> For the complete documentation index, see [llms.txt](https://docs.forestall.io/fsprotect/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.forestall.io/fsprotect/search-and-reports/azure-entities/azure-resource-management/armrole.md). # ARMRole The **ARMRole** entity represents an Azure Resource Manager (ARM) role definition used for role-based access control (RBAC). | Field | Type | Possible Operators | Description | | ------------------------- | ------- | ------------------------------------------------------------------ | -------------------------------------------------- | | Guid | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Unique identifier for the entity in FSProtect | | ObjectID | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Azure Object ID of the ARM role | | FSName | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Display name used in FSProtect | | DisplayName | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Display name of the ARM role | | Description | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Description of the ARM role | | IsAZPrivileged | BOOLEAN | True / False | Whether the role grants privileged access in Azure | | IsStealth | BOOLEAN | True / False | Whether the role is a stealth (shadow) admin role | | IsAdmin | BOOLEAN | True / False | Whether the role grants admin privileges | | Enabled | BOOLEAN | True / False | Whether the role is enabled | | IsBuiltIn | BOOLEAN | True / False | Whether the role is a built-in Azure ARM role | | RolePermissionsAllowed | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Actions allowed by the role | | RolePermissionsNotAllowed | TEXT | Like, Not Like, Equal, Not Equal, Is Empty | Actions denied by the role | | AZTier | NUMBER | Equal, Between, Smaller, Larger, Smaller or Equal, Larger or Equal | Azure tier classification assigned by FSProtect | --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.forestall.io/fsprotect/search-and-reports/azure-entities/azure-resource-management/armrole.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.