Integrierte Azure-Rollen für Netzwerke
In diesem Artikel werden die integrierten Azure-Rollen in der Kategorie "Netzwerk" aufgeführt.
Azure Front Door-Domain Mitwirkende
Für die interne Verwendung in Azure. Diese Rolle kann Azure Front Door-Domains verwalten, aber anderen Benutzerinnen und Benutzern keinen Zugriff ermöglichen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Cdn/operationresults/profileresults/customdomainresults/read | |
| Microsoft.Cdn/profiles/customdomains/read | |
| Microsoft.Cdn/profiles/customdomains/write | |
| Microsoft.Cdn/profiles/customdomains/delete | |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8",
"name": "0ab34830-df19-4f8c-b84e-aa85b8afa6e8",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read",
"Microsoft.Cdn/profiles/customdomains/read",
"Microsoft.Cdn/profiles/customdomains/write",
"Microsoft.Cdn/profiles/customdomains/delete",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Domain Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Front Door-Domain Lesende
Für die interne Verwendung in Azure. Diese Rolle kann Azure Front Door-Domains anzeigen, aber keine Änderungen vornehmen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Cdn/operationresults/profileresults/customdomainresults/read | |
| Microsoft.Cdn/profiles/customdomains/read | |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f",
"name": "0f99d363-226e-4dca-9920-b807cf8e1a5f",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read",
"Microsoft.Cdn/profiles/customdomains/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Domain Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Front Door-Profil Lesende
Diese Rolle kann Standard- und Premium-Azure Front Door-Profile und deren Endpunkte anzeigen, aber keine Änderungen vornehmen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Cdn/edgenodes/read | |
| Microsoft.Cdn/operationresults/* | |
| Microsoft.Cdn/profiles/*/read | |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action | |
| Microsoft.Cdn/profiles/queryloganalyticsmetrics/action | |
| Microsoft.Cdn/profiles/queryloganalyticsrankings/action | |
| Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action | |
| Microsoft.Cdn/profiles/querywafloganalyticsrankings/action | |
| Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action | |
| Microsoft.Cdn/profiles/Usages/action | |
| Microsoft.Cdn/profiles/afdendpoints/Usages/action | |
| Microsoft.Cdn/profiles/origingroups/Usages/action | |
| Microsoft.Cdn/profiles/rulesets/Usages/action | |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Can view AFD standard and premium profiles and their endpoints, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12",
"name": "662802e2-50f6-46b0-aed2-e834bacc6d12",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action",
"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action",
"Microsoft.Cdn/profiles/queryloganalyticsrankings/action",
"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action",
"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action",
"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action",
"Microsoft.Cdn/profiles/Usages/action",
"Microsoft.Cdn/profiles/afdendpoints/Usages/action",
"Microsoft.Cdn/profiles/origingroups/Usages/action",
"Microsoft.Cdn/profiles/rulesets/Usages/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Profile Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Front Door-Geheimnis Mitwirkende
Für die interne Verwendung in Azure. Diese Rolle kann Azure Front Door-Geheimnisse verwalten, aber anderen Benutzerinnen und Benutzern keinen Zugriff ermöglichen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Cdn/operationresults/profileresults/secretresults/read | |
| Microsoft.Cdn/profiles/secrets/read | |
| Microsoft.Cdn/profiles/secrets/write | |
| Microsoft.Cdn/profiles/secrets/delete | |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5",
"name": "3f2eb865-5811-4578-b90a-6fc6fa0df8e5",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/secretresults/read",
"Microsoft.Cdn/profiles/secrets/read",
"Microsoft.Cdn/profiles/secrets/write",
"Microsoft.Cdn/profiles/secrets/delete",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Secret Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Front Door-Geheimnis Lesende
Für die interne Verwendung in Azure. Diese Rolle kann Azure Front Door-Geheimnisse anzeigen, aber keine Änderungen vornehmen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Cdn/operationresults/profileresults/secretresults/read | |
| Microsoft.Cdn/profiles/secrets/read | |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca",
"name": "0db238c4-885e-4c4f-a933-aa2cef684fca",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/secretresults/read",
"Microsoft.Cdn/profiles/secrets/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Secret Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender für den CDN-Endpunkt
Diese Rolle kann CDN-Endpunkte verwalten, aber anderen Benutzern keinen Zugriff erteilen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Cdn/edgenodes/read | |
| Microsoft.Cdn/operationresults/* | |
| Microsoft.Cdn/profiles/endpoints/* | |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Can manage CDN endpoints, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45",
"name": "426e0c7f-0c7e-4658-b36f-ff54d6c29b45",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/endpoints/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Endpoint Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
CDN-Endpunktleser
Diese Rolle kann CDN-Endpunkte anzeigen, aber keine Änderungen vornehmen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Cdn/edgenodes/read | |
| Microsoft.Cdn/operationresults/* | |
| Microsoft.Cdn/profiles/endpoints/*/read | |
| Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action | |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Can view CDN endpoints, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd",
"name": "871e35f6-b5c1-49cc-a043-bde969a0f2cd",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/endpoints/*/read",
"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Endpoint Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender für das CDN-Profil
Diese Rolle kann CDN-Profile und Azure Front Door Standard- und Premiumprofile sowie deren Endpunkte verwalten, aber anderen Benutzerinnen und Benutzern keinen Zugriff ermöglichen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Cdn/edgenodes/read | |
| Microsoft.Cdn/operationresults/* | |
| Microsoft.Cdn/profiles/* | |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432",
"name": "ec156ff8-a8d1-4d15-830c-5b80698ca432",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Profile Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
CDN-Profilleser
Diese Rolle kann CDN-Profile und deren Endpunkte anzeigen, aber keine Änderungen vornehmen.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Cdn/edgenodes/read | |
| Microsoft.Cdn/operationresults/* | |
| Microsoft.Cdn/profiles/*/read | |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action | |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| Microsoft.Cdn/profiles/CheckResourceUsage/action | |
| Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action | |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Can view CDN profiles and their endpoints, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af",
"name": "8f96442b-4075-438f-813d-ad51ab4019af",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Cdn/profiles/CheckResourceUsage/action",
"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Profile Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender von klassischem Netzwerk
Ermöglicht Ihnen das Verwalten von klassischen Netzwerken, nicht aber den Zugriff darauf.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.ClassicNetwork/* | Erstellen und Verwalten von klassischen Netzwerken |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage classic networks, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f",
"name": "b34d265f-36f7-4a0d-a4d4-e158ca92e90f",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.ClassicNetwork/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Classic Network Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DNS Zone Contributor
Ermöglicht Ihnen die Verwaltung von DNS-Zonen und Ressourceneintragssätzen in Azure DNS, aber nicht zu steuern, wer darauf Zugriff hat.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Network/dnsZones/* | Erstellen und Verwalten von DNS-Zonen und -Einträgen |
| Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314",
"name": "befefa01-2a29-4197-83a8-272ff33ce314",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Network/dnsZones/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "DNS Zone Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender von virtuellem Netzwerk
Ermöglicht Ihnen das Verwalten von Netzwerken, nicht aber den Zugriff darauf. Diese Rolle gewährt Ihnen keine Berechtigung zum Bereitstellen oder Verwalten virtueller Computer.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Network/* | Erstellen und Verwalten von Netzwerken |
| Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage networks, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7",
"name": "4d97b98b-1d4f-4787-a291-c67834d212e7",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Network/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Network Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender für private DNS-Zone
Ermöglicht Ihnen das Verwalten privater DNS-Zonenressourcen, aber nicht der virtuellen Netzwerke, mit denen sie verknüpft sind.
| Aktionen | BESCHREIBUNG |
|---|---|
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| Microsoft.Network/privateDnsZones/* | |
| Microsoft.Network/privateDnsOperationResults/* | |
| Microsoft.Network/privateDnsOperationStatuses/* | |
| Microsoft.Network/virtualNetworks/read | Dient zum Abrufen der Definition des virtuellen Netzwerks. |
| Microsoft.Network/virtualNetworks/join/action | Verknüpft ein virtuelles Netzwerk. Nicht warnbar. |
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage private DNS zone resources, but not the virtual networks they are linked to.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f",
"name": "b12aa53e-6015-4669-85d0-8515ebb3ae7f",
"permissions": [
{
"actions": [
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Network/privateDnsZones/*",
"Microsoft.Network/privateDnsOperationResults/*",
"Microsoft.Network/privateDnsOperationStatuses/*",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/virtualNetworks/join/action",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Private DNS Zone Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Traffic Manager-Mitwirkender
Ermöglicht Ihnen die Verwaltung von Traffic Manager-Profilen, aber nicht die Steuerung des Zugriffs darauf.
| Aktionen | Beschreibung |
|---|---|
| Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
| Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
| Microsoft.Network/trafficManagerProfiles/* | |
| Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
| Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
| Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
| Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
| NotActions | |
| keine | |
| DataActions | |
| keine | |
| NotDataActions | |
| keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Traffic Manager profiles, but does not let you control who has access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7",
"name": "a4b10055-b0c7-44c2-b00f-c7b5b3550cf7",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Network/trafficManagerProfiles/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Traffic Manager Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}