I was looking through the security roles documentation, and saw here:
resource | Reference | A reference to a collection, index, set, or user-defined function.
I can understand setting up roles/permissions for a collection, index or a UDF reference. Those are all ‘named’ entities in the database that are generally created when setting up the database and then used several times.
A set on the other hand is more of a run-time created data entity which is returned as the result of a lookup operation in the database. Why would you create a role for a set, and what would the actions like create, delete, and write even mean in that context?