Active Directory > User and Group Accounts

Determines whether user and group accounts should be read from the Azure Active Directory tenant.


Azure Classic

Determines whether to connect to Azure Classic, when enabled the user must have additional permissions. For more information see the Granting Permissions to Azure section.


Network Security Groups > Default Security Rules

Determines whether the default (built-in) security rules should be read for network security groups.


Resource Groups > Automation Script

Determines whether the automation script template should be read for resource groups, when enabled a file is temporarily created on the machine running the Azure PowerShell cmdlets.


Resources (Common) > Alert Rules

Determines whether the alert rules should be read for resources.


Resources (Common) > Permissions

Determines whether the permissions should be read for resources.


Role Definitions

Determines whether role definitions should be read for the tenant.


Storage Accounts > Keys

Determines whether the storage account keys should be read for the tenant.

When enabled the user must also have the Microsoft.Storage/storageAccounts/listKeys/action access right.

Virtual Machines > Default Public Settings Extensions

The names of the virtual machine extensions for which, by default, the public settings should be read.


Virtual Machines > Extensions Public Settings Mode

Determines whether public settings for virtual machine extensions should be read.


Virtual Machines > Specific Public Setting Extensions

The names of the extensions for which the public settings should be read.


Web Apps > Authentication Settings

Determines whether the authentication settings should be read for the web app.


Web Apps > Publishing Settings

Determines whether the site publishing settings should be read for the web app. This requires that the user has the "Microsoft.Web/sites/publishxml/action" permission which is provided by the Website Contributor built in role.