github.com/microsoft/moc@v0.17.1/common/roles.go

github.com/microsoft/moc@v0.17.1/common/roles.go (about)

     1  // Copyright (c) Microsoft Corporation.
     2  // Licensed under the Apache v2.0 license.
     3  
     4  package wssdcommon
     5  
     6  // Default Roles
     7  const (
     8  	// Admin Role - has full access permissions
     9  	OwnerRoleName = "Owner"
    10  	// Contributor Role - has full access, but can't assign or create roles
    11  	ContributorRoleName = "Contributor"
    12  	// Reader Role - has access to view all resource, but can't make changes
    13  	ReaderRoleName = "Reader"
    14  	// Location Contributor Role - has permissions to run any operation on the location resource
    15  	LocationContributorRoleName = "LocationContributor"
    16  	// Group Contributor Role - has permissions to run any operation on the group resource
    17  	GroupContributorRoleName = "GroupContributor"
    18  	// Node Contributor Role - has permissions to create and get nodes
    19  	NodeContributorRoleName = "NodeContributor"
    20  	// Cluster Contributor Role - has permissions to create and get clusters
    21  	ClusterContributorRoleName = "ClusterContributor"
    22  	// MacPool Contributor Role - has permissions to run any operation on mac pools
    23  	MacPoolContributorRoleName = "MacPoolContributor"
    24  	// VipPool Contributor Role - has permissions to run any operation on vip pools
    25  	VipPoolContributorRoleName = "VipPoolContributor"
    26  	// GalleryImage Contributor Role - has permissions to run any operation on gallery images
    27  	GalleryImageContributorRoleName = "GalleryImageContributor"
    28  	// ControlPlane Contributor Role - has permissions to run any operation on control planes
    29  	ControlPlaneContributorRoleName = "ControlPlaneContributor"
    30  	// StorageContainer Contributor Role - has permissions to run any operation on storage containers
    31  	StorageContainerContributorRoleName = "StorageContainerContributor"
    32  	// LB Contributor Role - has permissions to run any operation on LBs
    33  	LBContributorRoleName = "LBContributor"
    34  	// Network Interface Contributor Role - has permissions to run any operation on network interfaces
    35  	NIContributorRoleName = "NetworkInterfaceContributor"
    36  	// Network Security Group Contributor Role - has permissions to run any operation on network security groups
    37  	NSGContributorRoleName = "NetworkSecurityGroupContributor"
    38  	// VM Contributor Role - has permissions to run any operation on VMs
    39  	VMContributorRoleName = "VMContributor"
    40  	// VM Updater Role - has permissions to update VMs
    41  	VMUpdaterRoleName = "VMUpdater"
    42  	// VirtualMachineImage Contributor Role - has permissions to run any operation on VirtualMachineImages
    43  	VMIContributorRoleName = "VirtualMachineImageContributor"
    44  	// VirtualMachineScaleSet Contributor Role - has permissions to run any operation on VirtualMachineScaleSets
    45  	VMSSContributorRoleName = "VMSSContributor"
    46  	// BareMetalMachine Contributor Role - has permissions to run any operation on BareMetalMachines
    47  	BMMContributorRoleName = "BareMetalMachineContributor"
    48  	// VirtualNetwork Contributor Role - has permissions to run any operation on VirtualNetworks
    49  	VNetContributorRoleName = "VirtualNetworkContributor"
    50  	// LogicalNetwork Contributor Role - has permissions to run any operation on LogicalNetworks
    51  	LNetContributorRoleName = "LogicalNetworkContributor"
    52  	// VirtualHardDisk Contributor Role - has permissions to run any operation on VirtualHardDisks
    53  	VHDContributorRoleName = "VirtualHardDiskContributor"
    54  	// Kubernetes Contributor Role - has permissions to run any operation on Kubernetes resources
    55  	KubernetesContributorRoleName = "KubernetesContributor"
    56  	// EtcdCluster Contributor Role - has permissions to run any operation on EtcdClusters
    57  	EtcdClusterContributorRoleName = "EtcdClusterContributor"
    58  	// EtcdServer Contributor Role - has permissions to run any operation on EtcdServers
    59  	EtcdServerContributorRoleName = "EtcdServerContributor"
    60  	// Role Contributor Role - has permissions to operate on roles and assign them
    61  	RoleContributorRoleName = "RoleContributor"
    62  	// Identity Contributor Role - has permissions to run any operation on Identities
    63  	IdentityContributorRoleName = "IdentityContributor"
    64  	// Certificate Contributor Role - has permissions to run any operation on Certificates
    65  	CertContributorRoleName = "CertificateContributor"
    66  	// KeyVault Contributor Role - has permissions to run any operation on KeyVaults
    67  	KeyVaultContributorRoleName = "KeyVaultContributor"
    68  	// Key Contributor role - has permissions to run any operation on Keys
    69  	KeyContributorRoleName = "KeyContributor"
    70  	// Secret Contributor role - has permissions to run any operation on Secrets
    71  	SecretContributorRoleName = "SecretContributor"
    72  	// AvailabilitySet Contributor Role - has permissions to run any operations on AvailabilitySets
    73  	AvailabilitySetContributorRoleName = "AvailabilitySetContributor"
    74  	// Location Reader role - has permissions to run read operations on locations
    75  	LocationReaderRoleName = "LocationReader"
    76  	// Group Reader Role - has permissions to run read operations on the group resource
    77  	GroupReaderRoleName = "GroupReader"
    78  	// Node Reader Role - has permissions to get nodes
    79  	NodeReaderRoleName = "NodeReader"
    80  	// Cluster Reader Role - has permissions to get clusters
    81  	ClusterReaderRoleName = "ClusterReader"
    82  	// MacPool Reader Role - has permissions to run read operations on mac pools
    83  	MacPoolReaderRoleName = "MacPoolReader"
    84  	// VipPool Reader Role - has permissions to run read operations on vip pools
    85  	VipPoolReaderRoleName = "VipPoolReader"
    86  	// GalleryImage Reader Role - has permissions to run read operations on gallery images
    87  	GalleryImageReaderRoleName = "GalleryImageReader"
    88  	// ControlPlane Reader Role - has permissions to run read operations on control planes
    89  	ControlPlaneReaderRoleName = "ControlPlaneReader"
    90  	// StorageContainer Reader Role - has permissions to run read operations on storage containers
    91  	StorageContainerReaderRoleName = "StorageContainerReader"
    92  	// LB Reader Role - has permissions to run read operations on LBs and interfaces
    93  	LBReaderRoleName = "LBReader"
    94  	// Network Interface Reader Role - has permissions to run read operations on network interfaces
    95  	NIReaderRoleName = "NetworkInterfaceReader"
    96  	// Network Security Group Reader Role - has permissions to run read operations on network security groups
    97  	NSGReaderRoleName = "NetworkSecurityGroupReader"
    98  	// VM Reader Role - has permissions to run read operations on VMs
    99  	VMReaderRoleName = "VMReader"
   100  	// VirtualMachineImage Reader Role - has permissions to run read operations on VirtualMachineImages
   101  	VMIReaderRoleName = "VirtualMachineImageReader"
   102  	// VirtualMachineScaleSet Reader Role - has permissions to run read operations on VirtualMachineScaleSets
   103  	VMSSReaderRoleName = "VMSSReader"
   104  	// BareMetalMachine Reader Role - has permissions to run read operations on BareMetalMachines
   105  	BMMReaderRoleName = "BareMetalMachineReader"
   106  	// VirtualNetwork Reader Role - has permissions to run read operations on VirtualNetworks
   107  	VNetReaderRoleName = "VirtualNetworkReader"
   108  	// LogicalNetwork Reader Role - has permissions to run read operations on LogicalNetworks
   109  	LNetReaderRoleName = "LogicalNetworkReader"
   110  	// VirtualHardDisk Reader Role - has permissions to run read operations on VirtualHardDisks
   111  	VHDReaderRoleName = "VirtualHardDiskReader"
   112  	// Kubernetes Reader Role - has permissions to run read operations on Kubernetes resources
   113  	KubernetesReaderRoleName = "KubernetesReader"
   114  	// EtcdCluster Reader Role - has permissions to run read operations on EtcdClusters
   115  	EtcdClusterReaderRoleName = "EtcdClusterReader"
   116  	// EtcdServer Reader Role - has permissions to run read operations on EtcdServers
   117  	EtcdServerReaderRoleName = "EtcdServerReader"
   118  	// Identity Reader Role - has permissions to run read operations on Identities
   119  	IdentityReaderRoleName = "IdentityReader"
   120  	// Role Reader Role - has permissions to operate on roles and assign them
   121  	RoleReaderRoleName = "RoleReader"
   122  	// Certificate Reader Role - has permissions to run read operations on Certificates
   123  	CertReaderRoleName = "CertificateReader"
   124  	// KeyVault Reader Role - has permissions to run read operations on KeyVaults
   125  	KeyVaultReaderRoleName = "KeyVaultReader"
   126  	// Key Reader role - has permissions to run read operations on Keys
   127  	KeyReaderRoleName = "KeyReader"
   128  	// Secret Reader role - has permissions to run read operations on Secrets
   129  	SecretReaderRoleName = "SecretReader"
   130  	// Health Reader role - has permissions to read agent health information
   131  	HealthReaderRoleName = "HealthReader"
   132  	// AvailabilitySet Reader Role - has permissions to run read operations on AvailabilitySets
   133  	AvailabilitySetReaderRoleName = "AvailabilitySetReader"
   134  	// Certificate Signer Role - has permissions to run sign and renew operations on Certificates
   135  	CertSignerRoleName = "CertificateSigner"
   136  )