Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Mods
Azure
  • Azure/Owner
  • Azure/Admin
  • Azure/Operator
  • Azure/Metadata
  • Azure/AI Foundry/admin
  • Azure/AI Foundry/metadata
  • Azure/AKS/admin
  • Azure/AKS/metadata
  • Azure/Alerts Management/admin
  • Azure/Alerts Management/operator
  • Azure/Alerts Management/metadata
  • Azure/API Management/admin
  • Azure/API Management/operator
  • Azure/API Management/metadata
  • Azure/Application Gateway/admin
  • Azure/Application Gateway/operator
  • Azure/Application Gateway/readonly
  • Azure/Application Gateway/metadata
  • Azure/Application Insights/admin
  • Azure/Application Insights/metadata
  • Azure/App Service/admin
  • Azure/App Service/metadata
  • Azure/Automation/admin
  • Azure/Automation/operator
  • Azure/Automation/metadata
  • Azure/Bot Service/Admin
  • Azure/Bot Service/Operator
  • Azure/Bot Service/Metadata
  • Azure/Cognitive Services/admin
  • Azure/Cognitive Services/operator
  • Azure/Cognitive Services/metadata
  • Azure/Compute/admin
  • Azure/Compute/operator
  • Azure/Compute/metadata
  • Azure/Container Registry/admin
  • Azure/Container Registry/metadata
  • Azure/Cosmos DB/admin
  • Azure/Cosmos DB/operator
  • Azure/Cosmos DB/metadata
  • Azure/Databricks/admin
  • Azure/Databricks/metadata
  • Azure/Data Factory/admin
  • Azure/Data Factory/metadata
  • Azure/DNS/admin
  • Azure/DNS/metadata
  • Azure/Firewall/admin
  • Azure/Firewall/metadata
  • Azure/Front Door/admin
  • Azure/Front Door/operator
  • Azure/Front Door/metadata
  • Azure/IAM/Owner
  • Azure/IAM/Metadata
  • Azure/Key Vault/admin
  • Azure/Key Vault/operator
  • Azure/Key Vault/metadata
  • Azure/Load Balancer/admin
  • Azure/Load Balancer/metadata
  • Azure/Log Analytics/admin
  • Azure/Log Analytics/metadata
  • Azure/Managed Identity/admin
  • Azure/Managed Identity/metadata
  • Azure/Monitor/Admin
  • Azure/Monitor/Operator
  • Azure/Monitor/Metadata
  • Azure/MySQL/admin
  • Azure/MySQL/metadata
  • Azure/Network/Admin
  • Azure/Network/Operator
  • Azure/Network/ReadOnly
  • Azure/Network/Metadata
  • Azure/Network Watcher/admin
  • Azure/Network Watcher/operator
  • Azure/Network Watcher/readonly
  • Azure/Network Watcher/metadata
  • Azure/PostgreSQL/admin
  • Azure/PostgreSQL/operator
  • Azure/PostgreSQL/metadata
  • Azure/Recovery Service/admin
  • Azure/Recovery Service/operator
  • Azure/Recovery Service/metadata
  • Azure/Redis/Admin
  • Azure/Redis/Operator
  • Azure/Redis/Metadata
  • Azure/Relay/Admin
  • Azure/Relay/ReadOnly
  • Azure/Relay/Metadata
  • Azure/Search Management/admin
  • Azure/Search Management/metadata
  • Azure/Security Center/admin
  • Azure/Security Center/operator
  • Azure/Security Center/metadata
  • Azure/Service Bus/admin
  • Azure/Service Bus/operator
  • Azure/Service Bus/metadata
  • Azure/SignalR Service/Admin
  • Azure/SignalR Service/Operator
  • Azure/SignalR Service/Metadata
  • Azure/SQL/admin
  • Azure/SQL/operator
  • Azure/SQL/readonly
  • Azure/SQL/metadata
  • Azure/SQL Virtual Machine Service/admin
  • Azure/SQL Virtual Machine Service/operator
  • Azure/SQL Virtual Machine Service/metadata
  • Azure/Storage/Admin
  • Azure/Storage/Operator
  • Azure/Storage/Metadata
  • Azure/Synapse Analytics/admin
  • Azure/Synapse Analytics/operator
  • Azure/Synapse Analytics/metadata

IAM Role: Azure/Compute/admin

PermissionGrant
microsoft.compute/availabilitysets/deleteadmin
microsoft.compute/availabilitysets/writeadmin
microsoft.compute/diskencryptionsets/deleteadmin
microsoft.compute/diskencryptionsets/writeadmin
microsoft.compute/disks/begingetaccess/actionadmin
microsoft.compute/disks/deleteadmin
microsoft.compute/disks/endgetaccess/actionadmin
microsoft.compute/disks/writeadmin
microsoft.compute/images/deleteadmin
microsoft.compute/images/writeadmin
microsoft.compute/restorepointcollections/deleteadmin
microsoft.compute/restorepointcollections/restorepoints/deleteadmin
microsoft.compute/restorepointcollections/restorepoints/writeadmin
microsoft.compute/restorepointcollections/writeadmin
microsoft.compute/snapshots/begingetaccess/actionadmin
microsoft.compute/snapshots/deleteadmin
microsoft.compute/snapshots/endgetaccess/actionadmin
microsoft.compute/snapshots/writeadmin
microsoft.compute/sshpublickeys/deleteadmin
microsoft.compute/sshpublickeys/generatekeypair/actionadmin
microsoft.compute/sshpublickeys/writeadmin
microsoft.compute/virtualmachines/capture/actionadmin
microsoft.compute/virtualmachines/converttomanageddisks/actionadmin
microsoft.compute/virtualmachines/deallocate/actionadmin
microsoft.compute/virtualmachines/deleteadmin
microsoft.compute/virtualmachines/extensions/deleteadmin
microsoft.compute/virtualmachines/extensions/writeadmin
microsoft.compute/virtualmachines/generalize/actionadmin
microsoft.compute/virtualmachines/performmaintenance/actionadmin
microsoft.compute/virtualmachines/poweroff/actionadmin
microsoft.compute/virtualmachines/redeploy/actionadmin
microsoft.compute/virtualmachines/restart/actionadmin
microsoft.compute/virtualmachines/start/actionadmin
microsoft.compute/virtualmachines/writeadmin
microsoft.compute/virtualmachinescalesets/deallocate/actionadmin
microsoft.compute/virtualmachinescalesets/deleteadmin
microsoft.compute/virtualmachinescalesets/delete/actionadmin
microsoft.compute/virtualmachinescalesets/extensions/deleteadmin
microsoft.compute/virtualmachinescalesets/extensions/writeadmin
microsoft.compute/virtualmachinescalesets/manualupgrade/actionadmin
microsoft.compute/virtualmachinescalesets/poweroff/actionadmin
microsoft.compute/virtualmachinescalesets/reimage/actionadmin
microsoft.compute/virtualmachinescalesets/restart/actionadmin
microsoft.compute/virtualmachinescalesets/rollingupgrades/cancel/actionadmin
microsoft.compute/virtualmachinescalesets/scale/actionadmin
microsoft.compute/virtualmachinescalesets/start/actionadmin
microsoft.compute/virtualmachinescalesets/virtualmachines/deallocate/actionadmin
microsoft.compute/virtualmachinescalesets/virtualmachines/deleteadmin
microsoft.compute/virtualmachinescalesets/virtualmachines/poweroff/actionadmin
microsoft.compute/virtualmachinescalesets/virtualmachines/reimage/actionadmin
microsoft.compute/virtualmachinescalesets/virtualmachines/restart/actionadmin
microsoft.compute/virtualmachinescalesets/virtualmachines/start/actionadmin
microsoft.compute/virtualmachinescalesets/writeadmin
microsoft.devtestlab/schedules/writeadmin
microsoft.network/networkinterfaces/deleteadmin
microsoft.network/networkinterfaces/join/actionadmin
microsoft.network/networkinterfaces/writeadmin
microsoft.network/networksecuritygroups/join/actionadmin
microsoft.network/publicipaddresses/join/actionadmin
microsoft.network/publicipaddresses/writeadmin
microsoft.network/virtualnetworks/subnets/join/actionadmin
microsoft.resources/deployments/cancel/actionadmin
microsoft.resources/deployments/deleteadmin
microsoft.resources/deployments/validate/actionadmin
microsoft.resources/deployments/writeadmin
microsoft.compute/virtualmachines/runcommand/actionoperator
microsoft.compute/availabilitysets/readmetadata
microsoft.compute/availabilitysets/vmsizes/readmetadata
microsoft.compute/diskencryptionsets/readmetadata
microsoft.compute/disks/readmetadata
microsoft.compute/images/readmetadata
microsoft.compute/locations/diskoperations/readmetadata
microsoft.compute/locations/operations/readmetadata
microsoft.compute/locations/runcommands/readmetadata
microsoft.compute/locations/usages/readmetadata
microsoft.compute/locations/vmsizes/readmetadata
microsoft.compute/operations/readmetadata
microsoft.compute/restorepointcollections/readmetadata
microsoft.compute/restorepointcollections/restorepoints/readmetadata
microsoft.compute/restorepointcollections/restorepoints/retrievesasuris/actionmetadata
microsoft.compute/snapshots/readmetadata
microsoft.compute/sshpublickeys/readmetadata
microsoft.compute/virtualmachines/extensions/readmetadata
microsoft.compute/virtualmachines/instanceview/readmetadata
microsoft.compute/virtualmachines/providers/microsoft.insights/metricdefinitions/readmetadata
microsoft.compute/virtualmachines/readmetadata
microsoft.compute/virtualmachines/vmsizes/readmetadata
microsoft.compute/virtualmachinescalesets/extensions/readmetadata
microsoft.compute/virtualmachinescalesets/instanceview/readmetadata
microsoft.compute/virtualmachinescalesets/providers/microsoft.insights/metricdefinitions/readmetadata
microsoft.compute/virtualmachinescalesets/readmetadata
microsoft.compute/virtualmachinescalesets/rollingupgrades/readmetadata
microsoft.compute/virtualmachinescalesets/skus/readmetadata
microsoft.compute/virtualmachinescalesets/virtualmachines/instanceview/readmetadata
microsoft.compute/virtualmachinescalesets/virtualmachines/providers/microsoft.insights/metricdefinitions/readmetadata
microsoft.compute/virtualmachinescalesets/virtualmachines/readmetadata
microsoft.network/networkinterfaces/readmetadata
microsoft.network/networksecuritygroups/readmetadata
microsoft.network/publicipaddresses/readmetadata
microsoft.network/virtualnetworks/readmetadata
microsoft.network/virtualnetworks/subnets/readmetadata
microsoft.resources/deployments/operations/readmetadata
microsoft.resources/deployments/readmetadata
microsoft.resources/subscriptions/resourcegroups/readmetadata
microsoft.storage/storageaccounts/readmetadata
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy
50
Mods
204
Resource Types
3,575
Policies
1,941
Controls
103
Quick Actions
111
IAM