ARMRole

The ARMRole entity represents an Azure Resource Manager (ARM) role definition used for role-based access control (RBAC).

Field

Type

Possible Operators

Description

Guid

TEXT

Like, Not Like, Equal, Not Equal, Is Empty

Unique identifier for the entity in FSProtect

ObjectID

TEXT

Like, Not Like, Equal, Not Equal, Is Empty

Azure Object ID of the ARM role

FSName

TEXT

Like, Not Like, Equal, Not Equal, Is Empty

Display name used in FSProtect

DisplayName

TEXT

Like, Not Like, Equal, Not Equal, Is Empty

Display name of the ARM role

Description

TEXT

Like, Not Like, Equal, Not Equal, Is Empty

Description of the ARM role

IsAZPrivileged

BOOLEAN

True / False

Whether the role grants privileged access in Azure

IsStealth

BOOLEAN

True / False

Whether the role is a stealth (shadow) admin role

IsAdmin

BOOLEAN

True / False

Whether the role grants admin privileges

Enabled

BOOLEAN

True / False

Whether the role is enabled

IsBuiltIn

BOOLEAN

True / False

Whether the role is a built-in Azure ARM role

RolePermissionsAllowed

TEXT

Like, Not Like, Equal, Not Equal, Is Empty

Actions allowed by the role

RolePermissionsNotAllowed

TEXT

Like, Not Like, Equal, Not Equal, Is Empty

Actions denied by the role

AZTier

NUMBER

Equal, Between, Smaller, Larger, Smaller or Equal, Larger or Equal

Azure tier classification assigned by FSProtect

PreviousKeyVault NextMicrosoft Teams

Last updated 6 days ago

Was this helpful?