AzRoleAdvertizer

last sync: 2025-Apr-30 18:25:09 UTC
this is the development/test site - data is not accurate. Go to prod

Azure Container Registry secure supply chain operator service role

Azure BuiltIn RBAC Role definition

NameAzure Container Registry secure supply chain operator service role
Id96062cf7-95ca-4f89-9b9d-2a2aa47356af
DescriptionGrants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images
CategoryNone
CreatedOn2023-01-19 15:58:15 UTC
UpdatedOn2024-06-12 15:19:54 UTC
Permissions summary Effective control plane and data plane operations: 9 (unique operations)
•delete: 3
•read: 3
•write: 3

Actions: 3
Resolved control plane operations from Actions: 3
Effective control plane operations: 3
•delete: 1
•read: 1
•write: 1

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16482

DataActions: 6
Resolved data plane operations: 6
Effective data plane operations: 6
•delete: 2
•read: 2
•write: 2

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3365
Actions
Operation Description
Microsoft.ContainerRegistry/registries/artifacts/deleteDelete artifact in a container registry.
Microsoft.ContainerRegistry/registries/pull/readPull or Get images from a container registry.
Microsoft.ContainerRegistry/registries/push/writePush or Write images to a container registry.
NotActions n/a
DataActions
Operation Description
Microsoft.ContainerRegistry/registries/repositories/content/deleteDelete artifact in a container registry.
Microsoft.ContainerRegistry/registries/repositories/content/readPull or Get images from a container registry.
Microsoft.ContainerRegistry/registries/repositories/content/writePush or Write images to a container registry.
Microsoft.ContainerRegistry/registries/repositories/metadata/deleteDelete the metadata of a repository for a container registry
Microsoft.ContainerRegistry/registries/repositories/metadata/readGets the metadata of a specific repository for a container registry
Microsoft.ContainerRegistry/registries/repositories/metadata/writeUpdates the metadata of a repository for a container registry
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2024-06-13 07:42:06 add: Role 96062cf7-95ca-4f89-9b9d-2a2aa47356af
JSON
api-version=2023-07-01-preview
Condition none