Hello,
I recently needed to assign a Microsoft.Web/staticSites/Write role for a Service Principal and there was not a straightforward solution for that. The Role was not present in the RBAC on Subscription level.
The following solution worked for me:
I created a Custom Role on Subscription level and for the Permissions, I searched for microsoft.web/staticSites. There is a list of several permissions for the staticWebApps. The scope can be on Subscription, but also Resource Group or Management Group level. If you choose the Resource Group scope, then the Role Assignment needs to be executed on Resource Group level.
After I created the Custom Role, I easily assigned the Role to the Service Principal.
Here is the official doc for creating a custom role: https://learn.microsoft.com/en-us/azure/role-based-access-control/custom-roles-portal
Regards,
Aleksandra