Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Create a custom Azure Limited Admin custom role
{
"Name": "Limited Admin",
"Id": null,
"IsCustom": true,
"Description": "Can do anything except changing permissions and network settings.",
"Actions": [
"*"
],
"NotActions": [
"Microsoft.Network/virtualNetworks/write",
"Microsoft.Network/virtualNetworks/delete",
"Microsoft.Network/virtualNetworks/subnets/write",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write",
"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete",
"Microsoft.Network/expressRouteCircuits/write",
"Microsoft.ClassicNetwork/*",
"Microsoft.Network/virtualnetworkgateways/write",
"Microsoft.Network/expressRouteCircuits/peerings/write",
"Microsoft.Network/expressRouteCircuits/peerings/delete",
"Microsoft.Network/LocalNetworkGateways/write",
"Microsoft.Network/LocalNetworkGateways/delete",
"Microsoft.Network/routeTables/write",
"Microsoft.Network/routeTables/delete",
"Microsoft.Network/routeTables/routes/write",
"Microsoft.Network/routeTables/routes/delete",
"Microsoft.Network/connections/write",
"Microsoft.Network/connections/delete",
"Microsoft.Authorization/*/Delete",
"Microsoft.Authorization/*/Write",
"Microsoft.Authorization/classicAdministrators/*/Delete",
"Microsoft.Authorization/classicAdministrators/*/Write",
],
"AssignableScopes": [
"/subscriptions/18959d84-xxxx-xxxx-xx-2aab5400a11e",
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment