-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathpolaris-custom-role-cloud-native-protection.json
69 lines (69 loc) · 3.58 KB
/
polaris-custom-role-cloud-native-protection.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
{
"id": "/subscriptions/abcdefgh-1234-abcd-1234-abcdefghijkl/providers/Microsoft.Authorization/roleDefinitions/01234567-abcd-1234-abcd-123456789012",
"properties": {
"roleName": "Rubrik Polaris CLOUD_NATIVE_PROTECTION - 01234567-abcd-1234-abcd-123456789012",
"description": "Rubrik Polaris role for CLOUD_NATIVE_PROTECTION",
"assignableScopes": [
"/subscriptions/abcdefgh-1234-abcd-1234-abcdefghijkl"
],
"permissions": [
{
"actions": [
"Microsoft.Compute/disks/*",
"Microsoft.Compute/locations/vmSizes/read",
"Microsoft.Compute/skus/read",
"Microsoft.Compute/snapshots/*",
"Microsoft.Compute/virtualMachines/delete",
"Microsoft.Compute/virtualMachines/instanceView/read",
"Microsoft.Compute/virtualMachines/powerOff/action",
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Compute/virtualMachines/restart/action",
"Microsoft.Compute/virtualMachines/start/action",
"Microsoft.Compute/virtualMachines/write",
"Microsoft.Network/applicationSecurityGroups/joinIpConfiguration/action",
"Microsoft.Network/applicationSecurityGroups/joinNetworkSecurityRule/action",
"Microsoft.Network/applicationSecurityGroups/listIpConfigurations/action",
"Microsoft.Network/applicationSecurityGroups/read",
"Microsoft.Network/networkInterfaces/delete",
"Microsoft.Network/networkInterfaces/ipconfigurations/read",
"Microsoft.Network/networkInterfaces/join/action",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Network/networkInterfaces/write",
"Microsoft.Network/networkSecurityGroups/join/action",
"Microsoft.Network/networkSecurityGroups/read",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/virtualNetworks/subnets/read",
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Resources/checkResourceName/action",
"Microsoft.Resources/subscriptions/locations/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/resourceGroups/resources/read",
"Microsoft.Resources/subscriptions/resourceGroups/write",
"Microsoft.Resources/subscriptions/resources/read",
"Microsoft.KeyVault/vaults/deploy/action",
"Microsoft.Compute/virtualMachines/extensions/write",
"Microsoft.Authorization/locks/*",
"Microsoft.Network/networkSecurityGroups/delete",
"Microsoft.Network/networkSecurityGroups/write",
"Microsoft.Storage/storageAccounts/write",
"Microsoft.Storage/storageAccounts/listServiceSas/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Compute/availabilitySets/read",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Compute/diskEncryptionSets/read",
"Microsoft.Compute/galleries/images/versions/read",
"Microsoft.Storage/storageAccounts/listkeys/action"
],
"notActions": [],
"dataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read"
],
"notDataActions": []
}
]
}
}