| roles/securityposture.viewer |
Read only access to all the SecurityPosture Service resources. |
Security Posture Viewer |
['resourcemanager.organizations.get', 'securityposture.operations.get', 'securityposture.postureDeployments.get', 'securityposture.postureDeployments.list', 'securityposture.postureTemplates.get', 'securityposture.postureTemplates.list', 'securityposture.postures.get', 'securityposture.postures.list'] |
|
GA |
| roles/securityposture.reportCreator |
Create access for Reports, e.g. IaC Validation Report. |
Security Posture Shift-Left Validator |
['securityposture.operations.get', 'securityposture.reports.create', 'securityposture.reports.get', 'securityposture.reports.list'] |
|
GA |
| roles/securityposture.admin |
Full access to Security Posture service APIs. |
Security Posture Admin |
['orgpolicy.constraints.list', 'orgpolicy.customConstraints.create', 'orgpolicy.customConstraints.delete', 'orgpolicy.customConstraints.get', 'orgpolicy.customConstraints.list', 'orgpolicy.customConstraints.update', 'orgpolicy.policies.create', 'orgpolicy.policies.delete', 'orgpolicy.policies.list', 'orgpolicy.policies.update', 'orgpolicy.policy.get', 'orgpolicy.policy.set', 'resourcemanager.organizations.get', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.securityhealthanalyticssettings.update', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update', 'securityposture.locations.get', 'securityposture.locations.list', 'securityposture.operations.delete', 'securityposture.operations.get', 'securityposture.operations.list', 'securityposture.postureDeployments.create', 'securityposture.postureDeployments.delete', 'securityposture.postureDeployments.get', 'securityposture.postureDeployments.list', 'securityposture.postureDeployments.update', 'securityposture.postureTemplates.get', 'securityposture.postureTemplates.list', 'securityposture.postures.create', 'securityposture.postures.delete', 'securityposture.postures.extract', 'securityposture.postures.get', 'securityposture.postures.list', 'securityposture.postures.update', 'securityposture.reports.create', 'securityposture.reports.get', 'securityposture.reports.list'] |
|
GA |
| roles/securityposture.postureDeploymentsViewer |
Read only access to the Posture Deployment resource. |
Security Posture Deployments Viewer |
['resourcemanager.organizations.get', 'securityposture.operations.get', 'securityposture.postureDeployments.get', 'securityposture.postureDeployments.list'] |
|
GA |
| roles/securityposture.postureEditor |
Mutate and read permissions to the Posture resource. |
Security Posture Resource Editor |
['securityposture.operations.get', 'securityposture.postures.create', 'securityposture.postures.delete', 'securityposture.postures.extract', 'securityposture.postures.get', 'securityposture.postures.list', 'securityposture.postures.update'] |
|
GA |
| roles/securityposture.postureDeployer |
Mutate and read permissions to the Posture Deployment resource. |
Security Posture Deployer |
['orgpolicy.constraints.list', 'orgpolicy.customConstraints.create', 'orgpolicy.customConstraints.delete', 'orgpolicy.customConstraints.get', 'orgpolicy.customConstraints.list', 'orgpolicy.customConstraints.update', 'orgpolicy.policies.create', 'orgpolicy.policies.delete', 'orgpolicy.policies.list', 'orgpolicy.policies.update', 'orgpolicy.policy.get', 'orgpolicy.policy.set', 'resourcemanager.organizations.get', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.securityhealthanalyticssettings.update', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update', 'securityposture.operations.get', 'securityposture.postureDeployments.create', 'securityposture.postureDeployments.delete', 'securityposture.postureDeployments.get', 'securityposture.postureDeployments.list', 'securityposture.postureDeployments.update'] |
|
GA |
| roles/securityposture.postureViewer |
Read only access to the Posture resource. |
Security Posture Resource Viewer |
['resourcemanager.organizations.get', 'securityposture.operations.get', 'securityposture.postures.get', 'securityposture.postures.list'] |
|
GA |