations/usages/read",
"Microsoft.Network/networkInterfaces/delete",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Network/networkInterfaces/write",
"Microsoft.Network/networkInterfaces/join/action",
"Microsoft.Network/networkSecurityGroups/delete",
"Microsoft.Network/networkSecurityGroups/read",
"Microsoft.Network/networkSecurityGroups/securityRules/read",
"Microsoft.Network/networkSecurityGroups/write",
"Microsoft.Network/networkSecurityGroups/join/action",
"Microsoft.Network/networkWatchers/read",
"Microsoft.Network/privateDnsOperationStatuses/read",
"Microsoft.Network/privateDnsZones/delete",
"Microsoft.Network/privateDnsZones/read",
"Microsoft.Network/privateDnsZones/write",
"Microsoft.Network/publicIPAddresses/delete",
"Microsoft.Network/publicIPAddresses/read",
"Microsoft.Network/publicIPAddresses/write",
"Microsoft.Network/publicIPAddresses/join/action",
"Microsoft.Network/virtualNetworks/delete",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/virtualNetworks/write",
"Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/delete",
"Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/write",
"Microsoft.Network/virtualNetworks/subnets/delete",
"Microsoft.Network/virtualNetworks/subnets/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/Details/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/validate/action",
"Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write",
"Microsoft.Network/virtualNetworks/subnets/write",
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write",
"Microsoft.Network/privateEndpoints/write",
"Microsoft.Network/privateEndpoints/delete",
"Microsoft.Network/privateEndpoints/read",
"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action",
"Microsoft.Compute/disks/read",
"Microsoft.Compute/disks/write",
"Microsoft.Compute/disks/delete",
"Microsoft.Compute/disks/beginGetAccess/action",
"Microsoft.Compute/disks/endGetAccess/action",
"Microsoft.Compute/snapshots/read",
"Microsoft.Compute/snapshots/write",
"Microsoft.Compute/snapshots/delete",
"Microsoft.Compute/snapshots/beginGetAccess/action",
"Microsoft.Compute/snapshots/endGetAccess/action",
"Microsoft.Compute/virtualMachines/extensions/read",
"Microsoft.Compute/virtualMachines/extensions/write",
"Microsoft.Compute/virtualMachines/extensions/delete",
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Compute/virtualMachines/write",
"Microsoft.Compute/virtualMachines/delete",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/powerOff/action",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Compute/virtualMachines/deallocate/action",
"Microsoft.Compute/virtualMachines/runCommand/action",
"Microsoft.Compute/diskEncryptionSets/delete",
"Microsoft.Compute/diskEncryptionSets/read",
"Microsoft.Compute/diskEncryptionSets/*",
"Microsoft.Compute/diskEncryptionSets/write",
"Microsoft.Compute/galleries/images/versions/read",
"Microsoft.Compute/locations/DiskOperations/read",
"Microsoft.Compute/locations/operations/read",
"Microsoft.Compute/locations/usages/read",
"Microsoft.Compute/locations/capsOperations/read",
"Microsoft.Compute/skus/read",
"Microsoft.Compute/capacityReservationGroups/share/action",
"Microsoft.Compute/capacityReservationGroups/read",
"Microsoft.Compute/capacityReservationGroups/deploy/action",
"Microsoft.Compute/capacityReservationGroups/write",
"Microsoft.Compute/capacityReservationGroups/capacityReservations/read",
"Microsoft.Compute/capacityReservationGroups/capacityReservations/write",
"Microsoft.Storage/storageAccounts/fileservices/read",
"Microsoft.Storage/storageAccounts/regenerateKey/action",
"Microsoft.ManagedIdentity/userAssignedIdentities/read",
"Microsoft.ManagedIdentity/userAssignedIdentities/write",
"Microsoft.ManagedIdentity/userAssignedIdentities/delete",
"Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read",
"Microsoft.ManagedIdentity/userAssignedIdentities/assign/action",
"Microsoft.RecoveryServices/backupprotecteditems/read",
"Microsoft.ContainerInstance/containerGroups/read",
"Microsoft.ContainerInstance/containerGroups/write",
"Microsoft.ContainerInstance/containerGroups/delete",
"Microsoft.ContainerInstance/containerGroups/restart/action",
"Microsoft.ContainerInstance/containerGroups/stop/action",
"Microsoft.ContainerInstance/containerGroups/start/action",
"Microsoft.ContainerInstance/locations/operations/read",
"Microsoft.ContainerInstance/locations/usages/read",
"Microsoft.CostManagement/exports/read",
"Microsoft.CostManagement/exports/write",
"Microsoft.CostManagement/exports/run/action",
"Microsoft.CostManagement/exports/action",
"Microsoft.Storage/storageAccounts/listAccountSas/action"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action"
],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {ba92f5b4-2d11-453d-a403-e96b0029c9fe, c12c1c16-33a1-487b-954d-41c89c60f349})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {ba92f5b4-2d11-453d-a403-e96b0029c9fe, c12c1c16-33a1-487b-954d-41c89c60f349}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2024-09-03T15:18:13.433Z",
"updatedOn": "2025-11-17T16:01:34.393Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/cc3c084f-9a2e-4664-b2bc-47a6685a5f99",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "cc3c084f-9a2e-4664-b2bc-47a6685a5f99"
}
Effective Permissions
Operations granted by this role (201 total)
Conditional Permissions
This role has conditions that may restrict effective permissions based on context (e.g., resource attributes, request properties).
Permission Patterns (from role definition)
Actions
171 patterns
Microsoft.Authorization/*/read
Microsoft.Authorization/roleAssignments/write
Microsoft.Authorization/roleAssignments/read
Microsoft.Authorization/roleAssignments/delete
Microsoft.CognitiveServices/accounts/write
Microsoft.CognitiveServices/accounts/delete
Microsoft.CognitiveServices/accounts/read
Microsoft.CognitiveServices/accounts/deployments/write
Microsoft.CognitiveServices/accounts/deployments/delete
Microsoft.CognitiveServices/accounts/deployments/read
Microsoft.CognitiveServices/locations/usages/read
Microsoft.CognitiveServices/accounts/privateEndpointConnections/write
Microsoft.CognitiveServices/accounts/privateEndpointConnections/read
Microsoft.CognitiveServices/accounts/privateEndpointConnections/delete
Microsoft.CognitiveServices/accounts/privateEndpointConnectionsApproval/action
Microsoft.Insights/alertRules/*
Microsoft.Resources/deployments/*
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.DocumentDB/databaseAccounts/read
Microsoft.DocumentDB/databaseAccounts/listKeys/action
Microsoft.Storage/locations/usages/read
Microsoft.Storage/operations/read
Microsoft.Storage/skus/read
Microsoft.Storage/storageAccounts/blobServices/containers/delete
Microsoft.Storage/storageAccounts/blobServices/containers/read
Microsoft.Storage/storageAccounts/blobServices/containers/write
Microsoft.Storage/storageAccounts/blobServices/read
Microsoft.Storage/storageAccounts/delete
Microsoft.Storage/storageAccounts/fileServices/shares/read
Microsoft.Storage/storageAccounts/listKeys/action
Microsoft.Storage/storageAccounts/managementPolicies/delete
Microsoft.Storage/storageAccounts/managementPolicies/read
Microsoft.Storage/storageAccounts/managementPolicies/write
Microsoft.Storage/storageAccounts/privateEndpointConnections/read
Microsoft.Storage/storageAccounts/queueServices/queues/read
Microsoft.Storage/storageAccounts/read
Microsoft.Storage/storageAccounts/sharedIdentities/write
Microsoft.Storage/storageAccounts/sharedIdentities/read
Microsoft.Storage/storageAccounts/write
Microsoft.Storage/storageAccounts/tableServices/tables/read
Microsoft.Security/assessments/read
Microsoft.Resources/deployments/operations/read
Microsoft.Resources/deployments/read
Microsoft.Resources/subscriptions/providers/read
Microsoft.Resources/subscriptions/resourcegroups/read
Microsoft.Resources/subscriptions/resourcegroups/write
Microsoft.Insights/diagnosticSettings/read
microsoft.insights/diagnosticSettings/write
microsoft.insights/metrics/read
Microsoft.KeyVault/vaults/read
Microsoft.KeyVault/vaults/write
Microsoft.KeyVault/vaults/delete
Microsoft.KeyVault/vaults/deploy/action
Microsoft.Network/loadBalancers/read
Microsoft.Network/loadBalancers/write
Microsoft.Network/loadBalancers/delete
Microsoft.Network/loadBalancers/probes/read
Microsoft.Network/loadBalancers/loadBalancingRules/read
Microsoft.Network/loadBalancers/outboundRules/read
Microsoft.Network/loadBalancers/inboundNatRules/read
Microsoft.Network/loadBalancers/inboundNatRules/write
Microsoft.Network/loadBalancers/inboundNatRules/delete
Microsoft.Network/loadBalancers/inboundNatRules/join/action
Microsoft.Network/loadBalancers/backendAddressPools/health/action
Microsoft.Network/loadBalancers/backendAddressPools/read
Microsoft.Network/loadBalancers/backendAddressPools/write
Microsoft.Network/loadBalancers/backendAddressPools/delete
Microsoft.Network/loadBalancers/backendAddressPools/join/action
Microsoft.Network/loadBalancers/backendAddressPools/backendPoolAddresses/read
Microsoft.Network/locations/operationResults/read
Microsoft.Network/locations/operations/read
Microsoft.Network/locations/serviceTags/read
Microsoft.Network/locations/supportedVirtualMachineSizes/read
Microsoft.Network/locations/usages/read
Microsoft.Network/networkInterfaces/delete
Microsoft.Network/networkInterfaces/read
Microsoft.Network/networkInterfaces/write
Microsoft.Network/networkInterfaces/join/action
Microsoft.Network/networkSecurityGroups/delete
Microsoft.Network/networkSecurityGroups/read
Microsoft.Network/networkSecurityGroups/securityRules/read
Microsoft.Network/networkSecurityGroups/write
Microsoft.Network/networkSecurityGroups/join/action
Microsoft.Network/networkWatchers/read
Microsoft.Network/privateDnsOperationStatuses/read
Microsoft.Network/privateDnsZones/delete
Microsoft.Network/privateDnsZones/read
Microsoft.Network/privateDnsZones/write
Microsoft.Network/publicIPAddresses/delete
Microsoft.Network/publicIPAddresses/read
Microsoft.Network/publicIPAddresses/write
Microsoft.Network/publicIPAddresses/join/action
Microsoft.Network/virtualNetworks/delete
Microsoft.Network/virtualNetworks/read
Microsoft.Network/virtualNetworks/write
Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/delete
Microsoft.Network/virtualNetworks/remoteVirtualNetworkPeeringProxies/write
Microsoft.Network/virtualNetworks/subnets/delete
Microsoft.Network/virtualNetworks/subnets/read
Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/delete
Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/Details/read
Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/read
Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/validate/action
Microsoft.Network/virtualNetworks/subnets/serviceAssociationLinks/write
Microsoft.Network/virtualNetworks/subnets/write
Microsoft.Network/virtualNetworks/subnets/join/action
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write
Microsoft.Network/privateEndpoints/write
Microsoft.Network/privateEndpoints/delete
Microsoft.Network/privateEndpoints/read
Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action
Microsoft.Compute/disks/read
Microsoft.Compute/disks/write
Microsoft.Compute/disks/delete
Microsoft.Compute/disks/beginGetAccess/action
Microsoft.Compute/disks/endGetAccess/action
Microsoft.Compute/snapshots/read
Microsoft.Compute/snapshots/write
Microsoft.Compute/snapshots/delete
Microsoft.Compute/snapshots/beginGetAccess/action
Microsoft.Compute/snapshots/endGetAccess/action
Microsoft.Compute/virtualMachines/extensions/read
Microsoft.Compute/virtualMachines/extensions/write
Microsoft.Compute/virtualMachines/extensions/delete
Microsoft.Compute/virtualMachines/read
Microsoft.Compute/virtualMachines/write
Microsoft.Compute/virtualMachines/delete
Microsoft.Compute/virtualMachines/start/action
Microsoft.Compute/virtualMachines/powerOff/action
Microsoft.Compute/virtualMachines/restart/action
Microsoft.Compute/virtualMachines/deallocate/action
Microsoft.Compute/virtualMachines/runCommand/action
Microsoft.Compute/diskEncryptionSets/delete
Microsoft.Compute/diskEncryptionSets/read
Microsoft.Compute/diskEncryptionSets/*
Microsoft.Compute/diskEncryptionSets/write
Microsoft.Compute/galleries/images/versions/read
Microsoft.Compute/locations/DiskOperations/read
Microsoft.Compute/locations/operations/read
Microsoft.Compute/locations/usages/read
Microsoft.Compute/locations/capsOperations/read
Microsoft.Compute/skus/read
Microsoft.Compute/capacityReservationGroups/share/action
Microsoft.Compute/capacityReservationGroups/read
Microsoft.Compute/capacityReservationGroups/deploy/action
Microsoft.Compute/capacityReservationGroups/write
Microsoft.Compute/capacityReservationGroups/capacityReservations/read
Microsoft.Compute/capacityReservationGroups/capacityReservations/write
Microsoft.Storage/storageAccounts/fileservices/read
Microsoft.Storage/storageAccounts/regenerateKey/action
Microsoft.ManagedIdentity/userAssignedIdentities/read
Microsoft.ManagedIdentity/userAssignedIdentities/write
Microsoft.ManagedIdentity/userAssignedIdentities/delete
Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/read
Microsoft.ManagedIdentity/userAssignedIdentities/assign/action
Microsoft.RecoveryServices/backupprotecteditems/read
Microsoft.ContainerInstance/containerGroups/read
Microsoft.ContainerInstance/containerGroups/write
Microsoft.ContainerInstance/containerGroups/delete
Microsoft.ContainerInstance/containerGroups/restart/action
Microsoft.ContainerInstance/containerGroups/stop/action
Microsoft.ContainerInstance/containerGroups/start/action
Microsoft.ContainerInstance/locations/operations/read
Microsoft.ContainerInstance/locations/usages/read
Microsoft.CostManagement/exports/read
Microsoft.CostManagement/exports/write
Microsoft.CostManagement/exports/run/action
Microsoft.CostManagement/exports/action
Microsoft.Storage/storageAccounts/listAccountSas/action
Data Actions
3 patterns
Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action
Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action
Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action
Control Plane Operations (198)
No matching operations
/ shown
Data Plane Operations (3)
No matching operations
/ shown