author: Nathan Swift
New Azure Portal UI experience for creating and editing custom roles is avaliable!
Can be used when testing a newly created custom role, to see if there are inadvertent permissions granted on known risky Azure management APIs.
Longer term goals include:
- Community driven effort to build .csv or undefined template file you can import that defines risky APIs with some context, classification, and why
- A documented scenario where triggered alert of a new custom role definition executes script.