Turbot Guardrails Hub 
Hub
Mods
Azure
40
Mods
162
Resource Types
1,906
Policies
932
Controls
103
Quick Actions
95
IAM

IAM Role: Azure/Key Vault/admin

PermissionGrant
microsoft.keyvault/hsmpools/deleteadmin
microsoft.keyvault/hsmpools/writeadmin
microsoft.keyvault/locations/deletevirtualnetworkorsubnets/actionadmin
microsoft.keyvault/vaults/accesspolicies/writeadmin
microsoft.keyvault/vaults/writeadmin
microsoft.keyvault/vaults/deleteadmin
microsoft.keyvault/vaults/eventgridfilters/deleteadmin
microsoft.keyvault/vaults/eventgridfilters/writeadmin
microsoft.keyvault/vaults/providers/microsoft.insights/diagnosticsettings/writeadmin
microsoft.keyvault/vaults/secrets/writeadmin
microsoft.resources/deployments/cancel/actionadmin
microsoft.resources/deployments/deleteadmin
microsoft.resources/deployments/validate/actionadmin
microsoft.resources/deployments/writeadmin
microsoft.keyvault/hsmpools/joinvault/actionoperator
microsoft.keyvault/locations/deletedvaults/purge/actionoperator
microsoft.keyvault/register/actionoperator
microsoft.keyvault/unregister/actionoperator
microsoft.keyvault/vaults/deploy/actionoperator
microsoft.keyvault/checknameavailability/readmetadata
microsoft.keyvault/deletedvaults/readmetadata
microsoft.keyvault/hsmpools/readmetadata
microsoft.keyvault/locations/deletedvaults/readmetadata
microsoft.keyvault/locations/operationresults/readmetadata
microsoft.keyvault/operations/readmetadata
microsoft.keyvault/vaults/eventgridfilters/readmetadata
microsoft.keyvault/vaults/providers/microsoft.insights/diagnosticsettings/readmetadata
microsoft.keyvault/vaults/providers/microsoft.insights/logdefinitions/readmetadata
microsoft.keyvault/vaults/providers/microsoft.insights/metricdefinitions/readmetadata
microsoft.keyvault/vaults/readmetadata
microsoft.keyvault/vaults/secrets/readmetadata
microsoft.resources/deployments/operations/readmetadata
microsoft.resources/deployments/readmetadata
microsoft.resources/subscriptions/resourcegroups/readmetadata