Peran bawaan Azure untuk Integrasi
Artikel ini mencantumkan peran bawaan Azure dalam kategori Integrasi.
Kontributor Layanan API Management
Dapat mengelola layanan dan API
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/layanan/* | Membuat dan mengelola layanan API Management |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can manage service and the APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c",
"name": "312a565d-c81f-4fd8-895a-4e21e48d571c",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Peran Operator Layanan API Management
Dapat mengelola layanan, tetapi bukan API
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/layanan/*/baca | Baca instans API Management Service |
Microsoft.ApiManagement/layanan/cadangan/tindakan | Cadangkan Layanan API Management ke kontainer yang ditentukan di akun penyimpanan yang disediakan pengguna |
Microsoft.ApiManagement/layanan/hapus | Menghapus instans Layanan API Management |
Microsoft.ApiManagement/service/managedeployments/tindakan | Ubah SKU/unit, tambahkan/hapus penyebaran regional API Management Service |
Microsoft.ApiManagement/layanan/baca | Membaca metadata untuk instans API Management Service |
Microsoft.ApiMenammanman/layanan/pemulihan/tindakan | Pulihkan Layanan API Management dari kontainer yang ditentukan di akun penyimpanan yang disediakan pengguna |
Microsoft.ApiManagement/layanan/updatecertificate/tindakan | Unggah sertifikat TLS/SSL untuk Layanan API Management |
Microsoft.ApiManagement/layanan/updatehostname/tindakan | Menyiapkan, memperbarui, atau menghapus nama domain kustom untuk API Management Service |
Microsoft.ApiManagement/layanan/tulis | Membuat atau Perbarui instans Layanan API Management |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Microsoft.ApiManagement/layanan/pengguna/kunci/baca | Mendapatkan kunci yang terkait dengan pengguna |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can manage service but not the APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61",
"name": "e022efe7-f5ba-4159-bbe4-b44f577e9b61",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*/read",
"Microsoft.ApiManagement/service/backup/action",
"Microsoft.ApiManagement/service/delete",
"Microsoft.ApiManagement/service/managedeployments/action",
"Microsoft.ApiManagement/service/read",
"Microsoft.ApiManagement/service/restore/action",
"Microsoft.ApiManagement/service/updatecertificate/action",
"Microsoft.ApiManagement/service/updatehostname/action",
"Microsoft.ApiManagement/service/write",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.ApiManagement/service/users/keys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Operator Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Peran Pembaca Layanan API Management
Akses baca-saja ke layanan dan API
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/layanan/*/baca | Baca instans API Management Service |
Microsoft.ApiManagement/layanan/baca | Membaca metadata untuk instans API Management Service |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Microsoft.ApiManagement/layanan/pengguna/kunci/baca | Mendapatkan kunci yang terkait dengan pengguna |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Read-only access to service and APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d",
"name": "71522526-b88f-4d52-b57f-d31fc3546d0d",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*/read",
"Microsoft.ApiManagement/service/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.ApiManagement/service/users/keys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Reader Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengembang API Api Management Service Workspace API
Memiliki akses baca ke tag dan produk dan akses tulis untuk memungkinkan: menetapkan API ke produk, menetapkan tag ke produk dan API. Peran ini harus ditetapkan pada cakupan layanan.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/service/tags/read | Mencantumkan kumpulan tag yang ditentukan dalam instans layanan. atau Mendapatkan detail tag yang ditentukan oleh pengenalnya. |
Microsoft.ApiManagement/service/tags/apiLinks/* | |
Microsoft.ApiManagement/service/tags/operationLinks/* | |
Microsoft.ApiManagement/service/tags/productLinks/* | |
Microsoft.ApiManagement/service/products/read | Mencantumkan kumpulan produk dalam contoh layanan yang ditentukan. atau Mendapatkan detail produk yang ditentukan oleh pengenalnya. |
Microsoft.ApiManagement/service/products/apiLinks/* | |
Microsoft.ApiManagement/layanan/baca | Membaca metadata untuk instans API Management Service |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3",
"name": "9565a273-41b9-4368-97d2-aeb0c976a9b3",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/tags/read",
"Microsoft.ApiManagement/service/tags/apiLinks/*",
"Microsoft.ApiManagement/service/tags/operationLinks/*",
"Microsoft.ApiManagement/service/tags/productLinks/*",
"Microsoft.ApiManagement/service/products/read",
"Microsoft.ApiManagement/service/products/apiLinks/*",
"Microsoft.ApiManagement/service/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Workspace API Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Service Workspace API Product Manager
Memiliki akses yang sama dengan API Management Service Workspace API Developer serta akses baca ke pengguna dan akses tulis untuk memungkinkan penetapan pengguna ke grup. Peran ini harus ditetapkan pada cakupan layanan.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/service/users/read | Mencantumkan kumpulan pengguna terdaftar dalam instans layanan yang ditentukan. atau Mendapatkan detail pengguna yang ditentukan oleh pengidentifikasinya. |
Microsoft.ApiManagement/service/tags/read | Mencantumkan kumpulan tag yang ditentukan dalam instans layanan. atau Mendapatkan detail tag yang ditentukan oleh pengenalnya. |
Microsoft.ApiManagement/service/tags/apiLinks/* | |
Microsoft.ApiManagement/service/tags/operationLinks/* | |
Microsoft.ApiManagement/service/tags/productLinks/* | |
Microsoft.ApiManagement/service/products/read | Mencantumkan kumpulan produk dalam contoh layanan yang ditentukan. atau Mendapatkan detail produk yang ditentukan oleh pengenalnya. |
Microsoft.ApiManagement/service/products/apiLinks/* | |
Microsoft.ApiManagement/service/groups/read | Mencantumkan kumpulan grup yang ditentukan dalam instans layanan. atau Mendapatkan detail grup yang ditentukan oleh pengenalnya. |
Microsoft.ApiManagement/service/groups/users/* | |
Microsoft.ApiManagement/layanan/baca | Membaca metadata untuk instans API Management Service |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da",
"name": "d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/users/read",
"Microsoft.ApiManagement/service/tags/read",
"Microsoft.ApiManagement/service/tags/apiLinks/*",
"Microsoft.ApiManagement/service/tags/operationLinks/*",
"Microsoft.ApiManagement/service/tags/productLinks/*",
"Microsoft.ApiManagement/service/products/read",
"Microsoft.ApiManagement/service/products/apiLinks/*",
"Microsoft.ApiManagement/service/groups/read",
"Microsoft.ApiManagement/service/groups/users/*",
"Microsoft.ApiManagement/service/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Workspace API Product Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengembang API Api Management Workspace API
Memiliki akses baca ke entitas di ruang kerja dan membaca dan menulis akses ke entitas untuk mengedit API. Peran ini harus ditetapkan pada cakupan ruang kerja.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/service/workspaces/*/read | |
Microsoft.ApiManagement/service/workspaces/apis/* | |
Microsoft.ApiManagement/service/workspaces/apiVersionSets/* | |
Microsoft.ApiManagement/service/workspaces/policies/* | |
Microsoft.ApiManagement/service/workspaces/schemas/* | |
Microsoft.ApiManagement/service/workspaces/products/* | |
Microsoft.ApiManagement/service/workspaces/policyFragments/* | |
Microsoft.ApiManagement/service/workspaces/namedValues/* | |
Microsoft.ApiManagement/service/workspaces/tags/* | |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6",
"name": "56328988-075d-4c6a-8766-d93edd6725b6",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.ApiManagement/service/workspaces/apis/*",
"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*",
"Microsoft.ApiManagement/service/workspaces/policies/*",
"Microsoft.ApiManagement/service/workspaces/schemas/*",
"Microsoft.ApiManagement/service/workspaces/products/*",
"Microsoft.ApiManagement/service/workspaces/policyFragments/*",
"Microsoft.ApiManagement/service/workspaces/namedValues/*",
"Microsoft.ApiManagement/service/workspaces/tags/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace API Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Workspace API Product Manager
Memiliki akses baca ke entitas di ruang kerja dan membaca dan menulis akses ke entitas untuk menerbitkan API. Peran ini harus ditetapkan pada cakupan ruang kerja.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/service/workspaces/*/read | |
Microsoft.ApiManagement/service/workspaces/products/* | |
Microsoft.ApiManagement/service/workspaces/subscriptions/* | |
Microsoft.ApiManagement/service/workspaces/groups/* | |
Microsoft.ApiManagement/service/workspaces/tags/* | |
Microsoft.ApiManagement/service/workspaces/notifications/* | |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f",
"name": "73c2c328-d004-4c5e-938c-35c6f5679a1f",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.ApiManagement/service/workspaces/products/*",
"Microsoft.ApiManagement/service/workspaces/subscriptions/*",
"Microsoft.ApiManagement/service/workspaces/groups/*",
"Microsoft.ApiManagement/service/workspaces/tags/*",
"Microsoft.ApiManagement/service/workspaces/notifications/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace API Product Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Ruang Kerja API Management
Dapat mengelola ruang kerja dan tampilan, tetapi tidak mengubah anggotanya. Peran ini harus ditetapkan pada cakupan ruang kerja.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/service/workspaces/* | |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799",
"name": "0c34c906-8d99-4cb7-8bb7-33f5b0a1a799",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Ruang Kerja API Management
Memiliki akses baca-saja ke entitas di ruang kerja. Peran ini harus ditetapkan pada cakupan ruang kerja.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiManagement/service/workspaces/*/read | |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2",
"name": "ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pemilik Data App Configuration
Memungkinkan akses penuh ke data App Configuration.
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.AppConfiguration/configurationStores/*/baca | |
Microsoft.AppConfiguration/configurationStores/*/tulis | |
Microsoft.AppConfiguration/configurationStores/*/hapus | |
Microsoft.AppConfiguration/configurationStores/*/action | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows full access to App Configuration data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
"name": "5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppConfiguration/configurationStores/*/read",
"Microsoft.AppConfiguration/configurationStores/*/write",
"Microsoft.AppConfiguration/configurationStores/*/delete",
"Microsoft.AppConfiguration/configurationStores/*/action"
],
"notDataActions": []
}
],
"roleName": "App Configuration Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Data App Configuration
Memungkinkan akses baca ke data App Configuration.
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.AppConfiguration/configurationStores/*/baca | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows read access to App Configuration data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071",
"name": "516239f1-63e1-4d78-a4de-a74fb236a071",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppConfiguration/configurationStores/*/read"
],
"notDataActions": []
}
],
"roleName": "App Configuration Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Manajer Kepatuhan Azure API Center
Memungkinkan pengelolaan kepatuhan API di layanan Azure API Center.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiCenter/services/*/read | |
Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action | Memperbarui hasil analisis untuk definisi API tertentu. |
Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action | Mengekspor file definisi API. |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows managing API compliance in Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d",
"name": "ede9aaa3-4627-494e-be13-4aa7c256148d",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*/read",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Compliance Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Data Azure API Center
Memungkinkan akses ke operasi baca sarana data Azure API Center.
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.ApiCenter/services/*/read | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for access to Azure API Center data plane read operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706",
"name": "c7244dfb-f447-457d-b2ba-3999044d1706",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.ApiCenter/services/*/read"
],
"notDataActions": []
}
],
"roleName": "Azure API Center Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Layanan Azure API Center
Memungkinkan pengelolaan layanan Azure API Center.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiCenter/services/* | |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
NotActions | |
Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action | Memperbarui hasil analisis untuk definisi API tertentu. |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows managing Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713",
"name": "dd24193f-ef65-44e5-8a7e-6fa6e03f7713",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Layanan Azure API Center
Memungkinkan akses baca-saja ke layanan Azure API Center.
Tindakan | Deskripsi |
---|---|
Microsoft.ApiCenter/services/*/read | |
Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action | Mengekspor file definisi API. |
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows read-only access to Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04",
"name": "6cba8790-29c5-48e5-bab1-c7541b01cb04",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*/read",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Service Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Listener Azure Relay
Memungkinkan untuk mendengarkan akses ke sumber daya Azure Relay.
Tindakan | Deskripsi |
---|---|
Microsoft.Relay/*/wcfRelays/read | |
Microsoft.Relay/*/hybridConnections/read | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.Relay/*/listen/action | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for listen access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d",
"name": "26e0b698-aa6d-4085-9386-aadae190014d",
"permissions": [
{
"actions": [
"Microsoft.Relay/*/wcfRelays/read",
"Microsoft.Relay/*/hybridConnections/read"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*/listen/action"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Listener",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pemilik Azure Relay
Memungkinkan akses penuh ke sumber daya Azure Relay.
Tindakan | Deskripsi |
---|---|
Microsoft.Relay/* | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.Relay/* | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38",
"name": "2787bf04-f1f5-4bfe-8383-c8a24483ee38",
"permissions": [
{
"actions": [
"Microsoft.Relay/*"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengirim Azure Relay
Memungkinkan untuk mengirimkan akses ke sumber daya Azure Relay.
Tindakan | Deskripsi |
---|---|
Microsoft.Relay/*/wcfRelays/read | |
Microsoft.Relay/*/hybridConnections/read | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.Relay/*/send/action | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for send access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d",
"name": "26baccc8-eea7-41f1-98f4-1762cc7f685d",
"permissions": [
{
"actions": [
"Microsoft.Relay/*/wcfRelays/read",
"Microsoft.Relay/*/hybridConnections/read"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*/send/action"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pemilik Data Azure Service Bus
Memungkinkan akses penuh ke sumber daya Azure Service Bus.
Tindakan | Deskripsi |
---|---|
Microsoft.ServiceBus/* | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.ServiceBus/* | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419",
"name": "090c5cfd-751d-490a-894a-3ce6f1109419",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Penerima Data Azure Service Bus
Memungkinkan untuk menerima akses ke sumber daya Azure Service Bus.
Tindakan | Deskripsi |
---|---|
Microsoft.ServiceBus/*/antrean/baca | |
Microsoft.ServiceBus/*/topik/baca | |
Microsoft.ServiceBus/*/topik/langganan/baca | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.ServiceBus/*/terima/tindakan | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for receive access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
"name": "4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*/queues/read",
"Microsoft.ServiceBus/*/topics/read",
"Microsoft.ServiceBus/*/topics/subscriptions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*/receive/action"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Receiver",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Service Bus Data Sender
Memungkinkan untuk mengirim akses ke sumber daya Azure Service Bus.
Tindakan | Deskripsi |
---|---|
Microsoft.ServiceBus/*/antrean/baca | |
Microsoft.ServiceBus/*/topik/baca | |
Microsoft.ServiceBus/*/topik/langganan/baca | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.ServiceBus/*/kirim/tindakan | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for send access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
"name": "69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*/queues/read",
"Microsoft.ServiceBus/*/topics/read",
"Microsoft.ServiceBus/*/topics/subscriptions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*/send/action"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor BizTalk
Memungkinkan Anda mengelola layanan BizTalk, tetapi tidak dapat mengaksesnya.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.BizTalkServices/BizTalk/* | Membuat dan mengelola layanan BizTalk |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage BizTalk services, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342",
"name": "5e3c6656-6cfa-4708-81fe-0de47ac73342",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.BizTalkServices/BizTalk/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "BizTalk Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor EventGrid
Memungkinkan Anda mengelola operasi EventGrid.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.EventGrid/* | Membuat dan mengelola sumber daya Event Grid |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage EventGrid operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de",
"name": "1e241071-0855-49ea-94dc-649edcd759de",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengirim Data EventGrid
Memungkinkan mengirim akses ke acara grid acara.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.EventGrid/topics/read | Membaca topik |
Microsoft.EventGrid/domains/read | Membaca domain |
Microsoft.EventGrid/partnerNamespaces/read | Membaca namespace mitra |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.EventGrid/namespaces/read | Membaca namespace layanan |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.EventGrid/events/send/action | Kirim kejadian ke topik |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows send access to event grid events.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7",
"name": "d5a91429-5739-47e2-a06b-3470a27159e7",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/topics/read",
"Microsoft.EventGrid/domains/read",
"Microsoft.EventGrid/partnerNamespaces/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.EventGrid/namespaces/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventGrid/events/send/action"
],
"notDataActions": []
}
],
"roleName": "EventGrid Data Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor EventSubscription EventGrid
Memungkinkan Anda mengelola operasi langganan kejadian EventGrid.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.EventGrid/eventSubscriptions/* | Membuat dan mengelola langganan acara regional |
Microsoft.EventGrid/topicTypes/eventSubscriptions/baca | Mencantumkan langganan peristiwa global menurut jenis topik |
Microsoft.EventGrid/lokasi/eventSubscriptions/baca | Mencantumkan langganan peristiwa regional |
Microsoft.EventGrid/lokasi/topicTypes/eventSubscriptions/baca | Mencantumkan langganan peristiwa regional menurut jenis topik |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage EventGrid event subscription operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
"name": "428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/eventSubscriptions/*",
"Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
"Microsoft.EventGrid/locations/eventSubscriptions/read",
"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid EventSubscription Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca EventSubscription EventGrid
Memungkinkan Anda membaca langganan kejadian EventGrid.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.EventGrid/eventSubscriptions/baca | Membaca sebuah eventSubscription |
Microsoft.EventGrid/topicTypes/eventSubscriptions/baca | Mencantumkan langganan peristiwa global menurut jenis topik |
Microsoft.EventGrid/lokasi/eventSubscriptions/baca | Mencantumkan langganan peristiwa regional |
Microsoft.EventGrid/lokasi/topicTypes/eventSubscriptions/baca | Mencantumkan langganan peristiwa regional menurut jenis topik |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you read EventGrid event subscriptions.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405",
"name": "2414bbcf-6497-4faf-8c65-045460748405",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/eventSubscriptions/read",
"Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
"Microsoft.EventGrid/locations/eventSubscriptions/read",
"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid EventSubscription Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Data FHIR
Peran memungkinkan pengguna atau prinsipal mengakses penuh Data FHIR
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.HealthcareApis/services/fhir/resources/* | |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/* | |
NotDataActions | |
Microsoft.HealthcareApis/services/fhir/resources/smart/action | Memungkinkan pengguna mengakses Layanan FHIR sesuai dengan SMART pada spesifikasi FHIR. |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action | Memungkinkan pengguna mengakses Layanan FHIR sesuai dengan SMART pada spesifikasi FHIR. |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal full access to FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd",
"name": "5a1fc7df-4bf1-4951-a576-89034ee01acd",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/*",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*"
],
"notDataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/smart/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action"
]
}
],
"roleName": "FHIR Data Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengekspor Data FHIR
Peran memungkinkan pengguna atau prinsipal untuk membaca dan mengekspor Data FHIR
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.HealthcareApis/services/fhir/resources/read | Baca sumber daya FHIR (termasuk pencarian dan riwayat versi). |
Microsoft.HealthcareApis/services/fhir/resources/export/action | Operasi ekspor ($export). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Baca sumber daya FHIR (termasuk pencarian dan riwayat versi). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action | Operasi ekspor ($export). |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and export FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843",
"name": "3db33094-8700-4567-8da5-1501d4e7e843",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/services/fhir/resources/export/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Exporter",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengimpor Data FHIR
Peran memungkinkan pengguna atau prinsipal untuk membaca dan mengimpor Data FHIR
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Baca sumber daya FHIR (termasuk pencarian dan riwayat versi). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action | Impor sumber daya FHIR dalam batch. |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and import FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b",
"name": "4465e953-8ced-4406-a58e-0f6e3f3b530b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Importer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Data FHIR
Peran memungkinkan pengguna atau prinsipal untuk membaca Data FHIR
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.HealthcareApis/services/fhir/resources/read | Baca sumber daya FHIR (termasuk pencarian dan riwayat versi). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Baca sumber daya FHIR (termasuk pencarian dan riwayat versi). |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508",
"name": "4c8d0bbc-75d3-4935-991f-5f3c56d81508",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Penulis Data FHIR
Peran memungkinkan pengguna atau prinsipal untuk membaca dan menulis Data FHIR
Tindakan | Deskripsi |
---|---|
Tidak ada | |
NotActions | |
Tidak ada | |
DataActions | |
Microsoft.HealthcareApis/services/fhir/resources/read | Baca sumber daya FHIR (termasuk pencarian dan riwayat versi). |
Microsoft.HealthcareApis/services/fhir/resources/write | Tulis sumber daya FHIR (termasuk buat dan perbarui). |
Microsoft.HealthcareApis/services/fhir/resources/delete | Hapus sumber daya FHIR (penghapusan sementara). |
Microsoft.HealthcareApis/services/fhir/resources/export/action | Operasi ekspor ($export). |
Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action | Memvalidasi operasi ($validate). |
Microsoft.HealthcareApis/services/fhir/resources/reindex/action | Memungkinkan pengguna menjalankan pekerjaan Reindex untuk mengindeks parameter pencarian apa pun yang belum diindeks. |
Microsoft.HealthcareApis/services/fhir/resources/convertData/action | Operasi konversi data ($convert-data) |
Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action | Memungkinkan pengguna untuk melakukan operasi Buat Penghapusan Pembaruan pada sumber daya profil. |
Microsoft.HealthcareApis/services/fhir/resources/import/action | Impor sumber daya FHIR dalam batch. |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Baca sumber daya FHIR (termasuk pencarian dan riwayat versi). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/write | Tulis sumber daya FHIR (termasuk buat dan perbarui). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete | Hapus sumber daya FHIR (penghapusan sementara). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action | Operasi ekspor ($export). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action | Memvalidasi operasi ($validate). |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action | Memungkinkan pengguna menjalankan pekerjaan Reindex untuk mengindeks parameter pencarian apa pun yang belum diindeks. |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action | Operasi konversi data ($convert-data) |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action | Memungkinkan pengguna untuk melakukan operasi Buat Penghapusan Pembaruan pada sumber daya profil. |
Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action | Impor sumber daya FHIR dalam batch. |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and write FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913",
"name": "3f88fce4-5892-4214-ae73-ba5294559913",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/services/fhir/resources/write",
"Microsoft.HealthcareApis/services/fhir/resources/delete",
"Microsoft.HealthcareApis/services/fhir/resources/export/action",
"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action",
"Microsoft.HealthcareApis/services/fhir/resources/reindex/action",
"Microsoft.HealthcareApis/services/fhir/resources/convertData/action",
"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action",
"Microsoft.HealthcareApis/services/fhir/resources/import/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Writer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Lingkungan Layanan Integrasi
Memungkinkan Anda mengelola lingkungan layanan integrasi, tetapi tidak dapat mengaksesnya.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Logic/integrationServiceEnvironments/* | |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage integration service environments, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
"name": "a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Support/*",
"Microsoft.Logic/integrationServiceEnvironments/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Integration Service Environment Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengembang Lingkungan Layanan Integrasi
Memungkinkan pengembang untuk membuat dan memperbarui alur kerja, akun integrasi, dan koneksi API dalam lingkungan layanan integrasi.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Logic/integrationServiceEnvironments/baca | Membaca lingkungan layanan integrasi. |
Microsoft.Logic/integrasiServiceEnvironments/*/gabung/tindakan | |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows developers to create and update workflows, integration accounts and API connections in integration service environments.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
"name": "c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Support/*",
"Microsoft.Logic/integrationServiceEnvironments/read",
"Microsoft.Logic/integrationServiceEnvironments/*/join/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Integration Service Environment Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Akun Sistem Cerdas
Memungkinkan Anda mengelola akun Intelligent Systems, tetapi tidak dapat mengaksesnya.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.IntelligentSystems/akun/* | Membuat dan mengelola akun sistem cerdas |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Intelligent Systems accounts, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e",
"name": "03a6d094-3444-4b3d-88af-7477090a9e5e",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.IntelligentSystems/accounts/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Intelligent Systems Account Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Aplikasi Logika
Memungkinkan Anda mengelola aplikasi logika, tetapi tidak mengubah akses ke aplikasi tersebut.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.ClassicStorage/storageAccounts/listKeys/tindakan | Mencantumkan kunci akses untuk akun penyimpanan. |
Microsoft.ClassicStorage/storageAccounts/baca | Kembalikan akun penyimpanan dengan akun yang diberikan. |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.Insights/metricAlerts/* | |
Microsoft.Insights/diagnosticSettings/* | Membuat, memperbarui, atau membaca pengaturan diagnostik untuk Server Analisis |
Microsoft.Insights/logdefinitions/* | Izin ini diperlukan bagi pengguna yang memerlukan akses ke Log Aktivitas melalui portal. Mencantumkan kategori log di Log Aktivitas. |
Microsoft.Insights/metricDefinitions/* | Membaca definisi metrik (daftar tipe metrik yang tersedia untuk sumber daya). |
Microsoft.Logic/* | Mengelola sumber daya Logic Apps. |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/hasiloperasi/baca | Dapatkan Hasil Operasi Langganan. |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Storage/storageAccounts/listKeys/tindakan | Mengembalikan kunci akses untuk akun penyimpanan tertentu. |
Microsoft.Storage/storageAccounts/baca | Mengembalikan daftar akun penyimpanan atau mendapatkan properti untuk akun penyimpanan tertentu. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Web/connectionGateways/* | Membuat dan mengelola Gateway Koneksi. |
Microsoft.Web/koneksi/* | Membuat dan mengelola Koneksi. |
Microsoft.Web/customApis/* | Membuat dan mengelola API Kustom. |
Microsoft.Web/serverFarms/gabung/tindakan | Bergabung dengan App Service Plan |
Microsoft.Web/serverFarms/baca | Dapatkan properti di App Service Plan |
Microsoft.Web/situs/fungsi/listSecrets/tindakan | Daftar Rahasia fungsi. |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage logic app, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e",
"name": "87a39d53-fc1b-424a-814c-f7e04687dc9e",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.ClassicStorage/storageAccounts/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metricAlerts/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.Insights/logdefinitions/*",
"Microsoft.Insights/metricDefinitions/*",
"Microsoft.Logic/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Storage/storageAccounts/listkeys/action",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Support/*",
"Microsoft.Web/connectionGateways/*",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/serverFarms/join/action",
"Microsoft.Web/serverFarms/read",
"Microsoft.Web/sites/functions/listSecrets/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic App Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operator Aplikasi Logika
Memungkinkan Anda membaca, mengaktifkan, dan menonaktifkan aplikasi logika, tetapi tidak mengedit atau memperbaruinya.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/baca | Membaca aturan peringatan Insights |
Microsoft.Insights/metricAlerts/*/baca | |
Microsoft.Insights /DiagnosticSettings/baca | Mendapatkan pengaturan diagnostik untuk Logic Apps |
Microsoft.Insights/metricDefinitions/*/read | Mendapatkan metrik yang tersedia untuk Logic Apps. |
Microsoft.Logic/*/baca | Membaca sumber daya Aplikasi Logika. |
Microsoft.Logic/alur kerja/nonaktifkan/tindakan | Menonaktifkan alur kerja. |
Microsoft.Logic/alur kerja/aktifkan/tindakan | Mengaktifkan alur kerja. |
Microsoft.Logic/alur kerja/validasi/tindakan | Memvalidasi alur kerja. |
Microsoft.Resources/penyebaran/operasi/baca | Mendapatkan atau mencantumkan operasi penyebaran. |
Microsoft.Resources/langganan/hasiloperasi/baca | Dapatkan Hasil Operasi Langganan. |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Web/connectionGateways/*/baca | Baca Gateway Koneksi. |
Microsoft.Web/koneksi/*/baca | Baca Koneksi. |
Microsoft.Web/customApis/*/baca | Baca API Kustom. |
Microsoft.Web/serverFarms/baca | Dapatkan properti di App Service Plan |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you read, enable and disable logic app.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe",
"name": "515c2055-d9d4-4321-b1b9-bd0c9a0f79fe",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*/read",
"Microsoft.Insights/metricAlerts/*/read",
"Microsoft.Insights/diagnosticSettings/*/read",
"Microsoft.Insights/metricDefinitions/*/read",
"Microsoft.Logic/*/read",
"Microsoft.Logic/workflows/disable/action",
"Microsoft.Logic/workflows/enable/action",
"Microsoft.Logic/workflows/validate/action",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/connectionGateways/*/read",
"Microsoft.Web/connections/*/read",
"Microsoft.Web/customApis/*/read",
"Microsoft.Web/serverFarms/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic App Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Standar Logic Apps (Pratinjau)
Anda dapat mengelola semua aspek aplikasi logika standar dan alur kerja. Anda tidak dapat mengubah akses atau kepemilikan.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.Resources/penyebaran/operasi/baca | Mendapatkan atau mencantumkan operasi penyebaran. |
Microsoft.Resources/langganan/hasiloperasi/baca | Dapatkan Hasil Operasi Langganan. |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Web/*/read | |
Microsoft.Web/sertifikat/* | Membuat dan mengelola sertifikat. |
Microsoft.Web/connectionGateways/* | Membuat dan mengelola Gateway Koneksi. |
Microsoft.Web/koneksi/* | Membuat dan mengelola Koneksi. |
Microsoft.Web/customApis/* | Membuat dan mengelola API Kustom. |
Microsoft.Web/serverFarms/* | Membuat dan mengelola Paket App Service. |
Microsoft.Web/situs/* | Membuat dan mengelola aplikasi web. |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570",
"name": "ad710c24-b039-4e85-a019-deb4a06e8570",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/certificates/*",
"Microsoft.Web/connectionGateways/*",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/serverFarms/*",
"Microsoft.Web/sites/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Contributor (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pengembang Standar Logic Apps (Pratinjau)
Anda dapat membuat dan mengedit alur kerja, koneksi, dan pengaturan untuk aplikasi logika Standar. Anda tidak dapat membuat perubahan di luar cakupan alur kerja.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.Resources/penyebaran/operasi/baca | Mendapatkan atau mencantumkan operasi penyebaran. |
Microsoft.Resources/langganan/hasiloperasi/baca | Dapatkan Hasil Operasi Langganan. |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Web/*/read | |
Microsoft.Web/koneksi/* | Membuat dan mengelola Koneksi. |
Microsoft.Web/customApis/* | Membuat dan mengelola API Kustom. |
Microsoft.Web/sites/config/list/Action | Mencantumkan pengaturan sensitif keamanan Aplikasi Web, seperti info masuk penerbitan, pengaturan aplikasi, dan string koneksi |
microsoft.web/sites/config/Write | Memperbarui pengaturan konfigurasi Aplikasi Web |
microsoft.web/sites/config/web/appsettings/delete | Menghapus Pengaturan Aplikasi Web Apps |
microsoft.web/sites/config/web/appsettings/write | Membuat atau Memperbarui pengaturan Aplikasi Tunggal Aplikasi Web |
microsoft.web/sites/deployWorkflowArtifacts/action | Buat artefak di Aplikasi Logika. |
microsoft.web/sites/hostruntime/* | Mendapatkan atau mencantumkan artefak hostruntime untuk aplikasi web atau aplikasi fungsi. |
microsoft.web/sites/listworkflowsconnections/action | Mencantumkan koneksi aplikasi logika dengan ID-nya di Aplikasi Logika. |
Microsoft.Web/sites/publish/Action | Menerbitkan Aplikasi Web |
microsoft.web/sites/slots/config/appsettings/write | Membuat atau Memperbarui pengaturan Aplikasi Tunggal Slot Aplikasi Web App |
Microsoft.Web/sites/slots/config/list/Action | Mencantumkan pengaturan sensitif keamanan Slot Aplikasi Web, seperti info masuk penerbitan, pengaturan aplikasi, dan string koneksi |
microsoft.web/sites/slots/config/web/appsettings/delete | Menghapus Pengaturan Aplikasi Slot Aplikasi Web |
microsoft.web/sites/slots/deployWorkflowArtifacts/action | Buat artefak di slot penyebaran di Aplikasi Logika. |
microsoft.web/sites/slots/listworkflowsconnections/action | Mencantumkan koneksi aplikasi logika dengan ID-nya di slot penyebaran di Aplikasi Logika. |
Microsoft.Web/sites/slots/publish/Action | Mempublikasikan Slot Aplikasi Web |
microsoft.web/sites/workflows/* | |
microsoft.web/sites/workflowsconfiguration/* | |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb",
"name": "523776ba-4eb2-4600-a3c8-f2dc93da4bdb",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/sites/config/list/Action",
"microsoft.web/sites/config/Write",
"microsoft.web/sites/config/web/appsettings/delete",
"microsoft.web/sites/config/web/appsettings/write",
"microsoft.web/sites/deployWorkflowArtifacts/action",
"microsoft.web/sites/hostruntime/*",
"microsoft.web/sites/listworkflowsconnections/action",
"Microsoft.Web/sites/publish/Action",
"microsoft.web/sites/slots/config/appsettings/write",
"Microsoft.Web/sites/slots/config/list/Action",
"microsoft.web/sites/slots/config/web/appsettings/delete",
"microsoft.web/sites/slots/deployWorkflowArtifacts/action",
"microsoft.web/sites/slots/listworkflowsconnections/action",
"Microsoft.Web/sites/slots/publish/Action",
"microsoft.web/sites/workflows/*",
"microsoft.web/sites/workflowsconfiguration/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Developer (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operator Standar Logic Apps (Pratinjau)
Anda dapat mengaktifkan dan menonaktifkan aplikasi logika, mengirim ulang eksekusi alur kerja, serta membuat koneksi. Anda tidak dapat mengedit alur kerja atau pengaturan.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.Resources/penyebaran/operasi/baca | Mendapatkan atau mencantumkan operasi penyebaran. |
Microsoft.Resources/langganan/hasiloperasi/baca | Dapatkan Hasil Operasi Langganan. |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Web/*/read | |
Microsoft.Web/sites/applySlotConfig/Action | Menerapkan konfigurasi slot aplikasi web dari slot target ke aplikasi web saat ini |
microsoft.web/sites/hostruntime/* | Mendapatkan atau mencantumkan artefak hostruntime untuk aplikasi web atau aplikasi fungsi. |
Microsoft.Web/sites/restart/Action | Menghidupkan ulang Aplikasi Web |
Microsoft.Web/sites/slots/restart/Action | Menghidupkan ulang Slot Aplikasi Web |
Microsoft.Web/sites/slots/slotsswap/Action | Menukar slot penyebaran Aplikasi Web |
Microsoft.Web/sites/slots/start/Action | Memulai Slot Aplikasi Web |
Microsoft.Web/sites/slots/stop/Action | Menghentikan Slot Aplikasi Web |
Microsoft.Web/sites/slotsdiffs/Action | Mendapatkan perbedaan konfigurasi antara aplikasi web dan slot |
Microsoft.Web/sites/slotsswap/Action | Menukar slot penyebaran Aplikasi Web |
Microsoft.Web/sites/start/Action | Memulai Aplikasi Web |
Microsoft.Web/sites/stop/Action | Menghentikan Aplikasi Web |
Microsoft.Web/sites/write | Membuat Aplikasi Web baru atau memperbarui yang sudah ada |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555",
"name": "b70c96e9-66fe-4c09-b6e7-c98e69c98555",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/sites/applySlotConfig/Action",
"microsoft.web/sites/hostruntime/*",
"Microsoft.Web/sites/restart/Action",
"Microsoft.Web/sites/slots/restart/Action",
"Microsoft.Web/sites/slots/slotsswap/Action",
"Microsoft.Web/sites/slots/start/Action",
"Microsoft.Web/sites/slots/stop/Action",
"Microsoft.Web/sites/slotsdiffs/Action",
"Microsoft.Web/sites/slotsswap/Action",
"Microsoft.Web/sites/start/Action",
"Microsoft.Web/sites/stop/Action",
"Microsoft.Web/sites/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Operator (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Standar Logic Apps (Pratinjau)
Anda memiliki akses baca-saja ke semua sumber daya dalam aplikasi logika Standar dan alur kerja, termasuk alur kerja yang berjalan dan riwayatnya.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.Resources/penyebaran/operasi/baca | Mendapatkan atau mencantumkan operasi penyebaran. |
Microsoft.Resources/langganan/hasiloperasi/baca | Dapatkan Hasil Operasi Langganan. |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
Microsoft.Web/*/read | |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73",
"name": "4accf36b-2c05-432f-91c8-5c532dff4c73",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Reader (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Kumpulan Tugas Scheduler
Memungkinkan Anda mengelola koleksi tugas Scheduler, tetapi tidak dapat mengaksesnya.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Scheduler/jobcollections/* | Membuat dan mengelola kumpulan pekerjaan |
Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Scheduler job collections, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94",
"name": "188a0f2f-5c9e-469b-ae67-2aa5ce574b94",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Scheduler/jobcollections/*",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Scheduler Job Collections Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operator Hub Layanan
Operator Hub Layanan memungkinkan Anda melakukan semua operasi baca, tulis, dan penghapusan terkait dengan Konektor Hub Layanan.
Tindakan | Deskripsi |
---|---|
Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
Microsoft.ServicesHub/konektor/tulis | Membuat atau memperbarui Konektor Layanan Hub |
Microsoft.ServicesHub/konektor/baca | Melihat atau Mendaftar Konektor Hub Layanan |
Microsoft.ServicesHub/konektor/hapus | Menghapus Konektor Hub Layanan |
Microsoft.ServicesHub/konektor/checkAssessmentEntitlement/tindakan | Mencantumkan Hak Penilaian untuk Ruang Kerja Hub Layanan tertentu |
Microsoft.ServicesHub/supportOfferingEntitlement/baca | Melihat Hak Penawaran Dukungan untuk Ruang Kerja Hub Layanan tertentu |
Microsoft.ServicesHub/ruang kerja/baca | Cantumkan Ruang Kerja Hub Layanan untuk Pengguna tertentu |
NotActions | |
Tidak ada | |
DataActions | |
Tidak ada | |
NotDataActions | |
Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b",
"name": "82200a5b-e217-47a5-b665-6d8765ee745b",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/deployments/*",
"Microsoft.ServicesHub/connectors/write",
"Microsoft.ServicesHub/connectors/read",
"Microsoft.ServicesHub/connectors/delete",
"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action",
"Microsoft.ServicesHub/supportOfferingEntitlement/read",
"Microsoft.ServicesHub/workspaces/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Services Hub Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}