| title | Azure permissions for Security - Azure RBAC |
|---|---|
| description | Lists the permissions for the Azure resource providers in the Security category. |
| ms.service | role-based-access-control |
| ms.topic | generated-reference |
| author | rolyon |
| manager | pmwongera |
| ms.author | rolyon |
| ms.date | 02/23/2026 |
| ms.custom | generated |
This article lists the permissions for the Azure resource providers in the Security category. You can use these permissions in your own Azure custom roles to provide granular access control to resources in Azure. Permission strings have the following format: {Company}.{ProviderName}/{resourceType}/{action}
Azure service: App Compliance Automation Tool for Microsoft 365
[!div class="mx-tableFixed"]
Action Description Microsoft.AppComplianceAutomation/onboard/actionOnboard given subscriptions to Microsoft.AppComplianceAutomation provider. Microsoft.AppComplianceAutomation/triggerEvaluation/actionTrigger quick evaluation for the given subscriptions. Microsoft.AppComplianceAutomation/listInUseStorageAccounts/actionList the storage accounts which are in use by related reports Microsoft.AppComplianceAutomation/checkNameAvailability/actionaction checkNameAvailability Microsoft.AppComplianceAutomation/getCollectionCount/actionGet the count of reports. Microsoft.AppComplianceAutomation/getOverviewStatus/actionGet the resource overview status. Microsoft.AppComplianceAutomation/register/actionRegister the subscription for Microsoft.AppComplianceAutomation Microsoft.AppComplianceAutomation/unregister/actionUnregister the subscription for Microsoft.AppComplianceAutomation Microsoft.AppComplianceAutomation/locations/operationStatuses/readread operationStatuses Microsoft.AppComplianceAutomation/locations/operationStatuses/writewrite operationStatuses Microsoft.AppComplianceAutomation/operations/readread operations Microsoft.AppComplianceAutomation/reports/readGet the AppComplianceAutomation report list for the tenant. Microsoft.AppComplianceAutomation/reports/readGet the AppComplianceAutomation report and its properties. Microsoft.AppComplianceAutomation/reports/writeCreate a new AppComplianceAutomation report or update an exiting AppComplianceAutomation report. Microsoft.AppComplianceAutomation/reports/deleteDelete an AppComplianceAutomation report. Microsoft.AppComplianceAutomation/reports/writeUpdate an exiting AppComplianceAutomation report. Microsoft.AppComplianceAutomation/reports/checkNameAvailability/actionChecks the report's nested resource name availability, e.g: Webhooks, Evidences, Snapshots. Microsoft.AppComplianceAutomation/reports/fix/actionFix the AppComplianceAutomation report error. e.g: App Compliance Automation Tool service unregistered, automation removed. Microsoft.AppComplianceAutomation/reports/getScopingQuestions/actionFix the AppComplianceAutomation report error. e.g: App Compliance Automation Tool service unregistered, automation removed. Microsoft.AppComplianceAutomation/reports/syncCertRecord/actionSynchronize attestation record from app compliance. Microsoft.AppComplianceAutomation/reports/verify/actionVerify the AppComplianceAutomation report health status. Microsoft.AppComplianceAutomation/reports/evidences/readReturns a paginated list of evidences for a specified report. Microsoft.AppComplianceAutomation/reports/evidences/readGet the evidence metadata Microsoft.AppComplianceAutomation/reports/evidences/writeCreate or Update an evidence a specified report Microsoft.AppComplianceAutomation/reports/evidences/deleteDelete an existent evidence from a specified report Microsoft.AppComplianceAutomation/reports/evidences/download/actionDownload evidence file. Microsoft.AppComplianceAutomation/reports/scopingConfigurations/readReturns a list format of the singleton scopingConfiguration for a specified report. Microsoft.AppComplianceAutomation/reports/scopingConfigurations/readGet the AppComplianceAutomation scoping configuration of the specific report. Microsoft.AppComplianceAutomation/reports/scopingConfigurations/writeGet the AppComplianceAutomation scoping configuration of the specific report. Microsoft.AppComplianceAutomation/reports/scopingConfigurations/deleteClean the AppComplianceAutomation scoping configuration of the specific report. Microsoft.AppComplianceAutomation/reports/snapshots/readGet the AppComplianceAutomation snapshot list. Microsoft.AppComplianceAutomation/reports/snapshots/readGet the AppComplianceAutomation snapshot and its properties. Microsoft.AppComplianceAutomation/reports/snapshots/download/actionDownload compliance needs from snapshot, like: Compliance Report, Resource List. Microsoft.AppComplianceAutomation/reports/snapshots/controls/readGet the AppComplianceAutomation control list. Microsoft.AppComplianceAutomation/reports/snapshots/controls/readGet the AppComplianceAutomation control and its properties. Microsoft.AppComplianceAutomation/reports/webhooks/readGet the AppComplianceAutomation webhook list. Microsoft.AppComplianceAutomation/reports/webhooks/readGet the AppComplianceAutomation webhook and its properties. Microsoft.AppComplianceAutomation/reports/webhooks/writeCreate a new AppComplianceAutomation webhook or update an exiting AppComplianceAutomation webhook. Microsoft.AppComplianceAutomation/reports/webhooks/deleteDelete an AppComplianceAutomation webhook. Microsoft.AppComplianceAutomation/reports/webhooks/writeUpdate an exiting AppComplianceAutomation webhook.
Azure service: Azure Attestation Service
[!div class="mx-tableFixed"]
Action Description Microsoft.Attestation/attestationProviders/readGets the attestation service status. Microsoft.Attestation/attestationProviders/writeAdds attestation service. Microsoft.Attestation/attestationProviders/deleteRemoves attestation service. Microsoft.Attestation/attestationProviders/PrivateEndpointConnectionsApproval/actionPrivate endpoints approve description. Microsoft.Attestation/attestationProviders/joinPerimeter/actionAction to join the Network Security Perimeter, used by linked access checks by NRP. Microsoft.Attestation/attestationProviders/attestation/readGets the attestation service status. Microsoft.Attestation/attestationProviders/attestation/writeAdds attestation service. Microsoft.Attestation/attestationProviders/attestation/deleteRemoves attestation service. Microsoft.Attestation/attestationProviders/networkSecurityPerimeterAssociationProxies/readNetwork Security Perimeter Association Proxy read description. Microsoft.Attestation/attestationProviders/networkSecurityPerimeterAssociationProxies/writeNetwork Security Perimeter Association Proxy write description. Microsoft.Attestation/attestationProviders/networkSecurityPerimeterAssociationProxies/deleteNetwork Security Perimeter Association Proxy delete description. Microsoft.Attestation/attestationProviders/networkSecurityPerimeterConfigurations/readNetwork Security Perimeter Configuration read description. Microsoft.Attestation/attestationProviders/networkSecurityPerimeterConfigurations/reconcile/actionReconcile the Network Security Perimeter Configuration stored in a Microsoft Azure Attestation with NRP's (Microsoft.Network Resource Provider) copy. Microsoft.Attestation/attestationProviders/operationStatus/readAzureAttestation Microsoft.Attestation/attestationProviders/privateEndpointConnectionProxies/readPrivate endpoint connection proxies read description. Microsoft.Attestation/attestationProviders/privateEndpointConnectionProxies/writePrivate endpoint connection proxies write description. Microsoft.Attestation/attestationProviders/privateEndpointConnectionProxies/deletePrivate endpoint connection proxies delete description. Microsoft.Attestation/attestationProviders/privateEndpointConnectionProxies/validate/actionPrivate endpoint connection proxies validate oescription. Microsoft.Attestation/attestationProviders/privateEndpointConnections/readPrivate endpoints read description. Microsoft.Attestation/attestationProviders/privateEndpointConnections/writePrivate endpoints write description. Microsoft.Attestation/attestationProviders/privateEndpointConnections/deletePrivate endpoints delete description. Microsoft.Attestation/attestationProviders/privateLinkResources/readGets privatelink resources description. Microsoft.Attestation/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/actionCheck if the configuration of the Network Security Perimeter needs updating.
Azure service: Data Protection
[!div class="mx-tableFixed"]
Action Description Microsoft.DataProtection/register/actionRegisters subscription for given Resource Provider Microsoft.DataProtection/unregister/actionUnregisters subscription for given Resource Provider Microsoft.DataProtection/backupVaults/writeCreate BackupVault operation creates an Azure resource of type 'Backup Vault' Microsoft.DataProtection/backupVaults/writeUpdate BackupVault operation updates an Azure resource of type 'Backup Vault' Microsoft.DataProtection/backupVaults/readThe Get Backup Vault operation gets an object representing the Azure resource of type 'Backup Vault' Microsoft.DataProtection/backupVaults/readGets list of Backup Vaults in a Subscription Microsoft.DataProtection/backupVaults/readGets list of Backup Vaults in a Resource Group Microsoft.DataProtection/backupVaults/deleteThe Delete Vault operation deletes the specified Azure resource of type 'Backup Vault' Microsoft.DataProtection/backupVaults/validateForBackup/actionValidates for backup of Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/writeCreates a Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/actionValidates for modification of Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/deleteDeletes the Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/readReturns details of the Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/readReturns all Backup Instances Microsoft.DataProtection/backupVaults/backupInstances/backup/actionPerforms Backup on the Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/sync/actionSync operation retries last failed operation on backup instance to bring it to a valid state. Microsoft.DataProtection/backupVaults/backupInstances/restore/actionTriggers restore on the Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/actionValidates for Restore of the Backup Instance Microsoft.DataProtection/backupVaults/backupInstances/stopProtection/actionStop Protection operation stops both backup and retention schedules of backup instance. Existing data will be retained forever. Microsoft.DataProtection/backupVaults/backupInstances/suspendBackups/actionSuspend Backups operation stops only backups of backup instance. Retention activities will continue and hence data will be ratained as per policy. Microsoft.DataProtection/backupVaults/backupInstances/resumeProtection/actionResume protection of a ProtectionStopped BI. Microsoft.DataProtection/backupVaults/backupInstances/resumeBackups/actionResume Backups for a BackupsSuspended BI. Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/actionFinds Restorable Time Ranges Microsoft.DataProtection/backupVaults/backupInstances/operationResults/readReturns Backup Operation Result for Backup Vault. Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/readReturns details of the Recovery Point Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/readReturns all Recovery Points Microsoft.DataProtection/backupVaults/backupJobs/readGet Jobs list Microsoft.DataProtection/backupVaults/backupJobs/enableProgress/actionGet Job details Microsoft.DataProtection/backupVaults/backupPolicies/writeCreates Backup Policy Microsoft.DataProtection/backupVaults/backupPolicies/deleteDeletes the Backup Policy Microsoft.DataProtection/backupVaults/backupPolicies/readReturns details of the Backup Policy Microsoft.DataProtection/backupVaults/backupPolicies/readReturns all Backup Policies Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/readGet the list of ResourceGuard proxies for a resource Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/readGet ResourceGuard proxy operation gets an object representing the Azure resource of type 'ResourceGuard proxy' Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/writeCreate ResourceGuard proxy operation creates an Azure resource of type 'ResourceGuard Proxy' Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/deleteThe Delete ResourceGuard proxy operation deletes the specified Azure resource of type 'ResourceGuard proxy' Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/actionUnlock delete ResourceGuard proxy operation unlocks the next delete critical operation Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/actionPerform undelete of soft-deleted Backup Instance. Backup Instance moves from SoftDeleted to ProtectionStopped state. Microsoft.DataProtection/backupVaults/deletedBackupInstances/readGet soft-deleted Backup Instance in a Backup Vault by name Microsoft.DataProtection/backupVaults/deletedBackupInstances/readList soft-deleted Backup Instances in a Backup Vault. Microsoft.DataProtection/backupVaults/operationResults/readGets Operation Result of a Patch Operation for a Backup Vault Microsoft.DataProtection/backupVaults/operationStatus/readReturns Backup Operation Status for Backup Vault. Microsoft.DataProtection/locations/checkNameAvailability/actionChecks if the requested BackupVault Name is Available Microsoft.DataProtection/locations/getBackupStatus/actionCheck Backup Status for Recovery Services Vaults Microsoft.DataProtection/locations/checkFeatureSupport/actionValidates if a feature is supported Microsoft.DataProtection/locations/operationResults/readReturns Backup Operation Result for Backup Vault. Microsoft.DataProtection/locations/operationStatus/readReturns Backup Operation Status for Backup Vault. Microsoft.DataProtection/operations/readOperation returns the list of Operations for a Resource Provider Microsoft.DataProtection/subscriptions/providers/locations/deletedVaults/readGet soft-deleted Backup Vault by name Microsoft.DataProtection/subscriptions/providers/locations/deletedVaults/readList soft-deleted Backup Vaults. Microsoft.DataProtection/subscriptions/providers/locations/deletedVaults/deletedBackupInstances/readGet the deleted backup instance under the deleted vault Microsoft.DataProtection/subscriptions/providers/locations/deletedVaults/deletedBackupInstances/readList the deleted backup instances under the deleted vault Microsoft.DataProtection/subscriptions/providers/resourceGuards/readGets list of ResourceGuards in a Subscription Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/actionReturns recovery points from secondary region for cross region restore enabled Backup Vaults. Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/actionTriggers cross region restore operation on given backup instance. Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/actionPerforms validations for cross region restore operation. Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/actionList cross region restore jobs of backup instance from secondary region. Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/actionGet cross region restore job details from secondary region. Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/readReturns Backup Operation Status for Backup Vault. Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/writeCreate ResourceGuard operation creates an Azure resource of type 'ResourceGuard' Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/readThe Get ResourceGuard operation gets an object representing the Azure resource of type 'ResourceGuard' Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/deleteThe Delete ResourceGuard operation deletes the specified Azure resource of type 'ResourceGuard' Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/readGets list of ResourceGuards in a Resource Group Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/writeUpdate ResourceGuard operation updates an Azure resource of type 'ResourceGuard' Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/readGets ResourceGuard operation request info Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/readGets ResourceGuard default operation request info
Safeguard and maintain control of keys and other secrets.
Azure service: Key Vault
[!div class="mx-tableFixed"]
Action Description Microsoft.KeyVault/register/actionRegisters a subscription Microsoft.KeyVault/unregister/actionUnregisters a subscription Microsoft.KeyVault/checkNameAvailability/readChecks that a key vault name is valid and is not in use Microsoft.KeyVault/deletedManagedHsms/readView the properties of a deleted managed hsm Microsoft.KeyVault/deletedVaults/readView the properties of soft deleted key vaults Microsoft.KeyVault/hsmPools/readView the properties of an HSM pool Microsoft.KeyVault/hsmPools/writeCreate a new HSM pool of update the properties of an existing HSM pool Microsoft.KeyVault/hsmPools/deleteDelete an HSM pool Microsoft.KeyVault/hsmPools/joinVault/actionJoin a key vault to an HSM pool Microsoft.KeyVault/locations/deleteVirtualNetworkOrSubnets/actionNotifies Microsoft.KeyVault that a virtual network or subnet is being deleted Microsoft.KeyVault/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/actionCheck if the configuration of the Network Security Perimeter needs updating. Microsoft.KeyVault/locations/deletedManagedHsms/readView the properties of a deleted managed hsm Microsoft.KeyVault/locations/deletedManagedHsms/purge/actionPurge a soft deleted managed hsm Microsoft.KeyVault/locations/deletedManagedHsms/deletePurge a soft deleted managed hsm Microsoft.KeyVault/locations/deletedVaults/readView the properties of a soft deleted key vault Microsoft.KeyVault/locations/deletedVaults/purge/actionPurge a soft deleted key vault Microsoft.KeyVault/locations/managedHsmOperationResults/readCheck the result of a long run operation Microsoft.KeyVault/locations/operationResults/readCheck the result of a long run operation Microsoft.KeyVault/managedHSMs/readView the properties of a Managed HSM Microsoft.KeyVault/managedHSMs/writeCreate a new Managed HSM or update the properties of an existing Managed HSM Microsoft.KeyVault/managedHSMs/deleteDelete a Managed HSM Microsoft.KeyVault/managedHSMs/PrivateEndpointConnectionsApproval/actionApprove or reject a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/keys/readList the keys in a specified managed hsm, or read the current version of a specified key. Microsoft.KeyVault/managedHSMs/keys/writeCreates the first version of a new key if it does not exist. If it already exists, then the existing key is returned without any modification. This API does not create subsequent versions, and does not update existing keys. Microsoft.KeyVault/managedHSMs/keys/versions/readList the versions of a specified key, or read the specified version of a key. Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/readView the state of a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/writeChange the state of a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/deleteDelete a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/validate/actionValidate a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/privateEndpointConnections/readView the state of a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/privateEndpointConnections/writeChange the state of a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/privateEndpointConnections/deleteDelete a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/managedHSMs/privateLinkResources/readGet the available private link resources for the specified instance of Managed HSM. Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/diagnosticSettings/ReadGets the diagnostic setting for the resource Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/diagnosticSettings/WriteCreates or updates the diagnostic setting for the resource Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/logDefinitions/readGets the available logs for a Managed HSM Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/metricDefinitions/readGets the available metrics for a key vault Microsoft.KeyVault/operations/readLists operations available on Microsoft.KeyVault resource provider Microsoft.KeyVault/vaults/readView the properties of a key vault Microsoft.KeyVault/vaults/writeCreates a new key vault or updates the properties of an existing key vault. Certain properties may require more permissions. Microsoft.KeyVault/vaults/deleteDeletes a key vault Microsoft.KeyVault/vaults/deploy/actionEnables access to secrets in a key vault when deploying Azure resources Microsoft.KeyVault/vaults/PrivateEndpointConnectionsApproval/actionApprove or reject a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/joinPerimeter/actionAction to join the Network Security Perimeter, used by linked access checks by NRP. Microsoft.KeyVault/vaults/accessPolicies/writeUpdates an existing access policy by merging or replacing, or adds a new access policy to the key vault. Microsoft.KeyVault/vaults/eventGridFilters/readNotifies Microsoft.KeyVault that an EventGrid Subscription for Key Vault is being viewed Microsoft.KeyVault/vaults/eventGridFilters/writeNotifies Microsoft.KeyVault that a new EventGrid Subscription for Key Vault is being created Microsoft.KeyVault/vaults/eventGridFilters/deleteNotifies Microsoft.KeyVault that an EventGrid Subscription for Key Vault is being deleted Microsoft.KeyVault/vaults/keys/readList the keys in a specified vault, or read the current version of a specified key. Microsoft.KeyVault/vaults/keys/writeCreates the first version of a new key if it does not exist. If it already exists, then the existing key is returned without any modification. This API does not create subsequent versions, and does not update existing keys. Microsoft.KeyVault/vaults/keys/versions/readList the versions of a specified key, or read the specified version of a key. Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/deleteDelete an association proxy to a Network Security Perimeter resource of Microsoft.Network provider. Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/readDelete an association proxy to a Network Security Perimeter resource of Microsoft.Network provider. Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/writeChange the state of an association to a Network Security Perimeter resource of Microsoft.Network provider Microsoft.KeyVault/vaults/networkSecurityPerimeterConfigurations/readRead the Network Security Perimeter configuration stored in a vault. Microsoft.KeyVault/vaults/networkSecurityPerimeterConfigurations/reconcile/actionReconcile the Network Security Perimeter configuration stored in a vault with NRP's (Microsoft.Network Resource Provider) copy. Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/readView the state of a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/writeChange the state of a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/deleteDelete a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/validate/actionValidate a connection proxy to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/privateEndpointConnections/readView the state of a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/privateEndpointConnections/writeChange the state of a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/privateEndpointConnections/deleteDelete a connection to a Private Endpoint resource of Microsoft.Network provider Microsoft.KeyVault/vaults/privateLinkResources/readGet the available private link resources for the specified instance of Key Vault Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/ReadGets the diagnostic setting for the resource Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/WriteCreates or updates the diagnostic setting for the resource Microsoft.KeyVault/vaults/providers/Microsoft.Insights/logDefinitions/readGets the available logs for a key vault Microsoft.KeyVault/vaults/providers/Microsoft.Insights/metricDefinitions/readGets the available metrics for a key vault Microsoft.KeyVault/vaults/secrets/readView the properties of a secret, but not its value. Microsoft.KeyVault/vaults/secrets/writeCreates a new secret or updates the value of an existing secret. DataAction Description Microsoft.KeyVault/vaults/certificatecas/deleteDelete Certificate Issuer Microsoft.KeyVault/vaults/certificatecas/readRead Certificate Issuer Microsoft.KeyVault/vaults/certificatecas/writeWrite Certificate Issuer Microsoft.KeyVault/vaults/certificatecontacts/writeManage Certificate Contact Microsoft.KeyVault/vaults/certificates/deleteDeletes a certificate. All versions are deleted. Microsoft.KeyVault/vaults/certificates/readList certificates in a specified key vault, or get information about a certificate. Microsoft.KeyVault/vaults/certificates/backup/actionCreates the backup file of a certificate. The file can used to restore the certificate in a Key Vault of same subscription. Restrictions may apply. Microsoft.KeyVault/vaults/certificates/purge/actionPurges a certificate, making it unrecoverable. Microsoft.KeyVault/vaults/certificates/update/actionUpdates the specified attributes associated with the given certificate. Microsoft.KeyVault/vaults/certificates/create/actionCreates a new certificate. If the certificate does not exist, the first version is created. Otherwise, a new version is created. Microsoft.KeyVault/vaults/certificates/import/actionImports an existing valid certificate containing a private key.
The certificate to be imported can be in either PFX or PEM format.
If the certificate does not exist in Key Vault, the first version is created with specified content.
Otherwise, a new version is created with specified content.Microsoft.KeyVault/vaults/certificates/recover/actionRecovers the deleted certificate. The operation performs the reversal of the Delete operation. The operation is applicable in vaults enabled for soft-delete, and must be issued during the retention interval. Microsoft.KeyVault/vaults/certificates/restore/actionRestores a certificate and all its versions from a backup file generated by Key Vault. Microsoft.KeyVault/vaults/keyrotationpolicies/readRetrieves the rotation policy of a given key. Microsoft.KeyVault/vaults/keyrotationpolicies/writeUpdates the rotation policy of a given key. Microsoft.KeyVault/vaults/keys/readList keys in the specified vault, or read properties and public material of a key.
For asymmetric keys, this operation exposes public key and includes ability to perform public key algorithms such as encrypt and verify signature.
Private keys and symmetric keys are never exposed.Microsoft.KeyVault/vaults/keys/update/actionUpdates the specified attributes associated with the given key. Microsoft.KeyVault/vaults/keys/create/actionCreates a new key. If the key does not exist, the first version is created. Otherwise, a new version is created with the specified value. Microsoft.KeyVault/vaults/keys/import/actionImports an externally created key. If the key does not exist, the first version is created with the imported material. Otherwise, a new version is created with the imported material. Microsoft.KeyVault/vaults/keys/recover/actionRecovers the deleted key. The operation performs the reversal of the Delete operation. The operation is applicable in vaults enabled for soft-delete, and must be issued during the retention interval. Microsoft.KeyVault/vaults/keys/restore/actionRestores a key and all its versions from a backup file generated by Key Vault. Microsoft.KeyVault/vaults/keys/deleteDeletes a key. All versions are deleted. Microsoft.KeyVault/vaults/keys/backup/actionCreates the backup file of a key. The file can used to restore the key in a Key Vault of same subscription. Restrictions may apply. Microsoft.KeyVault/vaults/keys/purge/actionPurges a key, making it unrecoverable. Microsoft.KeyVault/vaults/keys/encrypt/actionEncrypts plaintext with a key. Note that if the key is asymmetric, this operation can be performed by principals with read access. Microsoft.KeyVault/vaults/keys/decrypt/actionDecrypts ciphertext with a key. Microsoft.KeyVault/vaults/keys/wrap/actionWraps a symmetric key with a Key Vault key. Note that if the Key Vault key is asymmetric, this operation can be performed by principals with read access. Microsoft.KeyVault/vaults/keys/unwrap/actionUnwraps a symmetric key with a Key Vault key. Microsoft.KeyVault/vaults/keys/sign/actionSigns a message digest (hash) with a key. Microsoft.KeyVault/vaults/keys/verify/actionVerifies the signature of a message digest (hash) with a key. Note that if the key is asymmetric, this operation can be performed by principals with read access. Microsoft.KeyVault/vaults/keys/release/actionRelease a key using public part of KEK from attestation token. Microsoft.KeyVault/vaults/keys/rotate/actionCreates a new version of an existing key (with the same parameters). Microsoft.KeyVault/vaults/secrets/deleteDeletes a secret. All versions are deleted. Microsoft.KeyVault/vaults/secrets/backup/actionCreates the backup file of a secret. The file can used to restore the secret in a Key Vault of same subscription. Restrictions may apply. Microsoft.KeyVault/vaults/secrets/purge/actionPurges a secret, making it unrecoverable. Microsoft.KeyVault/vaults/secrets/update/actionUpdates the specified attributes associated with the given secret. Microsoft.KeyVault/vaults/secrets/recover/actionRecovers the deleted secret. The operation performs the reversal of the Delete operation. The operation is applicable in vaults enabled for soft-delete, and must be issued during the retention interval. Microsoft.KeyVault/vaults/secrets/restore/actionRestores a secret and all its versions from a backup file generated by Key Vault. Microsoft.KeyVault/vaults/secrets/readMetadata/actionList or view the properties of a secret, but not its value. Microsoft.KeyVault/vaults/secrets/getSecret/actionGets the value of a secret. Microsoft.KeyVault/vaults/secrets/setSecret/actionSets the value of a secret. If the secret does not exist, the first version is created. Otherwise, a new version is created with the specified value. Microsoft.KeyVault/vaults/storageaccounts/readRead definition of managed storage accounts. Microsoft.KeyVault/vaults/storageaccounts/set/actionCreates or updates the definition of a managed storage account. Microsoft.KeyVault/vaults/storageaccounts/deleteDelete the definition of a managed storage account. Microsoft.KeyVault/vaults/storageaccounts/backup/actionCreates a backup file of the definition of a managed storage account and its SAS (Shared Access Signature). Microsoft.KeyVault/vaults/storageaccounts/purge/actionPurge the soft-deleted definition of a managed storage account or SAS (Shared Access Signature). Microsoft.KeyVault/vaults/storageaccounts/regeneratekey/actionRegenerate the access key of a managed storage account. Microsoft.KeyVault/vaults/storageaccounts/recover/actionRecover the soft-deleted definition of a managed storage account or SAS (Shared Access Signature). Microsoft.KeyVault/vaults/storageaccounts/restore/actionRestores the definition of a managed storage account and its SAS (Shared Access Signature) from a backup file generated by Key Vault. Microsoft.KeyVault/vaults/storageaccounts/sas/set/actionCreates or updates the SAS (Shared Access Signature) definition for a managed storage account. Microsoft.KeyVault/vaults/storageaccounts/sas/deleteDelete the SAS (Shared Access Signature) definition for a managed storage account. Microsoft.KeyVault/vaults/storageaccounts/sas/readRead the SAS (Shared Access Signature) definition for a managed storage account.
Protect your enterprise from advanced threats across hybrid cloud workloads.
Azure service: Security Center
[!div class="mx-tableFixed"]
Action Description Microsoft.Security/register/actionRegisters the subscription for Azure Security Center Microsoft.Security/unregister/actionUnregisters the subscription from Azure Security Center Microsoft.Security/aggregations/actionGets aggregations Microsoft.Security/adaptiveNetworkHardenings/readGets Adaptive Network Hardening recommendations of an Azure protected resource Microsoft.Security/adaptiveNetworkHardenings/enforce/actionEnforces the given traffic hardening rules by creating matching security rules on the given Network Security Group(s) Microsoft.Security/advancedThreatProtectionSettings/readGets the Advanced Threat Protection Settings for the resource Microsoft.Security/advancedThreatProtectionSettings/writeUpdates the Advanced Threat Protection Settings for the resource Microsoft.Security/aggregations/readGets aggregations Microsoft.Security/alerts/readGets all available security alerts Microsoft.Security/alertsSuppressionRules/readGets all available security alert suppression rule Microsoft.Security/alertsSuppressionRules/writeCreates a new security alert suppression rule or update an existing rule Microsoft.Security/alertsSuppressionRules/deleteDelete a security alert suppression rule Microsoft.Security/apiCollections/readGet Api Collections Microsoft.Security/apiCollections/writeCreate Api Collections Microsoft.Security/apiCollections/deleteDelete Api Collections Microsoft.Security/applicationWhitelistings/readGets the application allowlistings Microsoft.Security/applicationWhitelistings/writeCreates a new application allowlisting or updates an existing one Microsoft.Security/assessmentMetadata/readGet available security assessment metadata on your subscription Microsoft.Security/assessmentMetadata/writeCreate or update a security assessment metadata Microsoft.Security/assessments/readGet security assessments on your subscription Microsoft.Security/assessments/writeCreate or update security assessments on your subscription Microsoft.Security/assessments/governanceAssignments/readGet governance assignments for security assessments Microsoft.Security/assessments/governanceAssignments/writeCreate or update governance assignments for security assessments Microsoft.Security/assessments/subAssessments/readGet security sub assessments on your subscription Microsoft.Security/assessments/subAssessments/writeCreate or update security sub assessments on your subscription Microsoft.Security/assignments/readGet the security assignment Microsoft.Security/assignments/writeCreate or update the security assignment Microsoft.Security/assignments/deleteDeletes the security assignment Microsoft.Security/automations/readGets the automations for the scope Microsoft.Security/automations/writeCreates or updates the automation for the scope Microsoft.Security/automations/deleteDeletes the automation for the scope Microsoft.Security/automations/validate/actionValidates the automation model for the scope Microsoft.Security/complianceResults/readGets the compliance results for the resource Microsoft.Security/customRecommendations/readGet the custom recommendations Microsoft.Security/customRecommendations/writeCreate or update the custom recommendation Microsoft.Security/customRecommendations/deleteDeletes the custom recommendation Microsoft.Security/datascanners/readGets the datascanners for the scope Microsoft.Security/datascanners/writeCreates or updates the datascanners for the scope Microsoft.Security/datascanners/deleteDeletes the datascanners for the scope Microsoft.Security/defenderforstoragesettings/readGets the defenderforstoragesettings for the scope Microsoft.Security/defenderforstoragesettings/writeCreates or updates the defenderforstoragesettings for the scope Microsoft.Security/defenderforstoragesettings/deleteDeletes the defenderforstoragesettings for the scope Microsoft.Security/deviceSecurityGroups/writeCreates or updates IoT device security groups Microsoft.Security/deviceSecurityGroups/deleteDeletes IoT device security groups Microsoft.Security/deviceSecurityGroups/readGets IoT device security groups Microsoft.Security/externalSecuritySolutions/readGets the external security solutions Microsoft.Security/governanceRules/readGet governance rules for managing security posture Microsoft.Security/governanceRules/writeCreate or update governance rules for managing security posture Microsoft.Security/informationProtectionPolicies/readGets the information protection policies for the resource Microsoft.Security/informationProtectionPolicies/writeUpdates the information protection policies for the resource Microsoft.Security/integration/readGet integration on your scope Microsoft.Security/integration/writeCreate or update integration on your scope Microsoft.Security/integration/deleteDeleate or update integration on your scope Microsoft.Security/iotDefenderSettings/readGets IoT Defender Settings Microsoft.Security/iotDefenderSettings/writeCreate or updates IoT Defender Settings Microsoft.Security/iotDefenderSettings/deleteDeletes IoT Defender Settings Microsoft.Security/iotDefenderSettings/PackageDownloads/actionGets downloadable IoT Defender packages information Microsoft.Security/iotDefenderSettings/DownloadManagerActivation/actionDownload manager activation file with subscription quota data Microsoft.Security/iotSecuritySolutions/writeCreates or updates IoT security solutions Microsoft.Security/iotSecuritySolutions/deleteDeletes IoT security solutions Microsoft.Security/iotSecuritySolutions/readGets IoT security solutions Microsoft.Security/iotSecuritySolutions/analyticsModels/readGets IoT security analytics model Microsoft.Security/iotSecuritySolutions/analyticsModels/readGets IoT alert types Microsoft.Security/iotSecuritySolutions/analyticsModels/readGets IoT alerts Microsoft.Security/iotSecuritySolutions/analyticsModels/readGets IoT recommendation types Microsoft.Security/iotSecuritySolutions/analyticsModels/readGets IoT recommendations Microsoft.Security/iotSecuritySolutions/analyticsModels/readGets devices Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedAlerts/readGets IoT aggregated alerts Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedAlerts/dismiss/actionDismisses IoT aggregated alerts Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedRecommendations/readGets IoT aggregated recommendations Microsoft.Security/iotSensors/readGets IoT Sensors Microsoft.Security/iotSensors/writeCreate or updates IoT Sensors Microsoft.Security/iotSensors/deleteDeletes IoT Sensors Microsoft.Security/iotSensors/DownloadActivation/actionDownloads activation file for IoT Sensors Microsoft.Security/iotSensors/TriggerTiPackageUpdate/actionTriggers threat intelligence package update Microsoft.Security/iotSensors/DownloadResetPassword/actionDownloads reset password file for IoT Sensors Microsoft.Security/iotSite/readGets IoT site Microsoft.Security/iotSite/writeCreates or updates IoT site Microsoft.Security/iotSite/deleteDeletes IoT site Microsoft.Security/jitNetworkAccessPolicies/readGets the just-in-time network access policies Microsoft.Security/locations/readGets the security data location Microsoft.Security/locations/alerts/readGets all available security alerts Microsoft.Security/locations/alerts/dismiss/actionDismiss a security alert Microsoft.Security/locations/alerts/activate/actionActivate a security alert Microsoft.Security/locations/alerts/resolve/actionResolve a security alert Microsoft.Security/locations/alerts/simulate/actionSimulate a security alert Microsoft.Security/locations/externalSecuritySolutions/readGets the external security solutions Microsoft.Security/locations/jitNetworkAccessPolicies/readGets the just-in-time network access policies Microsoft.Security/locations/jitNetworkAccessPolicies/writeCreates a new just-in-time network access policy or updates an existing one Microsoft.Security/locations/jitNetworkAccessPolicies/deleteDeletes the just-in-time network access policy Microsoft.Security/locations/jitNetworkAccessPolicies/initiate/actionInitiates a just-in-time network access policy request Microsoft.Security/locations/operationResults/readRead result of the asynchronous operation. Microsoft.Security/locations/operationStatuses/readRead status of the asynchronous operation. Microsoft.Security/locations/securitySolutions/readGets the security solutions Microsoft.Security/locations/securitySolutions/writeCreates a new security solution or updates an existing one Microsoft.Security/locations/securitySolutions/deleteDeletes a security solution Microsoft.Security/locations/tasks/readGets all available security recommendations Microsoft.Security/locations/tasks/start/actionStart a security recommendation Microsoft.Security/locations/tasks/resolve/actionResolve a security recommendation Microsoft.Security/locations/tasks/activate/actionActivate a security recommendation Microsoft.Security/locations/tasks/dismiss/actionDismiss a security recommendation Microsoft.Security/mdeOnboardings/readGet Microsoft Defender for Endpoint onboarding script Microsoft.Security/policies/readGets the security policy Microsoft.Security/policies/writeUpdates the security policy Microsoft.Security/pricings/readGets the pricing settings for the scope Microsoft.Security/pricings/writeUpdates the pricing settings for the scope Microsoft.Security/pricings/deleteDeletes the pricing settings for the scope Microsoft.Security/pricings/securityoperators/readGets the security operators for the scope Microsoft.Security/pricings/securityoperators/writeUpdates the security operators for the scope Microsoft.Security/pricings/securityoperators/deleteDeletes the security operators for the scope Microsoft.Security/privateLinks/readGets the Microsoft Security Private Link. Microsoft.Security/privateLinks/writeCreates or updates a Microsoft Security Private Link. Microsoft.Security/privateLinks/deleteDeletes a Microsoft Security Private Link. Microsoft.Security/privateLinks/privateEndpointConnectionProxies/readGets the Microsoft Security Private Endpoint Connection Proxy (NRP only). Microsoft.Security/privateLinks/privateEndpointConnectionProxies/writeCreates or updates a Microsoft Security Private Endpoint Connection Proxy (NRP only). Microsoft.Security/privateLinks/privateEndpointConnectionProxies/deleteDeletes a Microsoft Security Private Endpoint Connection Proxy (NRP only). Microsoft.Security/privateLinks/privateEndpointConnectionProxies/validate/actionValidates a Microsoft Security Private Endpoint Connection Proxy object before creation (NRP only). Microsoft.Security/privateLinks/privateEndpointConnectionProxies/updatePrivateEndpointProperties/actionUpdates the properties of the Microsoft Security Private Endpoint Connection Proxy (NRP only). Microsoft.Security/privateLinks/privateEndpointConnections/readGets the Microsoft Security Private Endpoint Connection. Microsoft.Security/privateLinks/privateEndpointConnections/writeApproves or rejects a Microsoft Security Private Endpoint Connection. Microsoft.Security/privateLinks/privateEndpointConnections/deleteDeletes a Microsoft Security Private Endpoint Connection. Microsoft.Security/privateLinks/privateLinkResources/readGets the Microsoft Security Private Link Resource. Microsoft.Security/secureScoreControlDefinitions/readGet secure score control definition Microsoft.Security/secureScoreControls/readGet calculated secure score control for your subscription Microsoft.Security/secureScores/readGet calculated secure score for your subscription Microsoft.Security/secureScores/secureScoreControls/readGet calculated secure score control for your secure score calculation Microsoft.Security/securityConnectors/readGets the security connector Microsoft.Security/securityConnectors/writeUpdates the security connector Microsoft.Security/securityConnectors/deleteDeletes the security connector Microsoft.Security/securityConnectors/devops/listAvailableAzureDevOpsOrgs/actionReturns a list of all Azure DevOps organizations accessible by the user token consumed by the connector. Microsoft.Security/securityConnectors/devops/writeCreates or updates a DevOps Configuration. Microsoft.Security/securityConnectors/devops/deleteDeletes a DevOps Connector. Microsoft.Security/securityConnectors/devops/readGets a DevOps Configuration. Microsoft.Security/securityConnectors/devops/readList DevOps Configurations. Microsoft.Security/securityConnectors/devops/writeUpdates a DevOps Configuration. Microsoft.Security/securityConnectors/devops/listAvailableGitHubOwners/actionReturns a list of all GitHub owners accessible by the user token consumed by the connector. Microsoft.Security/securityConnectors/devops/listAvailableGitLabGroups/actionReturns a list of all GitLab groups accessible by the user token consumed by the connector. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/writeCreates or updates monitored Azure DevOps organization details. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/readReturns a monitored Azure DevOps organization resource. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/readReturns a list of Azure DevOps organizations onboarded to the connector. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/writeUpdates monitored Azure DevOps organization details. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/writeCreates or updates a monitored Azure DevOps project resource. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/readReturns a monitored Azure DevOps project resource. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/readReturns a list of Azure DevOps projects onboarded to the connector. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/writeUpdates a monitored Azure DevOps project resource. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/writeCreates or updates a monitored Azure DevOps repository resource. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/readReturns a monitored Azure DevOps repository resource. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/readReturns a list of Azure DevOps repositories onboarded to the connector. Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/writeUpdates a monitored Azure DevOps repository resource. Microsoft.Security/securityConnectors/devops/gitHubOwners/readReturns a monitored GitHub owner. Microsoft.Security/securityConnectors/devops/gitHubOwners/readReturns a list of GitHub owners onboarded to the connector. Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/issues/actionCreates a GitHub issue for the specified repository and assessment. Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/readReturns a monitored GitHub repository. Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/readReturns a list of GitHub repositories onboarded to the connector. Microsoft.Security/securityConnectors/devops/gitLabGroups/readReturns a monitored GitLab Group resource for a given fully-qualified name. Microsoft.Security/securityConnectors/devops/gitLabGroups/readReturns a list of GitLab groups onboarded to the connector. Microsoft.Security/securityConnectors/devops/gitLabGroups/listSubgroups/actionGets nested subgroups of given GitLab Group which are onboarded to the connector. Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/readReturns a monitored GitLab Project resource for a given fully-qualified group name and project name. Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/readGets a list of GitLab projects that are directly owned by given group and onboarded to the connector. Microsoft.Security/securityConnectors/devops/operationResults/readGet devops long running operation result. Microsoft.Security/securityContacts/readGets the security contact Microsoft.Security/securityContacts/writeUpdates the security contact Microsoft.Security/securityContacts/deleteDeletes the security contact Microsoft.Security/securityoperators/readGets the securityoperators for the scope Microsoft.Security/securityoperators/writeCreates or updates the securityoperators for the scope Microsoft.Security/securityoperators/deleteDeletes the securityoperators for the scope Microsoft.Security/securitySolutions/readGets the security solutions Microsoft.Security/securitySolutions/writeCreates a new security solution or updates an existing one Microsoft.Security/securitySolutions/deleteDeletes a security solution Microsoft.Security/securitySolutionsReferenceData/readGets the security solutions reference data Microsoft.Security/securityStandards/readGet the security standards Microsoft.Security/securityStandards/writeCreate or update the security standard Microsoft.Security/securityStandards/deleteDeletes the security standard Microsoft.Security/securityStatuses/readGets the security health statuses for Azure resources Microsoft.Security/securityStatusesSummaries/readGets the security statuses summaries for the scope Microsoft.Security/sensitivitySettings/readGets tenant level sensitivity settings Microsoft.Security/sensitivitySettings/writeUpdates tenant level sensitivity settings Microsoft.Security/serverVulnerabilityAssessments/readGet server vulnerability assessments onboarding status on a given resource Microsoft.Security/serverVulnerabilityAssessments/writeCreate or update a server vulnerability assessments solution on resource Microsoft.Security/serverVulnerabilityAssessments/deleteRemove a server vulnerability assessments solution from a resource Microsoft.Security/serverVulnerabilityAssessmentsSettings/readGet server vulnerability assessments settings onboarding status for a given subscription Microsoft.Security/serverVulnerabilityAssessmentsSettings/writeCreate or update server vulnerability assessments settings on a given subscription Microsoft.Security/serverVulnerabilityAssessmentsSettings/deleteRemove server vulnerability assessments settings from a given subscription Microsoft.Security/settings/readGets the settings for the scope Microsoft.Security/settings/writeUpdates the settings for the scope Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/actionAdd a list of rules result to the baseline. Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/readReturn the databases' baseline (all rules that were added to the baseline) or get a rule baseline results for the specified rule ID. Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/writeChange the rule baseline result. Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/deleteRemove the rule result from the baseline. Microsoft.Security/sqlVulnerabilityAssessments/scans/readReturn the list of vulnerability assessment scan records or get the scan record for the specified scan ID. Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults/readReturn the list of vulnerability assessment rule results or get the rule result for the specified rule ID. Microsoft.Security/standardAssignments/readGet the standard assignments Microsoft.Security/standardAssignments/writeCreate or update the standard assignment Microsoft.Security/standardAssignments/deleteDeletes the standard assignment Microsoft.Security/standards/readGet the security standard Microsoft.Security/standards/writeCreate or update the security standard Microsoft.Security/standards/deleteDeletes the security standard Microsoft.Security/tasks/readGets all available security recommendations Microsoft.Security/webApplicationFirewalls/readGets the web application firewalls Microsoft.Security/webApplicationFirewalls/writeCreates a new web application firewall or updates an existing one Microsoft.Security/webApplicationFirewalls/deleteDeletes a web application firewall Microsoft.Security/workspaceSettings/readGets the workspace settings Microsoft.Security/workspaceSettings/writeUpdates the workspace settings Microsoft.Security/workspaceSettings/deleteDeletes the workspace settings Microsoft.Security/workspaceSettings/connect/actionChange workspace settings reconnection settings
Azure service: Microsoft Sentinel
[!div class="mx-tableFixed"]
Action Description Microsoft.SecurityInsights/register/actionRegisters the subscription to Azure Sentinel Microsoft.SecurityInsights/unregister/actionUnregisters the subscription from Azure Sentinel Microsoft.SecurityInsights/dataConnectorsCheckRequirements/actionCheck user authorization and license Microsoft.SecurityInsights/Aggregations/readGets aggregated information Microsoft.SecurityInsights/alertRules/readGets the alert rules Microsoft.SecurityInsights/alertRules/writeUpdates alert rules Microsoft.SecurityInsights/alertRules/deleteDeletes alert rules Microsoft.SecurityInsights/alertRules/triggerRuleRun/actionTrigger on-demand rule run execution Microsoft.SecurityInsights/alertRules/actions/readGets the response actions of an alert rule Microsoft.SecurityInsights/alertRules/actions/writeUpdates the response actions of an alert rule Microsoft.SecurityInsights/alertRules/actions/deleteDeletes the response actions of an alert rule Microsoft.SecurityInsights/automationRules/readGets an automation rule Microsoft.SecurityInsights/automationRules/writeUpdates an automation rule Microsoft.SecurityInsights/automationRules/deleteDeletes an automation rule Microsoft.SecurityInsights/BillingStatistics/readRead BillingStatistics Microsoft.SecurityInsights/Bookmarks/readGets bookmarks Microsoft.SecurityInsights/Bookmarks/writeUpdates bookmarks Microsoft.SecurityInsights/Bookmarks/deleteDeletes bookmarks Microsoft.SecurityInsights/Bookmarks/expand/actionGets related entities of an entity by a specific expansion Microsoft.SecurityInsights/bookmarks/relations/readGets a bookmark relation Microsoft.SecurityInsights/bookmarks/relations/writeUpdates a bookmark relation Microsoft.SecurityInsights/bookmarks/relations/deleteDeletes a bookmark relation Microsoft.SecurityInsights/cases/readGets a case Microsoft.SecurityInsights/cases/writeUpdates a case Microsoft.SecurityInsights/cases/deleteDeletes a case Microsoft.SecurityInsights/cases/comments/readGets the case comments Microsoft.SecurityInsights/cases/comments/writeCreates the case comments Microsoft.SecurityInsights/cases/investigations/readGets the case investigations Microsoft.SecurityInsights/cases/investigations/writeUpdates the metadata of a case Microsoft.SecurityInsights/ConfidentialWatchlists/readGets Confidential Watchlists Microsoft.SecurityInsights/ConfidentialWatchlists/writeCreates Confidential Watchlists Microsoft.SecurityInsights/ConfidentialWatchlists/deleteDeletes Confidential Watchlists Microsoft.SecurityInsights/ContentPackages/readRead Installed Content Packages. Microsoft.SecurityInsights/ContentPackages/writeInstall Content Packages. Microsoft.SecurityInsights/ContentPackages/deleteDelete Installed Content Packages. Microsoft.SecurityInsights/ContentProductPackages/readRead Available Product Packages Microsoft.SecurityInsights/ContentProductTemplates/readRead Available Product Templates Microsoft.SecurityInsights/ContentTemplates/writeInstall Content Templates. Microsoft.SecurityInsights/ContentTemplates/readRead installed Content Templates. Microsoft.SecurityInsights/ContentTemplates/deleteDelete Installed Content Templates. Microsoft.SecurityInsights/dataConnectors/readGets the data connectors Microsoft.SecurityInsights/dataConnectors/writeUpdates a data connector Microsoft.SecurityInsights/dataConnectors/deleteDeletes a data connector Microsoft.SecurityInsights/enrichment/domain/whois/readGet whois enrichment for a domain Microsoft.SecurityInsights/enrichment/ip/geodata/readGet geodata enrichment for an IP Microsoft.SecurityInsights/entities/readGets the sentinel entities graph Microsoft.SecurityInsights/entities/gettimeline/actionGets entity timeline for a specific range Microsoft.SecurityInsights/entities/getInsights/actionGets entity Insights for a specific range Microsoft.SecurityInsights/entities/runPlaybook/actionRun playbook on entity Microsoft.SecurityInsights/entities/relations/readGets a relation between the entity and related resources Microsoft.SecurityInsights/entities/relations/writeUpdates a relation between the entity and related resources Microsoft.SecurityInsights/entities/relations/deleteDeletes a relation between the entity and related resources Microsoft.SecurityInsights/entityQueries/readGets the investigation expansions for entities Microsoft.SecurityInsights/ExportConnections/readRead ExportConnections Microsoft.SecurityInsights/ExportConnections/writewrite ExportConnections Microsoft.SecurityInsights/ExportConnections/deleteDelete ExportConnections Microsoft.SecurityInsights/ExportConnections/ExportJobs/readRead ExportJobs Microsoft.SecurityInsights/ExportConnections/ExportJobs/writewrite ExportJobs Microsoft.SecurityInsights/ExportConnections/ExportJobs/deleteDelete ExportJobs Microsoft.SecurityInsights/fileimports/readReads File Import objects Microsoft.SecurityInsights/fileimports/writeCreates or updates a File Import Microsoft.SecurityInsights/fileimports/deleteDeletes a File Import Microsoft.SecurityInsights/hunts/readGet Hunts Microsoft.SecurityInsights/hunts/writeCreate Hunts Microsoft.SecurityInsights/hunts/deleteDeletes Hunts Microsoft.SecurityInsights/hunts/comments/readGet Hunt Comments Microsoft.SecurityInsights/hunts/comments/writeCreate Hunt Comments Microsoft.SecurityInsights/hunts/comments/deleteDeletes Hunt Comments Microsoft.SecurityInsights/hunts/relations/readGet Hunt Relations Microsoft.SecurityInsights/hunts/relations/writeCreate Hunt Relations Microsoft.SecurityInsights/hunts/relations/deleteDeletes Hunt Relations Microsoft.SecurityInsights/incidents/readGets an incident Microsoft.SecurityInsights/incidents/writeUpdates an incident Microsoft.SecurityInsights/incidents/deleteDeletes an incident Microsoft.SecurityInsights/incidents/createTeam/actionCreates a Microsoft team to investigate the incident by sharing information and insights between participants Microsoft.SecurityInsights/incidents/runPlaybook/actionRun playbook on incident Microsoft.SecurityInsights/incidents/comments/readGets the incident comments Microsoft.SecurityInsights/incidents/comments/writeCreates a comment on the incident Microsoft.SecurityInsights/incidents/comments/deleteDeletes a comment on the incident Microsoft.SecurityInsights/incidents/relations/readGets a relation between the incident and related resources Microsoft.SecurityInsights/incidents/relations/writeUpdates a relation between the incident and related resources Microsoft.SecurityInsights/incidents/relations/deleteDeletes a relation between the incident and related resources Microsoft.SecurityInsights/incidents/tasks/readGets a task on the incident Microsoft.SecurityInsights/incidents/tasks/writeUpdates a task on the incident Microsoft.SecurityInsights/incidents/tasks/deleteDeletes a task on the incident Microsoft.SecurityInsights/Metadata/readRead Metadata for Sentinel content. Microsoft.SecurityInsights/Metadata/writeWrite Metadata for Sentinel content. Microsoft.SecurityInsights/Metadata/deleteDelete Metadata for Sentinel content. Microsoft.SecurityInsights/officeConsents/readGets consents from Microsoft Office Microsoft.SecurityInsights/officeConsents/deleteDeletes consents from Microsoft Office Microsoft.SecurityInsights/onboardingStates/readGets an onboarding state Microsoft.SecurityInsights/onboardingStates/writeUpdates an onboarding state Microsoft.SecurityInsights/onboardingStates/deleteDeletes an onboarding state Microsoft.SecurityInsights/operations/readGets operations Microsoft.SecurityInsights/securityMLAnalyticsSettings/readGets the analytics settings Microsoft.SecurityInsights/securityMLAnalyticsSettings/writeUpdate the analytics settings Microsoft.SecurityInsights/securityMLAnalyticsSettings/deleteDelete an analytics setting Microsoft.SecurityInsights/settings/readGets settings Microsoft.SecurityInsights/settings/writeUpdates settings Microsoft.SecurityInsights/settings/deleteDeletes setting Microsoft.SecurityInsights/SourceControls/readRead SourceControls Microsoft.SecurityInsights/SourceControls/writewrite SourceControls Microsoft.SecurityInsights/SourceControls/deleteDelete SourceControls Microsoft.SecurityInsights/threatintelligence/readGets Threat Intelligence Microsoft.SecurityInsights/threatintelligence/writeUpdates Threat Intelligence Microsoft.SecurityInsights/threatintelligence/deleteDeletes Threat Intelligence Microsoft.SecurityInsights/threatintelligence/query/actionQuery Threat Intelligence Microsoft.SecurityInsights/threatintelligence/metrics/actionCollect Threat Intelligence Metrics Microsoft.SecurityInsights/threatintelligence/bulkDelete/actionBulk Delete Threat Intelligence Microsoft.SecurityInsights/threatintelligence/bulkTag/actionBulk Tags Threat Intelligence Microsoft.SecurityInsights/threatintelligence/createIndicator/actionCreate Threat Intelligence Indicator Microsoft.SecurityInsights/threatintelligence/queryIndicators/actionQuery Threat Intelligence Indicators Microsoft.SecurityInsights/threatintelligence/bulkactions/readReads TI Bulk Action objects Microsoft.SecurityInsights/threatintelligence/bulkactions/writeCreates or updates a TI Bulk Action Microsoft.SecurityInsights/threatintelligence/bulkactions/deleteDeletes a TI Bulk Action Microsoft.SecurityInsights/threatintelligence/bulkactions/query/actionQuery Threat Intelligence STIX objects Microsoft.SecurityInsights/threatintelligence/bulkactions/count/actionQuery Threat Intelligence STIX object count Microsoft.SecurityInsights/threatintelligence/indicators/writeUpdates Threat Intelligence Indicators Microsoft.SecurityInsights/threatintelligence/indicators/deleteDeletes Threat Intelligence Indicators Microsoft.SecurityInsights/threatintelligence/indicators/query/actionQuery Threat Intelligence Indicators Microsoft.SecurityInsights/threatintelligence/indicators/metrics/actionGet Threat Intelligence Indicator Metrics Microsoft.SecurityInsights/threatintelligence/indicators/bulkDelete/actionBulk Delete Threat Intelligence Indicators Microsoft.SecurityInsights/threatintelligence/indicators/bulkTag/actionBulk Tags Threat Intelligence Indicators Microsoft.SecurityInsights/threatintelligence/indicators/readGets Threat Intelligence Indicators Microsoft.SecurityInsights/threatintelligence/indicators/appendTags/actionAppend tags to Threat Intelligence Indicator Microsoft.SecurityInsights/threatintelligence/indicators/replaceTags/actionReplace Tags of Threat Intelligence Indicator Microsoft.SecurityInsights/threatintelligence/ingestionrulelist/readReads the set of TI Ingestion Rule objects Microsoft.SecurityInsights/threatintelligence/ingestionrulelist/writeCreates or updates a set of TI Ingestion Rules Microsoft.SecurityInsights/threatintelligence/metrics/readCollect Threat Intelligence Metrics Microsoft.SecurityInsights/threatintelligence/threatactors/readReads TI Threat Actor objects Microsoft.SecurityInsights/threatintelligence/threatactors/writeCreates or updates a TI Threat Actor Microsoft.SecurityInsights/threatintelligence/threatactors/deleteDeletes a TI Threat Actor Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/readGets the triggered analytics rule runs Microsoft.SecurityInsights/Watchlists/readGets Watchlists Microsoft.SecurityInsights/Watchlists/writeCreate Watchlists Microsoft.SecurityInsights/Watchlists/deleteDeletes Watchlists Microsoft.SecurityInsights/WorkspaceManagerAssignments/readGets WorkspaceManager Assignments Microsoft.SecurityInsights/WorkspaceManagerAssignments/writeCreates WorkspaceManager Assignments Microsoft.SecurityInsights/WorkspaceManagerAssignments/deleteDeletes WorkspaceManager Assignments Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/readGets WorkspaceManagerAssignments jobs Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/writeCreates WorkspaceManagerAssignments jobs Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/deleteDeletes WorkspaceManagerAssignments jobs Microsoft.SecurityInsights/WorkspaceManagerConfigurations/readGets WorkspaceManager Configurations Microsoft.SecurityInsights/WorkspaceManagerConfigurations/writeCreates WorkspaceManager Configurations Microsoft.SecurityInsights/WorkspaceManagerConfigurations/deleteDeletes WorkspaceManager Configurations Microsoft.SecurityInsights/WorkspaceManagerGroups/readGets WorkspaceManager Groups Microsoft.SecurityInsights/WorkspaceManagerGroups/writeCreates WorkspaceManager Groups Microsoft.SecurityInsights/WorkspaceManagerGroups/deleteDeletes WorkspaceManager Groups Microsoft.SecurityInsights/WorkspaceManagerMembers/readGets WorkspaceManager Members Microsoft.SecurityInsights/WorkspaceManagerMembers/writeCreates WorkspaceManager Members Microsoft.SecurityInsights/WorkspaceManagerMembers/deleteDeletes WorkspaceManager Members