Created
September 13, 2018 01:31
-
-
Save BernieWhite/08e78258864776a00e7329ba5e5823b4 to your computer and use it in GitHub Desktop.
An RBAC role without permission to create or assign public IP addresses
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Name": "Reduced contributor", | |
"Description": "Lets you manage everytime except access and public ip addresses", | |
"Actions": [ | |
"*" | |
], | |
"NotActions": [ | |
"Microsoft.Authorization/*/Delete", | |
"Microsoft.Authorization/*/Write", | |
"Microsoft.Authorization/elevateAccess/Action", | |
"Microsoft.Blueprint/blueprintAssignments/write", | |
"Microsoft.Blueprint/blueprintAssignments/delete", | |
"Microsoft.Network/publicIPAddresses/join/action", | |
"Microsoft.Network/publicIPAddresses/write" | |
], | |
"DataActions": [ | |
], | |
"NotDataActions": [ | |
], | |
"AssignableScopes": [ | |
"/" | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment