Skip to content

Instantly share code, notes, and snippets.

@pichuang

pichuang/Azure Playground Roles

Created December 7, 2022 15:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save pichuang/acdd3ac9b5fce8d79731bf0d17406268 to your computer and use it in GitHub Desktop.
Save pichuang/acdd3ac9b5fce8d79731bf0d17406268 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Azure Playground Roles
{
"id": "/subscriptions/964df7ca-3f8/providers/Microsoft.Authorization/roleDefinitions/fd429c21-039b-4ba7-bfb3-f791a6ce8e94",
"properties": {
"roleName": "Starkiller",
"description": "see: https://linuxacademy.atlassian.net/wiki/spaces/ET/pages/818348034/Student+Lab+Permissions",
"assignableScopes": [
"/subscriptions/9ed9933ef0",
],
"permissions": [
{
"actions": [
"*"
],
"notActions": [
"*/register/action",
"Microsoft.Addons/register/action",
"Microsoft.Authorization/elevateAccess/Action",
"Microsoft.AzureActiveDirectory/*",
"Microsoft.AzureStack/*",
"Microsoft.Batch/*",
"Microsoft.Blueprint/blueprintAssignments/delete",
"Microsoft.Blueprint/blueprintAssignments/write",
"Microsoft.Billing/*",
"Microsoft.Cache/Redis/*",
"Microsoft.Capacity/reservationorders/*",
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.Compute/proximityPlacementGroups/*",
"Microsoft.Consumption/*",
"Microsoft.Databox/*",
"Microsoft.Databricks/*",
"Microsoft.HDInsight/*",
"Microsoft.KeyVault/managedHSMs/*",
"Microsoft.KeyVault/hsmPools/*",
"Microsoft.ImportExport/*",
"Microsoft.Management/managementGroups/write",
"Microsoft.Resources/marketplace/purchase/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/lock/action",
"Microsoft.Sql/instancePools/*",
"Microsoft.Subscription/*",
"Microsoft.Support/*",
"Microsoft.Authorization/classicAdministrators/*",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleDefinitions/write",
"Microsoft.Network/expressRouteCircuits/*",
"Microsoft.Network/expressRouteGateways/*",
"Microsoft.Network/expressRoutePorts/*",
"Microsoft.RecoveryServices/Vaults/certificates/*",
"Microsoft.Network/ddosProtectionPlans/write",
"Microsoft.Network/ddosProtectionPlans/join/action",
"Microsoft.SaaS/register/action",
"Microsoft.SaaS/applications/write",
"Microsoft.SaaS/saasresources/write",
"Microsoft.SaaS/resources/write",
"Microsoft.SaaS/applications/delete",
"Microsoft.SaaS/saasresources/delete",
"Microsoft.SaaS/resources/delete",
"Microsoft.LabServices/*"
],
"dataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
],
"notDataActions": []
}
]
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment