Funções internas do Azure para o Google Analytics
Este artigo lista as funções internas do Azure na categoria Análise.
Proprietário de dados dos Hubs de Eventos do Azure
Permite acesso completo aos recursos dos Hubs de Eventos do Azure.
Ações | Descrição |
---|---|
Microsoft.EventHub/* | |
NotActions | |
none | |
DataActions | |
Microsoft.EventHub/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to Azure Event Hubs resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec",
"name": "f526a384-b230-433a-b45c-95f59c4a2dec",
"permissions": [
{
"actions": [
"Microsoft.EventHub/*"
],
"notActions": [],
"dataActions": [
"Microsoft.EventHub/*"
],
"notDataActions": []
}
],
"roleName": "Azure Event Hubs Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Receptor de dados dos Hubs de Eventos do Azure
Permite acesso de recebimento aos recursos dos Hubs de Eventos do Azure.
Ações | Descrição |
---|---|
Microsoft.EventHub/*/eventhubs/consumergroups/read | |
NotActions | |
none | |
DataActions | |
Microsoft.EventHub/*/receive/action | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Allows receive access to Azure Event Hubs resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde",
"name": "a638d3c7-ab3a-418d-83e6-5f17a39d4fde",
"permissions": [
{
"actions": [
"Microsoft.EventHub/*/eventhubs/consumergroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventHub/*/receive/action"
],
"notDataActions": []
}
],
"roleName": "Azure Event Hubs Data Receiver",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Remetente de dados dos Hubs de Eventos do Azure
Permite acesso de envio aos recursos dos Hubs de Eventos do Azure.
Ações | Descrição |
---|---|
Microsoft.EventHub/*/eventhubs/read | |
NotActions | |
none | |
DataActions | |
Microsoft.EventHub/*/send/action | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Allows send access to Azure Event Hubs resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975",
"name": "2b629674-e913-4c01-ae53-ef4638d8f975",
"permissions": [
{
"actions": [
"Microsoft.EventHub/*/eventhubs/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventHub/*/send/action"
],
"notDataActions": []
}
],
"roleName": "Azure Event Hubs Data Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador da fábrica de dados
Cria e gerencia data factories, assim como os recursos filhos neles.
Ações | Descrição |
---|---|
Microsoft.Authorization/*/read | Ler funções e atribuições de função |
Microsoft.DataFactory/dataFactories/* | Criar e gerenciar data factories e recursos filho dentro deles. |
Microsoft.DataFactory/factories/* | Criar e gerenciar data factories e recursos filho dentro deles. |
Microsoft.Insights/alertRules/* | Criar e gerenciar um alerta de métrica clássico |
Microsoft.ResourceHealth/availabilityStatuses/read | Obter os status de disponibilidade para todos os recursos no escopo especificado |
Microsoft.Resources/deployments/* | Criar e gerenciar uma implantação |
Microsoft.Resources/subscriptions/resourceGroups/read | Obter ou listar de grupos de recursos. |
Microsoft.Support/* | Criar e atualizar um tíquete de suporte |
Microsoft.EventGrid/eventSubscriptions/write | Criar ou atualizar um eventSubscription |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Create and manage data factories, as well as child resources within them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5",
"name": "673868aa-7521-48a0-acc6-0f60742d39f5",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.DataFactory/dataFactories/*",
"Microsoft.DataFactory/factories/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.EventGrid/eventSubscriptions/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Data Factory Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Limpador de Dados
Exclua dados privados de um workspace do Log Analytics.
Ações | Descrição |
---|---|
Microsoft.Insights/components/*/read | |
Microsoft.Insights/components/purge/action | Limpe dados do Application Insights |
Microsoft.OperationalInsights/workspaces/*/read | Exibir dados da análise de logs |
Microsoft.OperationalInsights/workspaces/purge/action | Excluir dados especificados por consulta do espaço de trabalho. |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can purge analytics data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90",
"name": "150f5e0c-0603-4f03-8c7f-cf70034c4e90",
"permissions": [
{
"actions": [
"Microsoft.Insights/components/*/read",
"Microsoft.Insights/components/purge/action",
"Microsoft.OperationalInsights/workspaces/*/read",
"Microsoft.OperationalInsights/workspaces/purge/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Data Purger",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operador de Cluster do HDInsight
Permite que você leia e modifique as configurações de cluster do HDInsight.
Ações | Descrição |
---|---|
Microsoft.HDInsight/*/read | |
Microsoft.HDInsight/clusters/getGatewaySettings/action | Obter configurações de gateway para o cluster HDInsight |
Microsoft.HDInsight/clusters/updateGatewaySettings/action | Atualizar as configurações do gateway para o cluster HDInsight |
Microsoft.HDInsight/clusters/configurations/* | |
Microsoft.Resources/subscriptions/resourceGroups/read | Obter ou listar de grupos de recursos. |
Microsoft.Resources/deployments/operations/read | Obter ou lista operações de implantação. |
Microsoft.Insights/alertRules/* | Criar e gerenciar um alerta de métrica clássico |
Microsoft.Authorization/*/read | Ler funções e atribuições de função |
Microsoft.Support/* | Criar e atualizar um tíquete de suporte |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you read and modify HDInsight cluster configurations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a",
"name": "61ed4efc-fab3-44fd-b111-e24485cc132a",
"permissions": [
{
"actions": [
"Microsoft.HDInsight/*/read",
"Microsoft.HDInsight/clusters/getGatewaySettings/action",
"Microsoft.HDInsight/clusters/updateGatewaySettings/action",
"Microsoft.HDInsight/clusters/configurations/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Authorization/*/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "HDInsight Cluster Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador dos serviços de domínio do HDInsight
Pode ler, criar, modificar e excluir operações relacionadas aos serviços de domínio necessárias para o Enterprise Security Package do HDInsight
Ações | Descrição |
---|---|
Microsoft.AAD/*/read | |
Microsoft.AAD/domainServices/*/read | |
Microsoft.AAD/domainServices/oucontainer/* | |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c",
"name": "8d8d5a11-05d3-4bda-a417-a08778121c7c",
"permissions": [
{
"actions": [
"Microsoft.AAD/*/read",
"Microsoft.AAD/domainServices/*/read",
"Microsoft.AAD/domainServices/oucontainer/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "HDInsight Domain Services Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador do Log Analytics
O Colaborador do Log Analytics pode ler todos os dados de monitoramento e editar as configurações de monitoramento. A edição das configurações de monitoramento inclui a adição da extensão da VM às VMs, leitura das chaves da conta de armazenamento para poder configurar a coleção de logs do Armazenamento do Azure, adição de soluções e configuração do diagnóstico do Azure em todos os recursos do Azure.
Ações | Descrição |
---|---|
*/leitura | Ler recursos de todos os tipos, exceto segredos. |
Microsoft.ClassicCompute/virtualMachines/extensions/* | |
Microsoft.ClassicStorage/storageAccounts/listKeys/action | Listar as chaves de acesso das contas de armazenamento. |
Microsoft.Compute/virtualMachines/extensions/* | |
Microsoft.HybridCompute/machines/extensions/write | Instala ou atualiza uma extensão do Azure Arc |
Microsoft.Insights/alertRules/* | Criar e gerenciar um alerta de métrica clássico |
Microsoft.Insights/diagnosticSettings/* | Criar, atualizar ou ler a configuração de diagnóstico do Analysis Server |
Microsoft.OperationalInsights/* | |
Microsoft.OperationsManagement/* | |
Microsoft.Resources/deployments/* | Criar e gerenciar uma implantação |
Microsoft.Resources/subscriptions/resourcegroups/deployments/* | |
Microsoft.Storage/storageAccounts/listKeys/action | Retornar as chaves de acesso da conta de armazenamento especificada. |
Microsoft.Support/* | Criar e atualizar um tíquete de suporte |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293",
"name": "92aaf0da-9dab-42b6-94a3-d43ce8d16293",
"permissions": [
{
"actions": [
"*/read",
"Microsoft.ClassicCompute/virtualMachines/extensions/*",
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.Compute/virtualMachines/extensions/*",
"Microsoft.HybridCompute/machines/extensions/write",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.OperationalInsights/*",
"Microsoft.OperationsManagement/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Log Analytics Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Leitor do Log Analytics
Um Leitor do Log Analytics pode exibir e pesquisar todos os dados de monitoramento além de exibir as configurações de monitoramento, incluindo a exibição da configuração do diagnóstico do Azure em todos os recursos do Azure.
Ações | Descrição |
---|---|
*/leitura | Ler recursos de todos os tipos, exceto segredos. |
Microsoft.OperationalInsights/workspaces/analytics/query/action | Pesquisar usando o novo mecanismo. |
Microsoft.OperationalInsights/workspaces/search/action | Executar uma consulta de pesquisa |
Microsoft.Support/* | Criar e atualizar um tíquete de suporte |
NotActions | |
Microsoft.OperationalInsights/workspaces/sharedKeys/read | Recupera as chaves compartilhadas do workspace. Essas chaves são usadas para conectar agentes do Insights Operacionais da Microsoft ao workspace. |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893",
"name": "73c42c96-874c-492b-b04d-ab87d138a893",
"permissions": [
{
"actions": [
"*/read",
"Microsoft.OperationalInsights/workspaces/analytics/query/action",
"Microsoft.OperationalInsights/workspaces/search/action",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.OperationalInsights/workspaces/sharedKeys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Log Analytics Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador do Registro de Esquema (Versão Prévia)
Ler, gravar e excluir grupos e esquemas do Registro de Esquema.
Ações | Descrição |
---|---|
Microsoft.EventHub/namespaces/schemagroups/* | |
NotActions | |
none | |
DataActions | |
Microsoft.EventHub/namespaces/schemas/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Read, write, and delete Schema Registry groups and schemas.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25",
"name": "5dffeca3-4936-4216-b2bc-10343a5abb25",
"permissions": [
{
"actions": [
"Microsoft.EventHub/namespaces/schemagroups/*"
],
"notActions": [],
"dataActions": [
"Microsoft.EventHub/namespaces/schemas/*"
],
"notDataActions": []
}
],
"roleName": "Schema Registry Contributor (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Leitor do Registro de Esquema (Versão Prévia)
Ler e listar os grupos e os esquemas do Registro de Esquema.
Ações | Descrição |
---|---|
Microsoft.EventHub/namespaces/schemagroups/read | Obter lista de descrições de recursos do SchemaGroup |
NotActions | |
none | |
DataActions | |
Microsoft.EventHub/namespaces/schemas/read | Recuperar esquemas |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Read and list Schema Registry groups and schemas.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2",
"name": "2c56ea50-c6b3-40a6-83c0-9d98858bc7d2",
"permissions": [
{
"actions": [
"Microsoft.EventHub/namespaces/schemagroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventHub/namespaces/schemas/read"
],
"notDataActions": []
}
],
"roleName": "Schema Registry Reader (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Testador de Consulta do Stream Analytics
Permite que você execute o teste de consulta sem criar primeiro um trabalho de análise de fluxo
Ações | Descrição |
---|---|
Microsoft.StreamAnalytics/locations/TestQuery/action | Testar a Consulta para o Provedor de Recursos do Stream Analytics |
Microsoft.StreamAnalytics/locations/OperationResults/read | Ler o Resultado da Operação do Stream Analytics |
Microsoft.StreamAnalytics/locations/SampleInput/action | Amostra de entrada para o provedor de recursos Stream Analytics |
Microsoft.StreamAnalytics/locations/CompileQuery/action | Compilar consulta para provedor de recursos de Stream Analytics |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you perform query testing without creating a stream analytics job first",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf",
"name": "1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf",
"permissions": [
{
"actions": [
"Microsoft.StreamAnalytics/locations/TestQuery/action",
"Microsoft.StreamAnalytics/locations/OperationResults/read",
"Microsoft.StreamAnalytics/locations/SampleInput/action",
"Microsoft.StreamAnalytics/locations/CompileQuery/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Stream Analytics Query Tester",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}