Role Information
Details and metadata
eadc314b-1a2d-4efa-be10-5d325db5065e
Change History
Track all modifications to this role
Updated On
Event Type
Summary & Details
2025-05-05 15:00:32
Initial Scan
Show full JSON
{
"properties": {
"roleName": "Azure AI Project Manager",
"type": "BuiltInRole",
"description": "Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.CognitiveServices/accounts/*/read",
"Microsoft.CognitiveServices/accounts/projects/*",
"Microsoft.CognitiveServices/locations/*/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/*"
],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2025-04-24T15:23:11.512Z",
"updatedOn": "2025-05-05T15:00:32.575Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "eadc314b-1a2d-4efa-be10-5d325db5065e"
}
2025-05-05 15:00:32
Initial Scan
View details
{
"properties": {
"roleName": "Azure AI Project Manager",
"type": "BuiltInRole",
"description": "Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.CognitiveServices/accounts/*/read",
"Microsoft.CognitiveServices/accounts/projects/*",
"Microsoft.CognitiveServices/locations/*/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/*"
],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2025-04-24T15:23:11.512Z",
"updatedOn": "2025-05-05T15:00:32.575Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "eadc314b-1a2d-4efa-be10-5d325db5065e"
}
Latest Role JSON
Raw definition from Azure
{
"properties": {
"roleName": "Azure AI Project Manager",
"type": "BuiltInRole",
"description": "Lets you perform developer actions and management actions on Azure AI Foundry Projects. Allows for making role assignments, but limited to Cognitive Service User role.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.CognitiveServices/accounts/*/read",
"Microsoft.CognitiveServices/accounts/projects/*",
"Microsoft.CognitiveServices/locations/*/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/*"
],
"notDataActions": [],
"Condition": "((!(ActionMatches{'Microsoft.Authorization/roleAssignments/write'})) OR (@Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d})) AND ((!(ActionMatches{'Microsoft.Authorization/roleAssignments/delete'})) OR (@Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals{53ca6127-db72-4b80-b1b0-d745d6d5456d}))",
"ConditionVersion": "2.0"
}
],
"createdOn": "2025-04-24T15:23:11.512Z",
"updatedOn": "2025-05-05T15:00:32.575Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/eadc314b-1a2d-4efa-be10-5d325db5065e",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "eadc314b-1a2d-4efa-be10-5d325db5065e"
}
Effective Permissions
Operations granted by this role (1680 total)
Conditional Permissions
This role has conditions that may restrict effective permissions based on context (e.g., resource attributes, request properties).
Permission Patterns (from role definition)
Actions
9 patterns
Microsoft.Authorization/roleAssignments/write
Microsoft.Authorization/roleAssignments/delete
Microsoft.CognitiveServices/accounts/*/read
Microsoft.CognitiveServices/accounts/projects/*
Microsoft.CognitiveServices/locations/*/read
Microsoft.Authorization/*/read
Microsoft.Insights/alertRules/*
Microsoft.Resources/deployments/*
Microsoft.Resources/subscriptions/resourceGroups/read
Data Actions
1 pattern
Microsoft.CognitiveServices/*