Back to Dashboard

Azure Container Registry secure supply chain operator service role

Azure Built-in Role

Role Information

Details and metadata

Role ID
96062cf7-95ca-4f89-9b9d-2a2aa47356af
Type
BuiltInRole
Last Updated (Azure)
2024-06-14 15:42:34

Change History

Track all modifications to this role

2024-06-14 15:42:34 Initial Scan
View details 
{
  "properties": {
    "roleName": "Azure Container Registry secure supply chain operator service role",
    "type": "BuiltInRole",
    "description": "Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.ContainerRegistry/registries/pull/read",
          "Microsoft.ContainerRegistry/registries/push/write",
          "Microsoft.ContainerRegistry/registries/artifacts/delete"
        ],
        "notActions": [],
        "dataActions": [
          "Microsoft.ContainerRegistry/registries/repositories/metadata/read",
          "Microsoft.ContainerRegistry/registries/repositories/content/read",
          "Microsoft.ContainerRegistry/registries/repositories/metadata/write",
          "Microsoft.ContainerRegistry/registries/repositories/content/write",
          "Microsoft.ContainerRegistry/registries/repositories/metadata/delete",
          "Microsoft.ContainerRegistry/registries/repositories/content/delete"
        ],
        "notDataActions": []
      }
    ],
    "createdOn": "2023-01-19T15:58:16.651Z",
    "updatedOn": "2024-06-14T15:42:34.155Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "96062cf7-95ca-4f89-9b9d-2a2aa47356af"
}

Latest Role JSON

Raw definition from Azure

{
  "properties": {
    "roleName": "Azure Container Registry secure supply chain operator service role",
    "type": "BuiltInRole",
    "description": "Grants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images",
    "assignableScopes": [
      "/"
    ],
    "permissions": [
      {
        "actions": [
          "Microsoft.ContainerRegistry/registries/pull/read",
          "Microsoft.ContainerRegistry/registries/push/write",
          "Microsoft.ContainerRegistry/registries/artifacts/delete"
        ],
        "notActions": [],
        "dataActions": [
          "Microsoft.ContainerRegistry/registries/repositories/metadata/read",
          "Microsoft.ContainerRegistry/registries/repositories/content/read",
          "Microsoft.ContainerRegistry/registries/repositories/metadata/write",
          "Microsoft.ContainerRegistry/registries/repositories/content/write",
          "Microsoft.ContainerRegistry/registries/repositories/metadata/delete",
          "Microsoft.ContainerRegistry/registries/repositories/content/delete"
        ],
        "notDataActions": []
      }
    ],
    "createdOn": "2023-01-19T15:58:16.651Z",
    "updatedOn": "2024-06-14T15:42:34.155Z",
    "createdBy": null,
    "updatedBy": null
  },
  "id": "/providers/Microsoft.Authorization/roleDefinitions/96062cf7-95ca-4f89-9b9d-2a2aa47356af",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "96062cf7-95ca-4f89-9b9d-2a2aa47356af"
}

Effective Permissions

Operations granted by this role (9 total)

Control Plane Operations (3)

Data Plane Operations (6)