AzRoleAdvertizer

last sync: 2025-Oct-31 18:22:44 UTC

Deployment Environments User

Azure BuiltIn RBAC Role definition

NameDeployment Environments User
Microsoft Learn
Id18e40d4e-8d2e-438d-97e1-9528336e149c
DescriptionProvides access to manage environment resources.
CategoryDevOps
Microsoft Learn
CreatedOn2022-09-21 23:02:10 UTC
UpdatedOn2023-11-11 02:44:04 UTC
Permissions summary Effective control plane and data plane operations: 48 (unique operations)
•action: 5
•read: 43

Actions: 4
Resolved control plane operations from Actions: 45
Effective control plane operations: 43
•read: 43

NotActions: 2
Resolved control plane operations from NotActions: 2
Effective denied control plane operations: 17390

DataActions: 5
Resolved data plane operations: 5
Effective data plane operations: 5
•action: 5

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 4073
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.DevCenter/projects/*/readwildcarded / no description
Microsoft.DevCenter/projects/readGets a specific project.
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions
Operation Description
Microsoft.DevCenter/projects/pools/readGets a machine pool
Microsoft.DevCenter/projects/pools/schedules/readGets a schedule resource.
DataActions
Operation Description
Microsoft.DevCenter/projects/users/environments/userActionManage/actionAllows a user to skip, delay etc. environment actions.
Microsoft.DevCenter/projects/users/environments/userDelete/actionAllows a user to delete the environments they have access to in a project.
Microsoft.DevCenter/projects/users/environments/userOutputsRead/actionAllows a user to read Output values from environment deployment.
Microsoft.DevCenter/projects/users/environments/userRead/actionAllows a user to read the environments they have access to in a project.
Microsoft.DevCenter/projects/users/environments/userWrite/actionAllows a user to write the environments they have access to in a project.
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2023-11-13 16:45:45 change: Actions, NotActions, DataActions Actions: 'remove Microsoft.Fidalgo/projects/read; remove Microsoft.Fidalgo/projects/*/read',
NotActions: 'remove Microsoft.Fidalgo/projects/pools/read',
DataActions: 'remove Microsoft.DevCenter/projects/users/environments/adminRead/action; remove Microsoft.DevCenter/projects/users/environments/adminAction/action; remove Microsoft.DevCenter/projects/users/environments/adminActionRead/action; add Microsoft.DevCenter/projects/users/environments/userRead/action'
2023-10-17 16:35:42 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminActionRead/action; add Microsoft.DevCenter/projects/users/environments/userActionManage/action; add Microsoft.DevCenter/projects/users/environments/userOutputsRead/action'
2022-10-12 16:34:55 change: DisplayName, Description, Actions New DisplayName: 'Deployment Environments User'
Old DisplayName: 'Microsoft.DevCenter Deployment Environments User',
New Description: 'Provides access to manage environment resources.'
Old Description: 'Microsoft.DevCenter Deployment Environments User.',
Actions: 'add Microsoft.Authorization/*/read'
2022-09-26 16:35:37 add: Role 18e40d4e-8d2e-438d-97e1-9528336e149c
JSON
api-version=2023-07-01-preview
Condition none