Package com.azure.resourcemanager.authorization.models

Class BuiltInRole

  • public final class BuiltInRole
extends com.azure.core.util.ExpandableStringEnum<BuiltInRole>
    Defines values for roles.

    • Field Detail

      • API_MANAGEMENT_SERVICE_CONTRIBUTOR

        public static final BuiltInRole API_MANAGEMENT_SERVICE_CONTRIBUTOR
        A role that can manage API Management service and the APIs.

      • API_MANAGEMENT_SERVICE_OPERATOR_ROLE

        public static final BuiltInRole API_MANAGEMENT_SERVICE_OPERATOR_ROLE
        A role that can manage API Management service, but not the APIs themselves.

      • API_MANAGEMENT_SERVICE_READER_ROLE

        public static final BuiltInRole API_MANAGEMENT_SERVICE_READER_ROLE
        A role that has read-only access to API Management service and APIs.

      • APPLICATION_INSIGHTS_COMPONENT_CONTRIBUTOR

        public static final BuiltInRole APPLICATION_INSIGHTS_COMPONENT_CONTRIBUTOR
        A role that can manage Application Insights components.

      • AUTOMATION_OPERATOR

        public static final BuiltInRole AUTOMATION_OPERATOR
        A role that is able to start, stop, suspend, and resume jobs.

      • BACKUP_CONTRIBUTOR

        public static final BuiltInRole BACKUP_CONTRIBUTOR
        A role that can manage backup in Recovery Services vault.

      • BACKUP_OPERATOR

        public static final BuiltInRole BACKUP_OPERATOR
        A role that can manage backup except removing backup, in Recovery Services vault.

      • BACKUP_READER

        public static final BuiltInRole BACKUP_READER
        A role that can view all backup management services.

      • BILLING_READER

        public static final BuiltInRole BILLING_READER
        A role that can view all billing information.

      • BIZTALK_CONTRIBUTOR

        public static final BuiltInRole BIZTALK_CONTRIBUTOR
        A role that can manage BizTalk services.

      • CLEARDB_MYSQL_DB_CONTRIBUTOR

        public static final BuiltInRole CLEARDB_MYSQL_DB_CONTRIBUTOR
        A role that can manage ClearDB MySQL databases.

      • CONTRIBUTOR

        public static final BuiltInRole CONTRIBUTOR
        A role that can manage everything except access..

      • DATA_FACTORY_CONTRIBUTOR

        public static final BuiltInRole DATA_FACTORY_CONTRIBUTOR
        A role that can create and manage data factories, and child resources within them..

      • DEVTEST_LABS_USER

        public static final BuiltInRole DEVTEST_LABS_USER
        A role that can view everything and connect, start, restart, and shutdown virtual machines.

      • DNS_ZONE_CONTRIBUTOR

        public static final BuiltInRole DNS_ZONE_CONTRIBUTOR
        A role that can manage DNS zones and records.

      • AZURE_COSMOS_DB_ACCOUNT_CONTRIBUTOR

        public static final BuiltInRole AZURE_COSMOS_DB_ACCOUNT_CONTRIBUTOR
        A role that can manage Azure Cosmos DB accounts.

      • INTELLIGENT_SYSTEMS_ACCOUNT_CONTRIBUTOR

        public static final BuiltInRole INTELLIGENT_SYSTEMS_ACCOUNT_CONTRIBUTOR
        A role that can manage Intelligent Systems accounts.

      • MANAGED_IDENTITY_CONTRIBUTOR

        public static final BuiltInRole MANAGED_IDENTITY_CONTRIBUTOR
        A role that can manage user assigned identities.

      • MANAGED_IDENTITY_OPERATOR

        public static final BuiltInRole MANAGED_IDENTITY_OPERATOR
        A role that can read and assign user assigned identities.

      • MONITORING_READER

        public static final BuiltInRole MONITORING_READER
        A role that can read all monitoring data.

      • MONITORING_CONTRIBUTOR

        public static final BuiltInRole MONITORING_CONTRIBUTOR
        A role that can read monitoring data and edit monitoring settings.

      • NETWORK_CONTRIBUTOR

        public static final BuiltInRole NETWORK_CONTRIBUTOR
        A role that can manage all network resources.

      • NEW_RELIC_APM_ACCOUNT_CONTRIBUTOR

        public static final BuiltInRole NEW_RELIC_APM_ACCOUNT_CONTRIBUTOR
        A role that can manage New Relic Application Performance Management accounts and applications.

      • OWNER

        public static final BuiltInRole OWNER
        A role that can manage everything, including access.

      • READER

        public static final BuiltInRole READER
        A role that can view everything, but can't make changes.

      • REDIS_CACHE_CONTRIBUTOR

        public static final BuiltInRole REDIS_CACHE_CONTRIBUTOR
        A role that can manage Redis caches.

      • SCHEDULER_JOB_COLLECTIONS_CONTRIBUTOR

        public static final BuiltInRole SCHEDULER_JOB_COLLECTIONS_CONTRIBUTOR
        A role that can manage scheduler job collections.

      • SEARCH_SERVICE_CONTRIBUTOR

        public static final BuiltInRole SEARCH_SERVICE_CONTRIBUTOR
        A role that can manage search services.

      • SECURITY_MANAGER

        public static final BuiltInRole SECURITY_MANAGER
        A role that can manage security components, security policies, and virtual machines.

      • SQL_DB_CONTRIBUTOR

        public static final BuiltInRole SQL_DB_CONTRIBUTOR
        A role that can manage SQL databases, but not their security-related policies.

      • SQL_SECURITY_MANAGER

        public static final BuiltInRole SQL_SECURITY_MANAGER
        A role that can manage the security-related policies of SQL servers and databases.

      • SQL_SERVER_CONTRIBUTOR

        public static final BuiltInRole SQL_SERVER_CONTRIBUTOR
        A role that can manage SQL servers and databases, but not their security-related policies.

      • CLASSIC_STORAGE_ACCOUNT_CONTRIBUTOR

        public static final BuiltInRole CLASSIC_STORAGE_ACCOUNT_CONTRIBUTOR
        A role that can manage classic storage accounts.

      • STORAGE_ACCOUNT_CONTRIBUTOR

        public static final BuiltInRole STORAGE_ACCOUNT_CONTRIBUTOR
        A role that can manage storage accounts.

      • USER_ACCESS_ADMINISTRATOR

        public static final BuiltInRole USER_ACCESS_ADMINISTRATOR
        A role that can manage user access to Azure resources.

      • CLASSIC_VIRTUAL_MACHINE_CONTRIBUTOR

        public static final BuiltInRole CLASSIC_VIRTUAL_MACHINE_CONTRIBUTOR
        A role that can manage classic virtual machines, but not the virtual network or storage account to which they are connected.

      • VIRTUAL_MACHINE_CONTRIBUTOR

        public static final BuiltInRole VIRTUAL_MACHINE_CONTRIBUTOR
        A role that can manage virtual machines, but not the virtual network or storage account to which they are connected.

      • CLASSIC_NETWORK_CONTRIBUTOR

        public static final BuiltInRole CLASSIC_NETWORK_CONTRIBUTOR
        A role that can manage classic virtual networks and reserved IPs.

      • WEB_PLAN_CONTRIBUTOR

        public static final BuiltInRole WEB_PLAN_CONTRIBUTOR
        A role that can manage web plans.

      • WEBSITE_CONTRIBUTOR

        public static final BuiltInRole WEBSITE_CONTRIBUTOR
        A role that can manage websites, but not the web plans to which they are connected.

      • KEY_VAULT_CONTRIBUTOR

        public static final BuiltInRole KEY_VAULT_CONTRIBUTOR
        A role that can manage key vaults, but not access to them.

      • STORAGE_ACCOUNT_KEY_OPERATOR_SERVICE_ROLE

        public static final BuiltInRole STORAGE_ACCOUNT_KEY_OPERATOR_SERVICE_ROLE
        Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts.

      • STORAGE_BLOB_DATA_CONTRIBUTOR

        public static final BuiltInRole STORAGE_BLOB_DATA_CONTRIBUTOR
        Allows for read, write and delete access to Azure Storage blob containers and data.

      • STORAGE_BLOB_DATA_OWNER

        public static final BuiltInRole STORAGE_BLOB_DATA_OWNER
        Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.

      • STORAGE_BLOB_DATA_READER

        public static final BuiltInRole STORAGE_BLOB_DATA_READER
        Allows for read access to Azure Storage blob containers and data.

      • STORAGE_QUEUE_DATA_CONTRIBUTOR

        public static final BuiltInRole STORAGE_QUEUE_DATA_CONTRIBUTOR
        Allows for read, write, and delete access to Azure Storage queues and queue messages.

      • STORAGE_QUEUE_DATA_MESSAGE_PROCESSOR

        public static final BuiltInRole STORAGE_QUEUE_DATA_MESSAGE_PROCESSOR
        Allows for peek, receive, and delete access to Azure Storage queue messages.

      • STORAGE_QUEUE_DATA_MESSAGE_SENDER

        public static final BuiltInRole STORAGE_QUEUE_DATA_MESSAGE_SENDER
        Allows for sending of Azure Storage queue messages.

      • STORAGE_QUEUE_DATA_READER

        public static final BuiltInRole STORAGE_QUEUE_DATA_READER
        Allows for read access to Azure Storage queues and queue messages.

      • STORAGE_FILE_DATA_SMB_SHARE_READER

        public static final BuiltInRole STORAGE_FILE_DATA_SMB_SHARE_READER
        Allows for read access to Azure File Share over SMB.

      • STORAGE_FILE_DATA_SMB_SHARE_CONTRIBUTOR

        public static final BuiltInRole STORAGE_FILE_DATA_SMB_SHARE_CONTRIBUTOR
        Allows for read, write, and delete access in Azure Storage file shares over SMB.

      • KEY_VAULT_ADMINISTRATOR

        public static final BuiltInRole KEY_VAULT_ADMINISTRATOR
        Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets.

      • KEY_VAULT_CRYPTO_OFFICER

        public static final BuiltInRole KEY_VAULT_CRYPTO_OFFICER
        Perform any action on the keys of a key vault, except manage permissions.

      • KEY_VAULT_CRYPTO_USER

        public static final BuiltInRole KEY_VAULT_CRYPTO_USER
        Perform cryptographic operations using keys.

      • KEY_VAULT_SECRETS_OFFICER

        public static final BuiltInRole KEY_VAULT_SECRETS_OFFICER
        Perform any action on the secrets of a key vault, except manage permissions.

      • KEY_VAULT_SECRETS_USER

        public static final BuiltInRole KEY_VAULT_SECRETS_USER
        Read secret contents.

      • KEY_VAULT_CERTIFICATES_OFFICER

        public static final BuiltInRole KEY_VAULT_CERTIFICATES_OFFICER
        Perform any action on the certificates of a key vault, except manage permissions.

      • KEY_VAULT_READER

        public static final BuiltInRole KEY_VAULT_READER
        Read metadata of key vaults and its certificates, keys, and secrets.

      • KEY_VAULT_CRYPTO_SERVICE_ENCRYPTION_USER

        public static final BuiltInRole KEY_VAULT_CRYPTO_SERVICE_ENCRYPTION_USER
        Read metadata of keys and perform wrap/unwrap operations.

    • Constructor Detail

      • BuiltInRole

        public BuiltInRole()

    • Method Detail

      • fromString

        public static BuiltInRole fromString​(String name)
        Finds or creates a role instance based on the specified name.
        Parameters:
        name - a name
        Returns:
        a BuiltInRole instance