When you run Get-AzRoleDefinition (and any parameter that would force the return of custom roles), it only returns Role Definitions with the AssignableScope "/".
PS C:\Users\tylerrindels> $DebugPreference='Continue'
PS C:\Users\tylerrindels> Get-AzRoleDefinition -Custom
DEBUG: 2:50:52 PM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 2:50:52 PM - GetAzureRoleDefinitionCommand begin processing with ParameterSet 'RoleDefinitionCustomParameterSet'.
DEBUG: 2:50:52 PM - using account id 'tylerrindels@microsoft.com'...
DEBUG: 2:50:52 PM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: [Common.Authentication]: Authenticating using Account: 'tylerrindels@microsoft.com', environment: 'AzureCloud', tenant: '72f988bf-86f1-41af-91ab-2d7cd011db47'
DEBUG: 2:50:52 PM - [ConfigManager] Got nothing from [DisableInstanceDiscovery], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 2:50:52 PM - [ConfigManager] Got nothing from [EnableLoginByWam], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 2:50:52 PM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'72f988bf-86f1-41af-91ab-2d7cd011db47', Scopes:'https://graph.microsoft.com//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'tylerrindels@microsoft.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://graph.microsoft.com//.default ] ParentRequestId:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 823bbfb5-f510-4467-8378-ef63bf711d8b] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 823bbfb5-f510-4467-8378-ef63bf711d8b] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 823bbfb5-f510-4467-8378-ef63bf711d8b] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 823bbfb5-f510-4467-8378-ef63bf711d8b] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 823bbfb5-f510-4467-8378-ef63bf711d8b] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 823bbfb5-f510-4467-8378-ef63bf711d8b] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [RuntimeBroker] ListWindowsWorkAndSchoolAccounts option was not enabled.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - dd6a2054-f17b-4457-95e0-cd4e9695b122] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] Found 2 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] Returning 2 accounts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] MSAL MSAL.CoreCLR with assembly version '4.61.3.0'. CorrelationId(8310ca11-e255-4349-b037-1a6306644dde)
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] LoginHint provided: False
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Account provided: True
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] ForceRefresh: False
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde]
=== Request Data ===
Authority Provided? - True
Scopes - https://graph.microsoft.com//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - True
HomeAccountId - False
CorrelationId - 8310ca11-e255-4349-b037-1a6306644dde
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] === Token Acquisition (SilentRequest) started:
Scopes: https://graph.microsoft.com//.default
Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Broker is configured and enabled, attempting to use broker instead.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Can invoke broker. Will attempt to acquire token with broker.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0001] WARNING SetAuthorityUri:78 Initializing authority from URI 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/' without authority type, defaulting to MsSts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:422 Printing Telemetry for Correlation ID: 8310ca11-e255-4349-b037-1a6306644dde
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: start_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: api_name, Value: ReadAccountById
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: authority_type, Value: Unknown
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: correlation_id, Value: 8310ca11-e255-4349-b037-1a6306644dde
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: broker_app_used, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: stop_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: is_successful, Value: true
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
LogTelemetryData:430 Key: request_duration, Value: 0
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
SetCorrelationId:258 Set correlation ID: 8310ca11-e255-4349-b037-1a6306644dde
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO EnqueueBackgroundRequest:1000 The original authority is 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47'
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
ModifyAndValidateAuthParameters:219 Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] INFO
ModifyAndValidateAuthParameters:243 Authority Realm: 72f988bf-86f1-41af-91ab-2d7cd011db47
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0007] WARNING TryEnqueueMsaDeviceCredentialAcquisitionAndContinue:1052 MsaDeviceOperationProvider is not available. Not attempting to register the device.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
StorageTokenResponse:84 StorageTokenResponse account constructor invoked. This is only expected in Runtime flows
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:422 Printing Telemetry for Correlation ID: 8310ca11-e255-4349-b037-1a6306644dde
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: start_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: api_name, Value: AcquireTokenSilently
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: authority_type, Value: AAD
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: access_token_expiry_time, Value: 2024-07-24T21:02:44.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: read_token, Value: ID|AT
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: client_id, Value: 1950a258-227b-4e31-a9cf-717495945fc2
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: correlation_id, Value: 8310ca11-e255-4349-b037-1a6306644dde
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: broker_app_used, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: stop_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO LogTelemetryData:430 Key: original_authority, Value: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: request_eligible_for_broker, Value: true
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: additional_query_parameters_count, Value: 1
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: storage_read, Value: DAC|DAT|DID
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: auth_flow, Value: AT
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: is_successful, Value: true
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: authorization_type, Value: WindowsIntegratedAuth
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: request_duration, Value: 10
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:435 Printing Execution Flow:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO LogTelemetryData:443 {"t":"4s7uc","tid":7,"ts":0,"l":2},{"t":"4sufd","tid":7,"ts":0,"s":2,"l":2},{"t":"4swgg","tid":7,"ts":0,"s":5,"l":2},{"t":"4swgf","tid":7,"ts":0,"s":1,"l":2},{"t":"4swgi","tid":3,"ts":0,"s":5,"l":2},{"t":"8b2yn","tid":3,"ts":0,"l":2},{"t":"8dqkx","tid":3,"ts":0,"l":2},{"t":"8dqik","tid":3,"ts":0,"l":2},{"t":"4q2di","tid":3,"ts":0,"l":2},{"t":"4qnng","tid":3,"ts":0,"l":2,"a":2,"ie":0},{"t":"4qnnf","tid":3,"ts":3,"l":2,"a":2,"ie":1},{"t":"8dqit","tid":3,"ts":3,"l":2},{"t":"8b2ht","tid":3,"ts":3,"l":2},{"t":"4qnno","tid":3,"ts":3,"l":2,"a":2,"ie":0},{"t":"4qnnn","tid":3,"ts":10,"l":2,"a":2,"ie":1},{"t":"6xuag","tid":3,"ts":10,"l":2}
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [RuntimeBroker] WAM response status success
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Checking MsalTokenResponse returned from broker.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Success. Response contains an access token.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Checking client info returned from the server..
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Saving token response to cache..
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] [SaveTokenResponseAsync] Saving Id Token and Account in cache ...
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] [CalculateSuggestedCacheExpiry] No access tokens or refresh tokens found in the accessor. Not returning any expiration.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde]
=== Token Acquisition finished successfully:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] AT expiration time: 7/24/2024 9:02:43 PM +00:00, scopes: email https://graph.microsoft.com//.default https://graph.microsoft.com//AuditLog.Read.All https://graph.microsoft.com//Directory.AccessAsUser.All openid profile. source: Broker
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 8310ca11-e255-4349-b037-1a6306644dde] Fetched access token from host login.microsoftonline.com.
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://graph.microsoft.com//.default ] ParentRequestId: ExpiresOn: 2024-07-24T21:02:43.8663625+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: '72f988bf-86f1-41af-91ab-2d7cd011db47', UserId: 'tylerrindels@microsoft.com'
DEBUG: [Common.Authentication]: Authenticating using Account: 'tylerrindels@microsoft.com', environment: 'AzureCloud', tenant: '72f988bf-86f1-41af-91ab-2d7cd011db47'
DEBUG: 2:50:52 PM - [ConfigManager] Got nothing from [DisableInstanceDiscovery], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 2:50:52 PM - [ConfigManager] Got nothing from [EnableLoginByWam], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 2:50:52 PM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'72f988bf-86f1-41af-91ab-2d7cd011db47', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'tylerrindels@microsoft.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 0a30d271-faa7-464e-86bc-e466b5a7ea38] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 0a30d271-faa7-464e-86bc-e466b5a7ea38] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 0a30d271-faa7-464e-86bc-e466b5a7ea38] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 0a30d271-faa7-464e-86bc-e466b5a7ea38] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 0a30d271-faa7-464e-86bc-e466b5a7ea38] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 0a30d271-faa7-464e-86bc-e466b5a7ea38] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [RuntimeBroker] ListWindowsWorkAndSchoolAccounts option was not enabled.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 64c20239-f291-4b5e-9979-25c922163978] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] Found 2 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] Returning 2 accounts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] MSAL MSAL.CoreCLR with assembly version '4.61.3.0'. CorrelationId(6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc)
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] LoginHint provided: False
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Account provided: True
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] ForceRefresh: False
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - True
HomeAccountId - False
CorrelationId - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] === Token Acquisition (SilentRequest) started:
Scopes: https://management.core.windows.net//.default
Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Broker is configured and enabled, attempting to use broker instead.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [Runtime] WAM supported OS.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Can invoke broker. Will attempt to acquire token with broker.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0001] WARNING SetAuthorityUri:78 Initializing authority from URI 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/' without authority type, defaulting to MsSts
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:422 Printing Telemetry for Correlation ID: 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: start_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: api_name, Value: ReadAccountById
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: authority_type, Value: Unknown
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: correlation_id, Value: 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: broker_app_used, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: stop_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: is_successful, Value: true
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
LogTelemetryData:430 Key: request_duration, Value: 0
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
SetCorrelationId:258 Set correlation ID: 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO EnqueueBackgroundRequest:1000 The original authority is 'https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47'
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
ModifyAndValidateAuthParameters:219 Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] INFO
ModifyAndValidateAuthParameters:243 Authority Realm: 72f988bf-86f1-41af-91ab-2d7cd011db47
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0008] WARNING TryEnqueueMsaDeviceCredentialAcquisitionAndContinue:1052 MsaDeviceOperationProvider is not available. Not attempting to register the device.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
StorageTokenResponse:84 StorageTokenResponse account constructor invoked. This is only expected in Runtime flows
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:422 Printing Telemetry for Correlation ID: 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: start_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: api_name, Value: AcquireTokenSilently
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: was_request_throttled, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: authority_type, Value: AAD
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: access_token_expiry_time, Value: 2024-07-24T21:04:39.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: read_token, Value: ID|AT
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: msal_version, Value: 1.1.0+local
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: client_id, Value: 1950a258-227b-4e31-a9cf-717495945fc2
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: correlation_id, Value: 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: broker_app_used, Value: false
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: stop_time, Value: 2024-07-24T19:50:52.000Z
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: msalruntime_version, Value: 0.16.2
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO LogTelemetryData:430 Key: original_authority, Value: https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: request_eligible_for_broker, Value: true
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: additional_query_parameters_count, Value: 1
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: storage_read, Value: DAC|DAT|DID
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: auth_flow, Value: AT
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: is_successful, Value: true
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: authorization_type, Value: WindowsIntegratedAuth
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:430 Key: request_duration, Value: 10
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO
LogTelemetryData:435 Printing Execution Flow:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [MSAL:0003] INFO LogTelemetryData:443 {"t":"4s7uc","tid":8,"ts":0,"l":2},{"t":"4sufd","tid":8,"ts":0,"s":2,"l":2},{"t":"4swgg","tid":8,"ts":0,"s":6,"l":2},{"t":"4swgf","tid":8,"ts":0,"s":1,"l":2},{"t":"4swgi","tid":3,"ts":0,"s":6,"l":2},{"t":"8b2yn","tid":3,"ts":0,"l":2},{"t":"8dqkx","tid":3,"ts":0,"l":2},{"t":"8dqik","tid":3,"ts":0,"l":2},{"t":"4q2di","tid":3,"ts":0,"l":2},{"t":"4qnng","tid":3,"ts":0,"l":2,"a":2,"ie":0},{"t":"4qnnf","tid":3,"ts":3,"l":2,"a":2,"ie":1},{"t":"8dqit","tid":3,"ts":3,"l":2},{"t":"8b2ht","tid":3,"ts":3,"l":2},{"t":"4qnno","tid":3,"ts":3,"l":2,"a":2,"ie":0},{"t":"4qnnn","tid":3,"ts":11,"l":2,"a":2,"ie":1},{"t":"6xuag","tid":3,"ts":11,"l":2}
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z] [RuntimeBroker] WAM response status success
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Checking MsalTokenResponse returned from broker.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Success. Response contains an access token.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Checking client info returned from the server..
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Saving token response to cache..
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] [SaveTokenResponseAsync] Saving Id Token and Account in cache ...
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] [CalculateSuggestedCacheExpiry] No access tokens or refresh tokens found in the accessor. Not returning any expiration.
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc]
=== Token Acquisition finished successfully:
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] AT expiration time: 7/24/2024 9:04:38 PM +00:00, scopes: https://management.core.windows.net//.default https://management.core.windows.net//user_impersonation. source: Broker
DEBUG: False MSAL 4.61.3.0 MSAL.CoreCLR .NET 8.0.6 Microsoft Windows 10.0.26120 [2024-07-24 19:50:52Z - 6dd82727-1a0b-40ba-af87-ce4fcc9cd6fc] Fetched access token from host login.microsoftonline.com.
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId: ExpiresOn: 2024-07-24T21:04:38.9688421+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: '72f988bf-86f1-41af-91ab-2d7cd011db47', UserId: 'tylerrindels@microsoft.com'
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com//subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions?$filter=type eq 'CustomRole'&api-version=2022-05-01-preview
Headers:
Accept-Language : en-US
x-ms-client-request-id : cef7d736-ff9a-46ac-90f2-1b024a1b5b8f
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Cache-Control : no-cache
Pragma : no-cache
Set-Cookie : x-ms-gateway-slice=Production; path=/; secure; samesite=none; httponly
x-ms-request-id : 5e7b7842-5b14-4c9c-a0f9-10a5df9543c4
X-Content-Type-Options : nosniff
Strict-Transport-Security : max-age=31536000; includeSubDomains
x-ms-ratelimit-remaining-subscription-reads: 11999
x-ms-correlation-request-id : ea4c9532-3791-44dd-b70d-243b80c049ba
x-ms-routing-request-id : EASTUS:20240724T195053Z:ea4c9532-3791-44dd-b70d-243b80c049ba
X-Cache : CONFIG_NOCACHE
X-MSEdge-Ref : Ref A: 8C0A626867214EF4B1ABE0BB9DD930BD Ref B: CH1AA2020614031 Ref C: 2024-07-24T19:50:53Z
Date : Wed, 24 Jul 2024 19:50:52 GMT
Body:
{
"value": [
{
"properties": {
"roleName": "Avere Cluster Create",
"type": "CustomRole",
"description": "Avere cluster create role used by the Avere controller to create a vFXT cluster.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Authorization/roleAssignments/*",
"Microsoft.Authorization/roleDefinitions/*",
"Microsoft.Compute/*/read",
"Microsoft.Compute/availabilitySets/*",
"Microsoft.Compute/virtualMachines/*",
"Microsoft.Network/*/read",
"Microsoft.Network/networkInterfaces/*",
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/virtualNetworks/subnets/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/subscriptions/resourceGroups/resources/read",
"Microsoft.Storage/*/read",
"Microsoft.Storage/storageAccounts/listKeys/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2018-11-29T18:46:55.0492387Z",
"updatedOn": "2018-11-29T18:46:55.0492387Z",
"createdBy": null,
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/a7b1b19a-0e83-4fe5-935c-faaefbfd18c3",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "a7b1b19a-0e83-4fe5-935c-faaefbfd18c3"
},
{
"properties": {
"roleName": "Avere Cluster Runtime Operator",
"type": "CustomRole",
"description": "Avere cluster runtime role used by Avere clusters running in subscriptions, for the purpose of failing over IP addresses, accessing BLOB storage, etc",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Network/networkInterfaces/write",
"Microsoft.Network/virtualNetworks/subnets/read",
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/networkSecurityGroups/join/action",
"Microsoft.Network/routeTables/read",
"Microsoft.Network/routeTables/routes/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write"
],
"notActions": [],
"dataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
],
"notDataActions": []
}
],
"createdOn": "2018-08-26T00:41:26.2170858Z",
"updatedOn": "2018-08-26T00:41:26.2170858Z",
"createdBy": "dda50086-5e3d-4a4b-b8bc-f54771104d89",
"updatedBy": "dda50086-5e3d-4a4b-b8bc-f54771104d89"
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/e078ab98-ef3a-4c9a-aba7-12f5172b45d0",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "e078ab98-ef3a-4c9a-aba7-12f5172b45d0"
},
{
"properties": {
"roleName": "Azure Service Deploy Release Management Contributor",
"type": "CustomRole",
"description": "Contributor role for services deploying through Azure Service Deploy.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"*"
],
"notActions": [
"Microsoft.Authorization/*/Delete",
"Microsoft.Authorization/*/Write"
],
"dataActions": [],
"notDataActions": [],
"condition": "((@Subject.Application == '55dc16a23e724a5eb43050311bb101b9') || (@Subject.Application == '5b306cba9c7149db96c3d17ca2379c4d') || (@Subject.Application == '55dc16a2-3e72-4a5e-b430-50311bb101b9') || (@Subject.Application == '5b306cba-9c71-49db-96c3-d17ca2379c4d') || (@Subject.ApplicationId == '55dc16a23e724a5eb43050311bb101b9') || (@Subject.ApplicationId == '5b306cba9c7149db96c3d17ca2379c4d') || (@Subject.ApplicationId == '55dc16a2-3e72-4a5e-b430-50311bb101b9') || (@Subject.ApplicationId == '5b306cba-9c71-49db-96c3-d17ca2379c4d')) && ((@Subject.ApplicationACR == '1') || (@Subject.ApplicationACR == '2'))"
}
],
"createdOn": "2016-02-04T02:26:31.5413362Z",
"updatedOn": "2018-01-08T20:20:16.3660174Z",
"createdBy": null,
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/21d96096-b162-414a-8302-d8354f9d91b2",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "21d96096-b162-414a-8302-d8354f9d91b2"
},
{
"properties": {
"roleName": "CAL-Custom-Role",
"type": "CustomRole",
"description": "Lets SAP Cloud Appliance Library application manage Network and Compute services, manage Resource Groups and Management locks.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/locks/*",
"Microsoft.Authorization/roleDefinitions/*",
"Microsoft.Authorization/roleAssignments/*",
"Microsoft.Compute/*",
"Microsoft.Network/*",
"Microsoft.Resources/*",
"Microsoft.Storage/*",
"Microsoft.ContainerService/*",
"Microsoft.ContainerRegistry/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2018-05-14T19:30:51.0664585Z",
"updatedOn": "2019-02-19T19:11:57.5963229Z",
"createdBy": "dda50086-5e3d-4a4b-b8bc-f54771104d89",
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/7b266cd7-0bba-4ae2-8423-90ede5e1e898",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "7b266cd7-0bba-4ae2-8423-90ede5e1e898"
},
{
"properties": {
"roleName": "Dsms Role (deprecated)",
"type": "CustomRole",
"description": "Custom role used by Dsms to perform operations. Can list and regnerate storage account keys.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.ClassicStorage/storageAccounts/regenerateKey/action",
"Microsoft.Storage/storageAccounts/listkeys/action",
"Microsoft.Storage/storageAccounts/regeneratekey/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2017-05-17T18:02:11.1225951Z",
"updatedOn": "2018-01-13T00:21:52.7211696Z",
"createdBy": "ca5f3715-e7dd-427b-b2db-45b6a4a2df87",
"updatedBy": "ca5f3715-e7dd-427b-b2db-45b6a4a2df87"
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/b91f4c0b-46e3-47bb-a242-eecfe23b3b5b",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "b91f4c0b-46e3-47bb-a242-eecfe23b3b5b"
},
{
"properties": {
"roleName": "Dsms Role (do not use)",
"type": "CustomRole",
"description": "Custom role used by Dsms to perform operations. Can list and regnerate storage account keys.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.ClassicStorage/storageAccounts/regenerateKey/action",
"Microsoft.Storage/storageAccounts/listkeys/action",
"Microsoft.Storage/storageAccounts/regeneratekey/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2018-02-01T07:56:12.5880222Z",
"updatedOn": "2018-08-09T17:53:48.5432297Z",
"createdBy": "becb4b6b-fe16-413b-a5c3-90355e0b2982",
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/7aff565e-6c55-448d-83db-ccf482c6da2f",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "7aff565e-6c55-448d-83db-ccf482c6da2f"
},
{
"properties": {
"roleName": "ExpressRoute Administrator",
"type": "CustomRole",
"description": "Can create, delete and manage ExpressRoutes",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Authorization/locks/*",
"Microsoft.Authorization/policyAssignments/*",
"Microsoft.Authorization/policyDefinitions/*",
"Microsoft.Authorization/roleAssignments/*",
"Microsoft.ClassicNetwork/*",
"Microsoft.EventGrid/*",
"Microsoft.Insights/*",
"Microsoft.Network/*",
"Microsoft.Resources/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2018-08-31T03:51:32.2843055Z",
"updatedOn": "2019-03-20T22:55:18.8222085Z",
"createdBy": null,
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/a48d7896-14b4-4889-afef-fbb65a96e5a2",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "a48d7896-14b4-4889-afef-fbb65a96e5a2"
},
{
"properties": {
"roleName": "GenevaWarmPathResourceContributor",
"type": "CustomRole",
"description": "Can manage service bus and storage accounts.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.EventHub/namespaces/*",
"Microsoft.Resources/subscriptions/resourceGroups/*",
"Microsoft.ServiceBus/namespaces/*",
"Microsoft.Storage/storageAccounts/*",
"Microsoft.Storage/storageAccounts/managementPolicies/write",
"Microsoft.Storage/storageAccounts/managementPolicies/read",
"Microsoft.Storage/storageAccounts/managementPolicies/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2017-03-14T22:30:10.1999436Z",
"updatedOn": "2022-02-28T23:26:40.0052537Z",
"createdBy": null,
"updatedBy": "acis"
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/9f15f5f5-77bd-413a-aa88-4b9c68b1e7bc",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "9f15f5f5-77bd-413a-aa88-4b9c68b1e7bc"
},
{
"properties": {
"roleName": "masterreader",
"type": "CustomRole",
"description": "Lets you view everything, but not make any changes.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2017-11-14T23:38:05.3353858Z",
"updatedOn": "2017-11-14T23:38:05.3353858Z",
"createdBy": null,
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/a48d7796-14b4-4889-afef-fbb65a93e5a2",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "a48d7796-14b4-4889-afef-fbb65a93e5a2"
},
{
"properties": {
"roleName": "Microsoft OneAsset Reader",
"type": "CustomRole",
"description": "This role is for Microsoft OneAsset team (CSEO) to track internal security compliance and resource utilization.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Compute/virtualMachines/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2019-03-27T23:51:08.6333052Z",
"updatedOn": "2019-04-02T20:35:43.3396263Z",
"createdBy": null,
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/fd1bb084-1503-4bd2-99c0-630220046786",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "fd1bb084-1503-4bd2-99c0-630220046786"
},
{
"properties": {
"roleName": "Office DevOps",
"type": "CustomRole",
"description": "Custom access for developers to operations but not secrets.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Compute/virtualMachineScaleSets/restart/action",
"Microsoft.Compute/virtualMachineScaleSets/virtualMachines/restart/action",
"Microsoft.Sql/servers/databases/replicationLinks/delete",
"Microsoft.Sql/servers/databases/replicationLinks/failover/action",
"Microsoft.Sql/servers/databases/replicationLinks/forceFailoverAllowDataLoss/action",
"Microsoft.Sql/servers/databases/replicationLinks/operationResults/read",
"Microsoft.Sql/servers/databases/replicationLinks/read",
"Microsoft.Sql/servers/databases/replicationLinks/unlink/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2016-10-07T08:11:46.1639398Z",
"updatedOn": "2017-03-16T18:43:08.3234306Z",
"createdBy": "25aea6be-b605-4347-a92d-33e178e412ec",
"updatedBy": "25aea6be-b605-4347-a92d-33e178e412ec"
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/7fd64851-3279-459b-b614-e2b2ba760f5b",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "7fd64851-3279-459b-b614-e2b2ba760f5b"
},
{
"properties": {
"roleName": "GenevaWarmPathStorageBlobContributor",
"type": "CustomRole",
"description": "Geneva Warm Path Storage Blob Contributor",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/lease/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/lock/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/extend/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies/delete",
"Microsoft.Storage/storageAccounts/managementPolicies/write",
"Microsoft.Storage/storageAccounts/managementPolicies/read",
"Microsoft.Storage/storageAccounts/managementPolicies/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2019-12-06T22:46:27.136563Z",
"updatedOn": "2022-02-28T23:26:40.4152515Z",
"createdBy": null,
"updatedBy": "acis"
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/a16c43ca-2d67-4dcd-9ded-6412f5edc51a",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "a16c43ca-2d67-4dcd-9ded-6412f5edc51a"
},
{
"properties": {
"roleName": "Azure Service Deploy Release Management Restricted Owner",
"type": "CustomRole",
"description": "Restricted owner role for services deploying through Azure Service Deploy.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"*"
],
"notActions": [
"Microsoft.Authorization/*/Delete",
"Microsoft.Authorization/*/Write"
],
"dataActions": [],
"notDataActions": [],
"conditionVersion": "2.0",
"condition": "@Principal[ApplicationId] ForAllOfAnyValues:StringEqualsIgnoreCase {'5b306cba9c7149db96c3d17ca2379c4d', '5b306cba-9c71-49db-96c3-d17ca2379c4d'} && @Principal[ApplicationACR] ForAllOfAnyValues:StringEqualsIgnoreCase {'1', '2'}"
},
{
"actions": [
"Microsoft.Authorization/roleAssignments/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"conditionVersion": "2.0",
"condition": "@Principal[ApplicationId] ForAllOfAnyValues:StringEqualsIgnoreCase {'5b306cba9c7149db96c3d17ca2379c4d', '5b306cba-9c71-49db-96c3-d17ca2379c4d'} && @Principal[ApplicationACR] ForAllOfAnyValues:StringEqualsIgnoreCase {'1', '2'} && @Resource[Microsoft.Authorization/roleAssignments:PrincipalType] StringEqualsIgnoreCase 'ServicePrincipal'"
},
{
"actions": [
"Microsoft.Authorization/locks/write",
"Microsoft.Authorization/policyassignments/write",
"Microsoft.Authorization/policydefinitions/write",
"Microsoft.Authorization/policysetdefinitions/write",
"Microsoft.Authorization/roleDefinitions/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": [],
"conditionVersion": "2.0",
"condition": "@Principal[ApplicationId] ForAllOfAnyValues:StringEqualsIgnoreCase {'5b306cba9c7149db96c3d17ca2379c4d', '5b306cba-9c71-49db-96c3-d17ca2379c4d'} && @Principal[ApplicationACR] ForAllOfAnyValues:StringEqualsIgnoreCase {'1', '2'}"
}
],
"createdOn": "2022-03-07T22:16:06.8803898Z",
"updatedOn": "2024-02-27T22:23:47.0030939Z",
"createdBy": null,
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/94ddc4bc-25f5-4f3e-b527-c587da93cfe4",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "94ddc4bc-25f5-4f3e-b527-c587da93cfe4"
},
{
"properties": {
"roleName": "Azure Service Deploy Test Release Management Key Vault Secrets User",
"type": "CustomRole",
"description": "Read secret and certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.KeyVault/vaults/secrets/getSecret/action",
"Microsoft.KeyVault/vaults/certificates/read"
],
"notDataActions": [],
"conditionVersion": "2.0",
"condition": "@Principal[Microsoft.Directory/TokenClaims:ApplicationId] ForAllOfAnyValues:StringEqualsIgnoreCase {'5744bc69-8a73-45f7-958d-4640d865f04d', '5744bc698a7345f7958d4640d865f04d'} && @Principal[Microsoft.Directory/TokenClaims:ApplicationACR] ForAllOfAnyValues:StringEqualsIgnoreCase {'1', '2'}"
}
],
"createdOn": "2022-07-20T22:52:19.9944274Z",
"updatedOn": "2022-08-31T23:25:32.0649353Z",
"createdBy": "19669f00-ee56-44ec-94c3-83159a41292e",
"updatedBy": "19669f00-ee56-44ec-94c3-83159a41292e"
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/87d31636-ad85-4caa-802d-1535972b5612",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "87d31636-ad85-4caa-802d-1535972b5612"
},
{
"properties": {
"roleName": "Azure Service Deploy Release Management Key Vault Secrets User",
"type": "CustomRole",
"description": "Read secret and certificate contents. Only works for key vaults that use the 'Azure role-based access control' permission model.",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.KeyVault/vaults/secrets/getSecret/action",
"Microsoft.KeyVault/vaults/certificates/read"
],
"notDataActions": [],
"conditionVersion": "2.0",
"condition": "@Principal[Microsoft.Directory/TokenClaims:ApplicationId] ForAllOfAnyValues:StringEqualsIgnoreCase {'5b306cba-9c71-49db-96c3-d17ca2379c4d', '5b306cba9c7149db96c3d17ca2379c4d'} && @Principal[Microsoft.Directory/TokenClaims:ApplicationACR] ForAllOfAnyValues:StringEqualsIgnoreCase {'1', '2'}"
}
],
"createdOn": "2022-08-02T21:14:21.3331588Z",
"updatedOn": "2022-09-10T00:44:34.5904437Z",
"createdBy": "19669f00-ee56-44ec-94c3-83159a41292e",
"updatedBy": "19669f00-ee56-44ec-94c3-83159a41292e"
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/260691e6-68c2-47cf-bd4a-97d5fd4dbcd5",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "260691e6-68c2-47cf-bd4a-97d5fd4dbcd5"
},
{
"properties": {
"roleName": "AccessMonitoringReader",
"type": "CustomRole",
"description": "Allows AccessMonitoring read Data Plane Access on SQL db's for compliance purposes",
"assignableScopes": [
"/"
],
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/subscriptions/read",
"Microsoft.Authorization/roleDefinitions/read",
"Microsoft.DataLakeStore/accounts/read",
"Microsoft.DocumentDB/databaseAccounts/read",
"Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments/read",
"Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Authorization/classicAdministrators/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"createdOn": "2023-07-06T18:18:45.0067512Z",
"updatedOn": "2023-07-27T15:48:06.4187179Z",
"createdBy": null,
"updatedBy": null
},
"id": "/subscriptions/c662cbbb-410f-4d5b-bb44-bda05ed6355e/providers/Microsoft.Authorization/roleDefinitions/9b0f576e-fc2e-4256-9aa3-6fede171d599",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "9b0f576e-fc2e-4256-9aa3-6fede171d599"
}
]
}
DEBUG: 2:50:53 PM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 2:50:53 PM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 2:50:53 PM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent: Module: Az.Resources:7.2.0; CommandName: Get-AzRoleDefinition; PSVersion: 7.4.3; IsSuccess: True; Duration: 00:00:00.7442933; SanitizeDuration: 00:00:00.0000259
DEBUG: 2:50:53 PM - [ConfigManager] Got [True] from [EnableDataCollection], Module = [], Cmdlet = [].
DEBUG: 2:50:53 PM - GetAzureRoleDefinitionCommand end processing.
Description
When you run Get-AzRoleDefinition (and any parameter that would force the return of custom roles), it only returns Role Definitions with the AssignableScope "/".
Issue script & Debug output
Environment data
Module versions
Error output
N/A