Peran bawaan Azure untuk Internet of Things
Artikel ini mencantumkan peran bawaan Azure dalam kategori Internet of Things.
Pemilik Data Azure Digital Twins
Peran akses penuh untuk sarana data Digital Twins
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DigitalTwins/digitaltwins/* | Membaca, membuat, memperbarui, atau menghapus Digital Twin apa pun |
| Microsoft.DigitalTwins/digitaltwins/perintah/* | Panggil Perintah apa pun pada Digital Twin |
| Microsoft.DigitalTwins/digitaltwins/hubungan/* | Membaca, membuat, memperbarui, atau menghapus Hubungan Digital Twin apa pun |
| Microsoft.DigitalTwins/eventroutes/* | Membaca, menghapus, membuat, atau memperbarui Rute Acara apa pun |
| Microsoft.DigitalTwins/jobs/* | |
| Microsoft.DigitalTwins/model/* | Membaca, membuat, memperbarui, atau menghapus Model apa pun |
| Microsoft.DigitalTwins/kueri/* | Membuat kueri Grafik Digital Twins apa pun |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Full access role for Digital Twins data-plane",
"id": "/providers/Microsoft.Authorization/roleDefinitions/bcd981a7-7f74-457b-83e1-cceb9e632ffe",
"name": "bcd981a7-7f74-457b-83e1-cceb9e632ffe",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.DigitalTwins/digitaltwins/*",
"Microsoft.DigitalTwins/digitaltwins/commands/*",
"Microsoft.DigitalTwins/digitaltwins/relationships/*",
"Microsoft.DigitalTwins/eventroutes/*",
"Microsoft.DigitalTwins/jobs/*",
"Microsoft.DigitalTwins/models/*",
"Microsoft.DigitalTwins/query/*"
],
"notDataActions": []
}
],
"roleName": "Azure Digital Twins Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Data Azure Digital Twins
Peran baca saja untuk properti sarana data Digital Twins
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DigitalTwins/digitaltwins/baca | Membaca Digital Twin apa pun |
| Microsoft.DigitalTwins/digitaltwins/hubungan/baca | Membaca Hubungan Digital Twin apa pun |
| Microsoft.DigitalTwins/eventroutes/baca | Baca Rute Acara apa pun |
| Microsoft.DigitalTwins/jobs/import/read | Membaca Pekerjaan Impor Massal apa pun |
| Microsoft.DigitalTwins/jobs/imports/read | Membaca Pekerjaan Impor Massal apa pun |
| Microsoft.DigitalTwins/jobs/deletions/read | Membaca Pekerjaan Penghapusan Massal apa pun |
| Microsoft.DigitalTwins/model/baca | Baca Model apa pun |
| Microsoft.DigitalTwins/kueri/tindakan | Membuat kueri Grafik Digital Twins apa pun |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Read-only role for Digital Twins data-plane properties",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d57506d4-4c8d-48b1-8587-93c323f6a5a3",
"name": "d57506d4-4c8d-48b1-8587-93c323f6a5a3",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.DigitalTwins/digitaltwins/read",
"Microsoft.DigitalTwins/digitaltwins/relationships/read",
"Microsoft.DigitalTwins/eventroutes/read",
"Microsoft.DigitalTwins/jobs/import/read",
"Microsoft.DigitalTwins/jobs/imports/read",
"Microsoft.DigitalTwins/jobs/deletions/read",
"Microsoft.DigitalTwins/models/read",
"Microsoft.DigitalTwins/query/action"
],
"notDataActions": []
}
],
"roleName": "Azure Digital Twins Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Administrator Pembaruan Perangkat
Memberi Anda akses penuh ke operasi manajemen dan konten
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/baca | Melakukan operasi baca yang terkait dengan pembaruan |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/tulis | Melakukan operasi tulis yang terkait dengan pembaruan |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/hapus | Melakukan operasi hapus yang terkait dengan pembaruan |
| Microsoft.DeviceUpdate/akun/instans/manajemen/baca | Melakukan operasi baca yang terkait dengan manajemen |
| Microsoft.DeviceUpdate/akun/instans/manajemen/tulis | Melakukan operasi tulis yang terkait dengan manajemen |
| Microsoft.DeviceUpdate/akun/instans/manajemen/hapus | Melakukan operasi hapus yang terkait dengan manajemen |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Gives you full access to management and content operations",
"id": "/providers/Microsoft.Authorization/roleDefinitions/02ca0879-e8e4-47a5-a61e-5c618b76e64a",
"name": "02ca0879-e8e4-47a5-a61e-5c618b76e64a",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Insights/alertRules/*"
],
"notActions": [],
"dataActions": [
"Microsoft.DeviceUpdate/accounts/instances/updates/read",
"Microsoft.DeviceUpdate/accounts/instances/updates/write",
"Microsoft.DeviceUpdate/accounts/instances/updates/delete",
"Microsoft.DeviceUpdate/accounts/instances/management/read",
"Microsoft.DeviceUpdate/accounts/instances/management/write",
"Microsoft.DeviceUpdate/accounts/instances/management/delete"
],
"notDataActions": []
}
],
"roleName": "Device Update Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Administrator Konten Pembaruan Perangkat
Memberi Anda akses penuh ke operasi konten
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/baca | Melakukan operasi baca yang terkait dengan pembaruan |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/tulis | Melakukan operasi tulis yang terkait dengan pembaruan |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/hapus | Melakukan operasi hapus yang terkait dengan pembaruan |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Gives you full access to content operations",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0378884a-3af5-44ab-8323-f5b22f9f3c98",
"name": "0378884a-3af5-44ab-8323-f5b22f9f3c98",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Insights/alertRules/*"
],
"notActions": [],
"dataActions": [
"Microsoft.DeviceUpdate/accounts/instances/updates/read",
"Microsoft.DeviceUpdate/accounts/instances/updates/write",
"Microsoft.DeviceUpdate/accounts/instances/updates/delete"
],
"notDataActions": []
}
],
"roleName": "Device Update Content Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Konten Pembaruan Perangkat
Memberi Anda akses baca ke operasi konten, tetapi tidak mengizinkan untuk melakukan perubahan
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/baca | Melakukan operasi baca yang terkait dengan pembaruan |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Gives you read access to content operations, but does not allow making changes",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d1ee9a80-8b14-47f0-bdc2-f4a351625a7b",
"name": "d1ee9a80-8b14-47f0-bdc2-f4a351625a7b",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Insights/alertRules/*"
],
"notActions": [],
"dataActions": [
"Microsoft.DeviceUpdate/accounts/instances/updates/read"
],
"notDataActions": []
}
],
"roleName": "Device Update Content Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Administrator Penyebaran Pembaruan Perangkat
Memberi Anda akses penuh ke operasi manajemen
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DeviceUpdate/akun/instans/manajemen/baca | Melakukan operasi baca yang terkait dengan manajemen |
| Microsoft.DeviceUpdate/akun/instans/manajemen/tulis | Melakukan operasi tulis yang terkait dengan manajemen |
| Microsoft.DeviceUpdate/akun/instans/manajemen/hapus | Melakukan operasi hapus yang terkait dengan manajemen |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/baca | Melakukan operasi baca yang terkait dengan pembaruan |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Gives you full access to management operations",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e4237640-0e3d-4a46-8fda-70bc94856432",
"name": "e4237640-0e3d-4a46-8fda-70bc94856432",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Insights/alertRules/*"
],
"notActions": [],
"dataActions": [
"Microsoft.DeviceUpdate/accounts/instances/management/read",
"Microsoft.DeviceUpdate/accounts/instances/management/write",
"Microsoft.DeviceUpdate/accounts/instances/management/delete",
"Microsoft.DeviceUpdate/accounts/instances/updates/read"
],
"notDataActions": []
}
],
"roleName": "Device Update Deployments Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Penyebaran Pembaruan Perangkat
Memberi Anda akses baca ke operasi manajemen, tetapi tidak mengizinkan untuk melakukan perubahan
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DeviceUpdate/akun/instans/manajemen/baca | Melakukan operasi baca yang terkait dengan manajemen |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/baca | Melakukan operasi baca yang terkait dengan pembaruan |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Gives you read access to management operations, but does not allow making changes",
"id": "/providers/Microsoft.Authorization/roleDefinitions/49e2f5d2-7741-4835-8efa-19e1fe35e47f",
"name": "49e2f5d2-7741-4835-8efa-19e1fe35e47f",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Insights/alertRules/*"
],
"notActions": [],
"dataActions": [
"Microsoft.DeviceUpdate/accounts/instances/management/read",
"Microsoft.DeviceUpdate/accounts/instances/updates/read"
],
"notDataActions": []
}
],
"roleName": "Device Update Deployments Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Pembaruan Perangkat
Memberi Anda akses baca ke operasi manajemen dan konten, tetapi tidak mengizinkan untuk melakukan perubahan
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.DeviceUpdate/akun/instans/pembaruan/baca | Melakukan operasi baca yang terkait dengan pembaruan |
| Microsoft.DeviceUpdate/akun/instans/manajemen/baca | Melakukan operasi baca yang terkait dengan manajemen |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Gives you read access to management and content operations, but does not allow making changes",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f",
"name": "e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Insights/alertRules/*"
],
"notActions": [],
"dataActions": [
"Microsoft.DeviceUpdate/accounts/instances/updates/read",
"Microsoft.DeviceUpdate/accounts/instances/management/read"
],
"notDataActions": []
}
],
"roleName": "Device Update Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Data IoT Hub
Memungkinkan akses penuh ke operasi pesawat data Azure IoT Hub.
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Devices/IotHubs/* | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to IoT Hub data plane operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4fc6c259-987e-4a07-842e-c321cc9d413f",
"name": "4fc6c259-987e-4a07-842e-c321cc9d413f",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Devices/IotHubs/*"
],
"notDataActions": []
}
],
"roleName": "IoT Hub Data Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Data IoT Hub
Memungkinkan akses baca penuh ke properti pesawat data IoT Hub
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Devices/IotHubs/*/baca | |
| Microsoft.Devices/IotHubs/fileUpload/pemberitahuan/tindakan | Menerima, melengkapi, atau meninggalkan pemberitahuan unggahan file |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for full read access to IoT Hub data-plane properties",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b447c946-2db7-41ec-983d-d8bf3b1c77e3",
"name": "b447c946-2db7-41ec-983d-d8bf3b1c77e3",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Devices/IotHubs/*/read",
"Microsoft.Devices/IotHubs/fileUpload/notifications/action"
],
"notDataActions": []
}
],
"roleName": "IoT Hub Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Registri IoT Hub
Memungkinkan akses penuh ke registri perangkat IoT Hub.
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Devices/IotHubs/perangkat/* | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to IoT Hub device registry.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4ea46cd5-c1b2-4a8e-910b-273211f9ce47",
"name": "4ea46cd5-c1b2-4a8e-910b-273211f9ce47",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Devices/IotHubs/devices/*"
],
"notDataActions": []
}
],
"roleName": "IoT Hub Registry Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Kembar IoT Hub
Memungkinkan untuk membaca dan menulis akses ke semua perangkat IoT Hub dan modul kembar.
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Devices/IotHubs/kembar/* | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Allows for read and write access to all IoT Hub device and module twins.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/494bdba2-168f-4f31-a0a1-191d2f7c028c",
"name": "494bdba2-168f-4f31-a0a1-191d2f7c028c",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Devices/IotHubs/twins/*"
],
"notDataActions": []
}
],
"roleName": "IoT Hub Twin Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}