Role Information
Details and metadata
865ae368-6a45-4bd1-8fbf-0d5151f56fc1
Change History
Track all modifications to this role since 2025-12-15 01:08:16+00:00
Updated On
Event Type
Summary & Details
2025-12-18 16:39:09
Updated
properties.updatedOn, properties.permissions
Show full JSON diff
{
"id": "/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1",
"name": "865ae368-6a45-4bd1-8fbf-0d5151f56fc1",
"properties": {
"assignableScopes": [
"/"
],
"createdBy": null,
"createdOn": "2023-10-12T15:28:49.635Z",
"description": "Microsoft.AzureStackHCI Device Management Role",
"permissions": [
{
"actions": [
"Microsoft.AzureStackHCI/Clusters/*",
"Microsoft.AzureStackHCI/EdgeDevices/*",
"Microsoft.AzureStackHCI/DevicePools/*/read",
"Microsoft.AzureStackHCI/EdgeMachines/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.HybridContainerService/register/action",
"Microsoft.HybridContainerService/kubernetesVersions/read",
"Microsoft.HybridContainerService/kubernetesVersions/write",
"Microsoft.HybridContainerService/skus/read",
"Microsoft.HybridContainerService/skus/write",
"Microsoft.Authorization/roleassignments/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.AzureStackHCI/StorageContainers/Write",
"Microsoft.AzureStackHCI/StorageContainers/Read",
+ "Microsoft.AzureStackHCI/LogicalNetworks/Read",
+ "Microsoft.AzureStackHCI/LogicalNetworks/Write",
"Microsoft.AzureStackHCI/Register/Action",
"Microsoft.GuestConfiguration/guestConfigurationAssignments/read",
"Microsoft.KubernetesConfiguration/extensions/write",
"Microsoft.KubernetesConfiguration/extensions/read",
"Microsoft.KubernetesConfiguration/extensions/delete",
"Microsoft.KubernetesConfiguration/extensions/operations/read",
"Microsoft.KubernetesConfiguration/namespaces/read",
"Microsoft.KubernetesConfiguration/operations/read",
"Microsoft.ResourceConnector/appliances/read",
"Microsoft.ResourceConnector/appliances/write",
"Microsoft.ResourceConnector/appliances/delete",
"Microsoft.ResourceConnector/locations/operationresults/read",
"Microsoft.ResourceConnector/locations/operationsstatus/read",
"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action",
"Microsoft.ResourceConnector/appliances/listKeys/action",
"Microsoft.ResourceConnector/appliances/upgradeGraphs/read",
"Microsoft.ResourceConnector/telemetryconfig/read",
"Microsoft.ResourceConnector/operations/read",
"Microsoft.ExtendedLocation/customLocations/deploy/action",
"Microsoft.ExtendedLocation/customLocations/read",
"Microsoft.ExtendedLocation/customLocations/write",
"Microsoft.ExtendedLocation/customLocations/delete"
],
"dataActions": [],
"notActions": [],
"notDataActions": []
}
],
"roleName": "Azure Stack HCI Device Management Role",
"type": "BuiltInRole",
"updatedBy": null,
- "updatedOn": "2025-02-13T16:18:52.793Z"
+ "updatedOn": "2025-12-18T16:39:09.147Z"
},
"type": "Microsoft.Authorization/roleDefinitions"
}
2025-12-18 16:39:09
Updated
properties.updatedOn, properties.permissions
View details
{
"id": "/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1",
"name": "865ae368-6a45-4bd1-8fbf-0d5151f56fc1",
"properties": {
"assignableScopes": [
"/"
],
"createdBy": null,
"createdOn": "2023-10-12T15:28:49.635Z",
"description": "Microsoft.AzureStackHCI Device Management Role",
"permissions": [
{
"actions": [
"Microsoft.AzureStackHCI/Clusters/*",
"Microsoft.AzureStackHCI/EdgeDevices/*",
"Microsoft.AzureStackHCI/DevicePools/*/read",
"Microsoft.AzureStackHCI/EdgeMachines/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.HybridContainerService/register/action",
"Microsoft.HybridContainerService/kubernetesVersions/read",
"Microsoft.HybridContainerService/kubernetesVersions/write",
"Microsoft.HybridContainerService/skus/read",
"Microsoft.HybridContainerService/skus/write",
"Microsoft.Authorization/roleassignments/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.AzureStackHCI/StorageContainers/Write",
"Microsoft.AzureStackHCI/StorageContainers/Read",
+ "Microsoft.AzureStackHCI/LogicalNetworks/Read",
+ "Microsoft.AzureStackHCI/LogicalNetworks/Write",
"Microsoft.AzureStackHCI/Register/Action",
"Microsoft.GuestConfiguration/guestConfigurationAssignments/read",
"Microsoft.KubernetesConfiguration/extensions/write",
"Microsoft.KubernetesConfiguration/extensions/read",
"Microsoft.KubernetesConfiguration/extensions/delete",
"Microsoft.KubernetesConfiguration/extensions/operations/read",
"Microsoft.KubernetesConfiguration/namespaces/read",
"Microsoft.KubernetesConfiguration/operations/read",
"Microsoft.ResourceConnector/appliances/read",
"Microsoft.ResourceConnector/appliances/write",
"Microsoft.ResourceConnector/appliances/delete",
"Microsoft.ResourceConnector/locations/operationresults/read",
"Microsoft.ResourceConnector/locations/operationsstatus/read",
"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action",
"Microsoft.ResourceConnector/appliances/listKeys/action",
"Microsoft.ResourceConnector/appliances/upgradeGraphs/read",
"Microsoft.ResourceConnector/telemetryconfig/read",
"Microsoft.ResourceConnector/operations/read",
"Microsoft.ExtendedLocation/customLocations/deploy/action",
"Microsoft.ExtendedLocation/customLocations/read",
"Microsoft.ExtendedLocation/customLocations/write",
"Microsoft.ExtendedLocation/customLocations/delete"
],
"dataActions": [],
"notActions": [],
"notDataActions": []
}
],
"roleName": "Azure Stack HCI Device Management Role",
"type": "BuiltInRole",
"updatedBy": null,
- "updatedOn": "2025-02-13T16:18:52.793Z"
+ "updatedOn": "2025-12-18T16:39:09.147Z"
},
"type": "Microsoft.Authorization/roleDefinitions"
}
2025-02-13 16:18:52
Initial Scan
Show full JSON
{
"properties": {
"roleName": "Azure Stack HCI Device Management Role",
"type": "BuiltInRole",
"description": "Microsoft.AzureStackHCI Device Management Role",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.AzureStackHCI/Clusters/*",
"Microsoft.AzureStackHCI/EdgeDevices/*",
"Microsoft.AzureStackHCI/DevicePools/*/read",
"Microsoft.AzureStackHCI/EdgeMachines/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.HybridContainerService/register/action",
"Microsoft.HybridContainerService/kubernetesVersions/read",
"Microsoft.HybridContainerService/kubernetesVersions/write",
"Microsoft.HybridContainerService/skus/read",
"Microsoft.HybridContainerService/skus/write",
"Microsoft.Authorization/roleassignments/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.AzureStackHCI/StorageContainers/Write",
"Microsoft.AzureStackHCI/StorageContainers/Read",
"Microsoft.AzureStackHCI/LogicalNetworks/Read",
"Microsoft.AzureStackHCI/LogicalNetworks/Write",
"Microsoft.AzureStackHCI/Register/Action",
"Microsoft.GuestConfiguration/guestConfigurationAssignments/read",
"Microsoft.KubernetesConfiguration/extensions/write",
"Microsoft.KubernetesConfiguration/extensions/read",
"Microsoft.KubernetesConfiguration/extensions/delete",
"Microsoft.KubernetesConfiguration/extensions/operations/read",
"Microsoft.KubernetesConfiguration/namespaces/read",
"Microsoft.KubernetesConfiguration/operations/read",
"Microsoft.ResourceConnector/appliances/read",
"Microsoft.ResourceConnector/appliances/write",
"Microsoft.ResourceConnector/appliances/delete",
"Microsoft.ResourceConnector/locations/operationresults/read",
"Microsoft.ResourceConnector/locations/operationsstatus/read",
"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action",
"Microsoft.ResourceConnector/appliances/listKeys/action",
"Microsoft.ResourceConnector/appliances/upgradeGraphs/read",
"Microsoft.ResourceConnector/telemetryconfig/read",
"Microsoft.ResourceConnector/operations/read",
"Microsoft.ExtendedLocation/customLocations/deploy/action",
"Microsoft.ExtendedLocation/customLocations/read",
"Microsoft.ExtendedLocation/customLocations/write",
"Microsoft.ExtendedLocation/customLocations/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2023-10-12T15:28:49.635Z",
"updatedOn": "2025-12-18T16:39:09.147Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "865ae368-6a45-4bd1-8fbf-0d5151f56fc1"
}
2025-02-13 16:18:52
Initial Scan
View details
{
"properties": {
"roleName": "Azure Stack HCI Device Management Role",
"type": "BuiltInRole",
"description": "Microsoft.AzureStackHCI Device Management Role",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.AzureStackHCI/Clusters/*",
"Microsoft.AzureStackHCI/EdgeDevices/*",
"Microsoft.AzureStackHCI/DevicePools/*/read",
"Microsoft.AzureStackHCI/EdgeMachines/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.HybridContainerService/register/action",
"Microsoft.HybridContainerService/kubernetesVersions/read",
"Microsoft.HybridContainerService/kubernetesVersions/write",
"Microsoft.HybridContainerService/skus/read",
"Microsoft.HybridContainerService/skus/write",
"Microsoft.Authorization/roleassignments/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.AzureStackHCI/StorageContainers/Write",
"Microsoft.AzureStackHCI/StorageContainers/Read",
"Microsoft.AzureStackHCI/LogicalNetworks/Read",
"Microsoft.AzureStackHCI/LogicalNetworks/Write",
"Microsoft.AzureStackHCI/Register/Action",
"Microsoft.GuestConfiguration/guestConfigurationAssignments/read",
"Microsoft.KubernetesConfiguration/extensions/write",
"Microsoft.KubernetesConfiguration/extensions/read",
"Microsoft.KubernetesConfiguration/extensions/delete",
"Microsoft.KubernetesConfiguration/extensions/operations/read",
"Microsoft.KubernetesConfiguration/namespaces/read",
"Microsoft.KubernetesConfiguration/operations/read",
"Microsoft.ResourceConnector/appliances/read",
"Microsoft.ResourceConnector/appliances/write",
"Microsoft.ResourceConnector/appliances/delete",
"Microsoft.ResourceConnector/locations/operationresults/read",
"Microsoft.ResourceConnector/locations/operationsstatus/read",
"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action",
"Microsoft.ResourceConnector/appliances/listKeys/action",
"Microsoft.ResourceConnector/appliances/upgradeGraphs/read",
"Microsoft.ResourceConnector/telemetryconfig/read",
"Microsoft.ResourceConnector/operations/read",
"Microsoft.ExtendedLocation/customLocations/deploy/action",
"Microsoft.ExtendedLocation/customLocations/read",
"Microsoft.ExtendedLocation/customLocations/write",
"Microsoft.ExtendedLocation/customLocations/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2023-10-12T15:28:49.635Z",
"updatedOn": "2025-12-18T16:39:09.147Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "865ae368-6a45-4bd1-8fbf-0d5151f56fc1"
}
Latest Role JSON
Raw definition from Azure
{
"properties": {
"roleName": "Azure Stack HCI Device Management Role",
"type": "BuiltInRole",
"description": "Microsoft.AzureStackHCI Device Management Role",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.AzureStackHCI/Clusters/*",
"Microsoft.AzureStackHCI/EdgeDevices/*",
"Microsoft.AzureStackHCI/DevicePools/*/read",
"Microsoft.AzureStackHCI/EdgeMachines/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.HybridContainerService/register/action",
"Microsoft.HybridContainerService/kubernetesVersions/read",
"Microsoft.HybridContainerService/kubernetesVersions/write",
"Microsoft.HybridContainerService/skus/read",
"Microsoft.HybridContainerService/skus/write",
"Microsoft.Authorization/roleassignments/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.AzureStackHCI/StorageContainers/Write",
"Microsoft.AzureStackHCI/StorageContainers/Read",
"Microsoft.AzureStackHCI/LogicalNetworks/Read",
"Microsoft.AzureStackHCI/LogicalNetworks/Write",
"Microsoft.AzureStackHCI/Register/Action",
"Microsoft.GuestConfiguration/guestConfigurationAssignments/read",
"Microsoft.KubernetesConfiguration/extensions/write",
"Microsoft.KubernetesConfiguration/extensions/read",
"Microsoft.KubernetesConfiguration/extensions/delete",
"Microsoft.KubernetesConfiguration/extensions/operations/read",
"Microsoft.KubernetesConfiguration/namespaces/read",
"Microsoft.KubernetesConfiguration/operations/read",
"Microsoft.ResourceConnector/appliances/read",
"Microsoft.ResourceConnector/appliances/write",
"Microsoft.ResourceConnector/appliances/delete",
"Microsoft.ResourceConnector/locations/operationresults/read",
"Microsoft.ResourceConnector/locations/operationsstatus/read",
"Microsoft.ResourceConnector/appliances/listClusterUserCredential/action",
"Microsoft.ResourceConnector/appliances/listKeys/action",
"Microsoft.ResourceConnector/appliances/upgradeGraphs/read",
"Microsoft.ResourceConnector/telemetryconfig/read",
"Microsoft.ResourceConnector/operations/read",
"Microsoft.ExtendedLocation/customLocations/deploy/action",
"Microsoft.ExtendedLocation/customLocations/read",
"Microsoft.ExtendedLocation/customLocations/write",
"Microsoft.ExtendedLocation/customLocations/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2023-10-12T15:28:49.635Z",
"updatedOn": "2025-12-18T16:39:09.147Z",
"createdBy": null,
"updatedBy": null
},
"id": "/providers/Microsoft.Authorization/roleDefinitions/865ae368-6a45-4bd1-8fbf-0d5151f56fc1",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "865ae368-6a45-4bd1-8fbf-0d5151f56fc1"
}
Effective Permissions
Operations granted by this role (71 total)
Permission Patterns (from role definition)
Actions
38 patterns
Microsoft.AzureStackHCI/Clusters/*
Microsoft.AzureStackHCI/EdgeDevices/*
Microsoft.AzureStackHCI/DevicePools/*/read
Microsoft.AzureStackHCI/EdgeMachines/*/read
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.HybridContainerService/register/action
Microsoft.HybridContainerService/kubernetesVersions/read
Microsoft.HybridContainerService/kubernetesVersions/write
Microsoft.HybridContainerService/skus/read
Microsoft.HybridContainerService/skus/write
Microsoft.Authorization/roleassignments/read
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.AzureStackHCI/StorageContainers/Write
Microsoft.AzureStackHCI/StorageContainers/Read
Microsoft.AzureStackHCI/LogicalNetworks/Read
Microsoft.AzureStackHCI/LogicalNetworks/Write
Microsoft.AzureStackHCI/Register/Action
Microsoft.GuestConfiguration/guestConfigurationAssignments/read
Microsoft.KubernetesConfiguration/extensions/write
Microsoft.KubernetesConfiguration/extensions/read
Microsoft.KubernetesConfiguration/extensions/delete
Microsoft.KubernetesConfiguration/extensions/operations/read
Microsoft.KubernetesConfiguration/namespaces/read
Microsoft.KubernetesConfiguration/operations/read
Microsoft.ResourceConnector/appliances/read
Microsoft.ResourceConnector/appliances/write
Microsoft.ResourceConnector/appliances/delete
Microsoft.ResourceConnector/locations/operationresults/read
Microsoft.ResourceConnector/locations/operationsstatus/read
Microsoft.ResourceConnector/appliances/listClusterUserCredential/action
Microsoft.ResourceConnector/appliances/listKeys/action
Microsoft.ResourceConnector/appliances/upgradeGraphs/read
Microsoft.ResourceConnector/telemetryconfig/read
Microsoft.ResourceConnector/operations/read
Microsoft.ExtendedLocation/customLocations/deploy/action
Microsoft.ExtendedLocation/customLocations/read
Microsoft.ExtendedLocation/customLocations/write
Microsoft.ExtendedLocation/customLocations/delete
Control Plane Operations (71)
No matching operations
/ shown
Data Plane Operations (0)
No data plane operations granted