Hi K. J. Skinner,
Thanks for reaching out to us on the Microsoft Q&A forum.
When we talk about the permissions available at the level of sharing, there are specific built-in roles that serve different purposes:
- Storage File Data SMB Share Reader: This role allows users to read files and directories in Azure file shares. It's similar to having 'read' access on Windows file servers, meaning users can view the contents without making changes.
- Storage Queue Data Contributor: This role grants users the ability to perform various actions on Azure Storage queues and messages within those queues. They can read, write, and delete messages as needed. For specific details on which actions are necessary for a particular data operation, you can refer to the Permissions for calling data operations documentation.
Please refer to the following document and you can explore Share-level permissions further.
Please don't hesitate to reach out to us if you have any further queries.
If the information is helpful, please Accept Answer & Upvote so that it would be helpful to other community members.
Thank you.