Azure RBAC: Built-in roles - Website Contributor
Per the above link it quotes the Website Contributor
should be able to
Microsoft.Web/certificates/* Create and manage website certificates
but in reality the user is not able to manage certificates (add/remove/upload new). The user gets a Access denied
text laid over the SSL Certificates
blade of the Azure WebApp. Validated user can upload/manage SSL certificates only if the user has Resource Group level Owner
or Resource Group level Contributor
role and not with Website Contributor
role. Am I interpreting the Create and manage website certificates
rule incorrectly OR is it supposed to work as quoted?