What's new in Azure RBAC documentation

Artikkel
02/18/2025

This article provides information about new features and documentation improvements in Azure role-based access control (RBAC).

2025

Date	Area	Description
February 2025	Security	Added instructions for how to detect elevate access events using Microsoft Sentinel. See Detect elevate access events using Microsoft Sentinel.
February 2025	Permissions	Updated list of permissions for the Azure Container Registry. See Microsoft.ContainerRegistry.
February 2025	Roles	Added Locks Contributor role.
February 2025	Subscriptions	Updated list of known impact when transferring a subscription. See Understand the impact of transferring a subscription.
January 2025	Security	Preview of elevate access log entries in the Microsoft Entra directory audit logs. See View elevate access log entries.
January 2025	Roles	Updated descriptions for roles with `*/read` permissions. App Compliance Automation Administrator App Compliance Automation Reader Log Analytics Contributor Log Analytics Reader Managed Application Contributor Role Managed Application Operator Role Managed Applications Reader Monitoring Contributor Monitoring Reader Reader Resource Policy Contributor Role Based Access Control Administrator User Access Administrator
January 2025	Roles	Added Azure Chaos Studio roles. See Chaos Studio Experiment Contributor, Chaos Studio Operator, and Chaos Studio Reader.
January 2025	Roles	Added Azure Container Registry roles. Container Registry Configuration Reader and Data Access Configuration Reader Container Registry Contributor and Data Access Configuration Administrator Container Registry Data Importer and Data Reader Container Registry Repository Catalog Lister Container Registry Repository Contributor Container Registry Repository Reader Container Registry Repository Writer Container Registry Tasks Contributor Container Registry Transfer Pipeline Contributor
January 2025	Roles and permissions	Updated permissions for several roles and resource providers. See Azure built-in roles and Azure permissions.
January 2025	REST API	Updated how to list a role definition with a specified role name. See List role definitions.

2024

Date	Area	Description
December 2024	Role assignments	Documented check access improvements on the Access control (IAM) page. See Quickstart: Check access for a user to a single Azure resource.
December 2024	Security	Documented improvements for how to view users with elevated access and how to remove this elevated access. See View users with elevated access.
December 2024	Roles	Added Compute Gallery Image Reader role.
December 2024	Roles	Added Azure Stack HCI Connected InfraVMs role.
December 2024	Roles and permissions	Updated permissions for several roles and resource providers. See Azure built-in roles and Azure permissions.
November 2024	Role assignments	General availability of the integration of Azure RBAC and Microsoft Entra Privileged Identity Management (PIM) to create eligible and time-bound role assignments. See Eligible and time-bound role assignments in Azure RBAC, Assign Azure roles using the Azure portal, and Activate eligible Azure role assignments.
November 2024	Roles	Added Azure Managed Grafana Workspace Contributor role.
October 2024	Roles	Added Azure Service Fabric roles. See Service Fabric Cluster Contributor and Service Fabric Managed Cluster Contributor.
October 2024	Roles	Updated Cognitive Services Data Reader role.
September 2024	Roles	Added Azure Kubernetes roles. See Azure Kubernetes Service Arc Cluster Admin Role, Azure Kubernetes Service Arc Cluster User Role, and Azure Kubernetes Service Arc Contributor Role.
September 2024	Roles and permissions	Added de-identification service roles in Azure Health Data Services. See DeID Batch Data Owner, DeID Batch Data Reader, DeID Data Owner, DeID Realtime Data User, and Microsoft.HealthDataAIServices.
September 2024	Roles	Added app configuration roles. See App Configuration Contributor and App Configuration Reader.
September 2024	Roles	Added Privileged category. See Azure built-in roles for Privileged.
August 2024	Security	Updates about classic administrators retirement. See Azure classic subscription administrators.
August 2024	Role assignments	Updates to scope for the integration of Azure RBAC and Microsoft Entra Privileged Identity Management (PIM). See Eligible and time-bound role assignments in Azure RBAC.
July 2024	Roles	Added Azure Compute Gallery roles. See Compute Gallery Artifacts Publisher and Compute Gallery Sharing Admin.
June 2024	Roles	Added Azure AI roles. See Azure AI Developer, Azure AI Enterprise Network Connection Approver, and Azure AI Inference Deployment Operator.
June 2024	Role assignments	Preview of the integration of Azure RBAC and Microsoft Entra Privileged Identity Management (PIM) to create eligible and time-bound role assignments. See Eligible and time-bound role assignments in Azure RBAC, Assign Azure roles using the Azure portal, and Activate eligible Azure role assignments.