diff --git a/src/main/resources/reference.conf b/src/main/resources/reference.conf index 02c033dfd..39f6233c8 100644 --- a/src/main/resources/reference.conf +++ b/src/main/resources/reference.conf @@ -1604,6 +1604,67 @@ resourceTypes = { reuseIds = true } + private_azure_container_registry = { + actionPatterns = { + delete = { + description = "Delete this private acr" + } + read_policies = { + description = "view all policies and policy details for this private acr" + } + identify = { + description = "use the identity that has access to this private acr" + } + "share_policy::admin" = { + description = "change the membership of the admin policy for this private acr" + } + "share_policy::user" = { + description = "change the membership of the user policy for this private acr" + } + } + ownerRoleName = "admin" + roles = { + admin = { + roleActions = ["delete", "read_policies", "use", "share_policy::admin", "share_policy::user", "identify"] + } + user = { + roleActions = ["identify"] + } + } + allowLeaving = false + reuseIds = true + } + + private_azure_storage_account = { + actionPatterns = { + delete = { + description = "Delete this private azure storage account" + } + read_policies = { + description = "view all policies and policy details for this private azure storage account" + } + identify = { + description = "use the identity that has access to this private azure storage account" + } + "share_policy::admin" = { + description = "change the membership of the admin policy for this private azure storage account" + } + "share_policy::user" = { + description = "change the membership of the user policy for this private azure storage account" + } + } + ownerRoleName = "admin" + roles = { + admin = { + roleActions = ["delete", "read_policies", "use", "share_policy::admin", "share_policy::user", "identify"] + } + user = { + roleActions = ["identify"] + } + } + allowLeaving = false + reuseIds = true + } }