title | description | ms.service | ms.topic | ms.workload | author | manager | ms.author | ms.date | ms.custom |
---|---|---|---|---|---|---|---|---|---|
Azure permissions - Azure RBAC |
Lists the permissions for Azure resource providers. |
role-based-access-control |
reference |
identity |
rolyon |
amycolannino |
rolyon |
09/20/2024 |
generated |
This article lists the permissions for Azure resource providers, which are used in built-in roles. You can use these permissions in your own Azure custom roles to provide granular access control to resources in Azure. The permissions are always evolving. To get the latest permissions, use Get-AzProviderOperation or az provider operation list.
Click the resource provider name in the following list to see the list of permissions.
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.Addons core Microsoft.Capacity core Microsoft.Commerce core Microsoft.Marketplace core Microsoft.MarketplaceOrdering core Microsoft.Quota Azure Quotas Microsoft.Subscription core Microsoft.Support core
[!div class="mx-tableFixed"]
Resource provider Description Azure service microsoft.app Azure Container Apps Microsoft.AppPlatform A fully managed Spring Cloud service, built and operated with Pivotal. Azure Spring Apps Microsoft.AVS Azure VMware Solution Microsoft.Batch Cloud-scale job scheduling and compute management. Batch Microsoft.ClassicCompute Classic deployment model virtual machine Microsoft.Compute Access cloud compute capacity and scale on demand (such as virtual machines) and only pay for the resources you use. Virtual Machines
Virtual Machine Scale SetsMicrosoft.ComputeSchedule Azure Virtual Desktop microsoft.connectedvmwarevsphere Azure Arc-enabled VMware vSphere Microsoft.DesktopVirtualization The best virtual desktop experience, delivered on Azure. Azure Virtual Desktop Microsoft.ServiceFabric Develop microservices and orchestrate containers on Windows or Linux. Service Fabric
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.Cdn Ensure secure, reliable content delivery with broad global reach. Content Delivery Network Microsoft.ClassicNetwork Classic deployment model virtual network Microsoft.MobileNetwork Azure Private 5G Core Microsoft.Network Connect cloud and on-premises infrastructure and services to provide your customers and users the best possible experience. Application Gateway
Azure Bastion
Azure DDoS Protection
Azure DNS
Azure ExpressRoute
Azure Firewall
Azure Front Door Service
Azure Private Link
Azure Route Server
Load Balancer
Network Watcher
Traffic Manager
Virtual Network
Virtual Network NAT
Virtual Network Manager
Virtual WAN
VPN Gateway
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.ClassicStorage Classic deployment model storage Microsoft.DataShare A simple and safe service for sharing big data with external organizations. Azure Data Share Microsoft.ElasticSan Azure Elastic SAN Microsoft.NetApp Enterprise-grade Azure file shares, powered by NetApp. Azure NetApp Files Microsoft.Storage Get secure, massively scalable cloud storage for your data, apps, and workloads. Storage Microsoft.StorageCache File caching and Lustre file system capabilities for high-performance computing (HPC). Azure HPC Cache
Azure Managed LustreMicrosoft.StorageSync Storage
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.CertificateRegistration Allow an application to use its own credentials for authentication. App Service Certificates Microsoft.DomainRegistration App Service Microsoft.Maps Simple and secure location APIs provide geospatial context to data. Azure Maps Microsoft.Media Encode, store, and stream video and audio at scale. Media Services Microsoft.SignalRService Add real-time web functionalities easily. Azure SignalR Service microsoft.web Quickly create and deploy mission critical web apps at scale. App Service
Azure Functions
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.ContainerInstance Easily run containers on Azure without managing servers. Container Instances Microsoft.ContainerRegistry Store and manage container images across all types of Azure deployments. Container Registry Microsoft.ContainerService Accelerate your containerized application development without compromising security. Azure Kubernetes Service (AKS) Microsoft.RedHatOpenShift Azure Red Hat OpenShift
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.Cache Power applications with high-throughput, low-latency data access. Azure Cache for Redis Microsoft.DBforMariaDB Managed MariaDB database service for app developers. Azure Database for MariaDB Microsoft.DBforMySQL Managed MySQL database service for app developers. Azure Database for MySQL Microsoft.DBforPostgreSQL Managed PostgreSQL database service for app developers. Azure Database for PostgreSQL Microsoft.DocumentDB A NoSQL document database-as-a-service. Azure Cosmos DB Microsoft.Sql Managed, intelligent SQL in the cloud. Azure SQL Database
Azure SQL Managed Instance
Azure Synapse AnalyticsMicrosoft.SqlVirtualMachine Host enterprise SQL Server apps in the cloud. SQL Server on Azure Virtual Machines
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.AnalysisServices Enterprise-grade analytics engine as a service. Azure Analysis Services Microsoft.Databricks Fast, easy, and collaborative Apache Spark-based analytics platform. Azure Databricks Microsoft.DataFactory Hybrid data integration at enterprise scale, made easy. Data Factory Microsoft.DataLakeAnalytics Distributed analytics service that makes big data easy. Data Lake Analytics Microsoft.DataLakeStore Highly scalable and cost-effective data lake solution for big data analytics. Azure Data Lake Storage Gen2 Microsoft.HDInsight Provision cloud Hadoop, Spark, R Server, HBase, and Storm clusters. HDInsight Microsoft.Kusto Service for storing and running interactive analytics over Big Data. Azure Data Explorer Microsoft.PowerBIDedicated Manage Power BI Premium dedicated capacities for exclusive use by an organization. Power BI Embedded Microsoft.Purview Microsoft Purview Microsoft.Synapse Azure Synapse Analytics
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.AgFoodPlatform Microsoft Azure Data Manager for Agriculture Microsoft.BotService Intelligent, serverless bot service that scales on demand. Azure Bot Service Microsoft.CognitiveServices Add smart API capabilities to enable contextual interactions. Cognitive Services Microsoft.HealthBot Azure AI Health Bot Microsoft.MachineLearningServices Enterprise-grade machine learning service to build and deploy models faster. Machine Learning Microsoft.Search Leverage search services and get comprehensive results. Azure AI Search
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.AzureSphere Azure Sphere Microsoft.Devices Ensure that your users are accessing your resources from devices that meet your standards for security and compliance. IoT Hub
IoT Hub Device Provisioning ServiceMicrosoft.DeviceUpdate Device Update for IoT Hub Microsoft.DigitalTwins Azure Digital Twins Microsoft.IoTCentral Experience the simplicity of SaaS for IoT, with no cloud expertise required. IoT Central Microsoft.IoTFirmwareDefense Microsoft Defender for IoT Microsoft.IoTSecurity IoT security Microsoft.StreamAnalytics Real-time data stream processing from millions of IoT devices. Stream Analytics
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.MixedReality Blend your physical and digital worlds to create immersive, collaborative experiences. Azure Spatial Anchors
[!div class="mx-tableFixed"]
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.AAD Join Azure virtual machines to a domain without domain controllers. Microsoft Entra Domain Services microsoft.aadiam Microsoft.ADHybridHealthService Robust monitoring of your on-premises identity infrastructure. Microsoft Entra ID Microsoft.AzureActiveDirectory Synchronize on-premises directories and enable single sign-on. Azure Active Directory B2C Microsoft.ManagedIdentity An automatically managed identity in Microsoft Entra ID that authenticates to any service that supports Microsoft Entra Managed identities for Azure resources
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.AppComplianceAutomation App Compliance Automation Tool for Microsoft 365 Microsoft.DataProtection Data Protection Microsoft.KeyVault Safeguard and maintain control of keys and other secrets. Key Vault Microsoft.Security Protect your enterprise from advanced threats across hybrid cloud workloads. Security Center Microsoft.SecurityGraph Microsoft.SecurityInsights Microsoft Sentinel
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.Chaos Azure Chaos Studio Microsoft.DevCenter Azure Deployment Environments Microsoft.DevTestLab Quickly create environments using reusable templates and artifacts. Azure Lab Services Microsoft.LabServices Set up labs for classrooms, trials, development and testing, and other scenarios. Azure Lab Services Microsoft.LoadTestService Azure Load Testing Microsoft.VisualStudio The powerful and flexible environment for developing applications in the cloud. Azure DevOps
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.DataBox Move stored or in-flight data to Azure quickly and cost-effectively. Azure Data Box Microsoft.DataBoxEdge Appliances and solutions for data transfer to Azure and edge compute. Azure Stack Edge Microsoft.DataMigration Simplify on-premises database migration to the cloud. Azure Database Migration Service Microsoft.Migrate Easily discover, assess, right-size, and migrate your on-premises VMs to Azure. Azure Migrate Microsoft.OffAzure Azure Migrate
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.AlertsManagement Analyze all of the alerts in your Log Analytics repository. Azure Monitor Microsoft.Dashboard Azure Managed Grafana Microsoft.Insights Full observability into your applications, infrastructure, and network. Azure Monitor microsoft.monitor Azure Monitor Microsoft.OperationalInsights Azure Monitor Microsoft.OperationsManagement A simplified management solution for any enterprise. Azure Monitor
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.Advisor Your personalized Azure best practices recommendation engine. Azure Advisor Microsoft.Authorization Azure Policy
Azure RBAC
Azure Resource ManagerMicrosoft.Automation Simplify cloud management with process automation. Automation Microsoft.Billing Manage your subscriptions and see usage and billing. Cost Management + Billing Microsoft.BillingBenefits Azure savings plans Microsoft.Blueprint Enabling quick, repeatable creation of governed environments. Azure Blueprints Microsoft.Carbon Azure carbon optimization Microsoft.Consumption Programmatic access to cost and usage data for your Azure resources. Cost Management Microsoft.CostManagement Optimize what you spend on the cloud, while maximizing cloud potential. Cost Management Microsoft.CustomerLockbox Interface for customers to review and approve or reject customer data access requests. Customer Lockbox for Microsoft Azure Microsoft.Features Azure Resource Manager Microsoft.GuestConfiguration Audit settings inside a machine using Azure Policy. Azure Policy Microsoft.Intune Enable your workforce to be productive on all their devices, while keeping your organization's information protected. Microsoft.Maintenance Azure Maintenance
Azure Update ManagerMicrosoft.ManagedServices Azure Lighthouse Microsoft.Management Use management groups to efficiently apply governance controls and manage groups of Azure subscriptions. Management Groups Microsoft.PolicyInsights Summarize policy states for the subscription level policy definition. Azure Policy Microsoft.Portal Build, manage, and monitor all Azure products in a single, unified console. Azure portal Microsoft.RecoveryServices Hold and organize backup data for various Azure services such as IaaS VMs (Linux or Windows) and Azure SQL databases. Site Recovery Microsoft.ResourceGraph Powerful tool to query, explore, and analyze your cloud resources at scale. Azure Resource Graph Microsoft.ResourceHealth Diagnose and get support for service problems that affect your Azure resources. Azure Service Health Microsoft.Resources Deployment and management service for Azure that enables you to create, update, and delete resources in your Azure subscription. Azure Resource Manager Microsoft.Solutions Find the solution to meet the needs of your application or business. Azure Managed Applications Microsoft.Workloads SAP on Azure
[!div class="mx-tableFixed"]
Resource provider Description Azure service Microsoft.AzureStack Build and run innovative hybrid applications across cloud boundaries. Azure Stack Microsoft.AzureStackHCI Azure Stack HCI Microsoft.ExtendedLocation Custom locations Microsoft.HybridCompute Azure Arc Microsoft.HybridConnectivity Microsoft.HybridContainerService Microsoft.Kubernetes Azure Arc-enabled Kubernetes Microsoft.KubernetesConfiguration Azure Arc-enabled Kubernetes Microsoft.ResourceConnector