Catatan
Akses ke halaman ini memerlukan otorisasi. Anda dapat mencoba masuk atau mengubah direktori.
Akses ke halaman ini memerlukan otorisasi. Anda dapat mencoba mengubah direktori.
Artikel ini mencantumkan peran bawaan Azure dalam kategori Monitor.
Kontributor Komponen Application Insights
Dapat mengelola komponen Application Insights
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola aturan pemberitahuan klasik |
| Microsoft.Insights/generateLiveToken/baca | Metrik Langsung mendapatkan token |
| Microsoft.Insights/metricAlerts/* | Membuat atau mengelola aturan pemberitahuan |
| Microsoft.Insights/komponen/* | Membuat dan mengelola komponen Insight |
| Microsoft.Insights/scheduledqueryrules/* | |
| Microsoft.Insights/topologi/baca | Baca Topologi |
| Microsoft.Insights/transaksi/baca | Membaca Transaksi |
| Microsoft.Insights/webtests/* | Membuat dan mengelola uji web Insights |
| Microsoft.ResourceHealth/availabilityStatuses/baca | Mendapatkan status ketersediaan untuk semua sumber daya dalam lingkup yang ditentukan |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can manage Application Insights components",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ae349356-3a1b-4a5e-921d-050484c6347e",
"name": "ae349356-3a1b-4a5e-921d-050484c6347e",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/generateLiveToken/read",
"Microsoft.Insights/metricAlerts/*",
"Microsoft.Insights/components/*",
"Microsoft.Insights/scheduledqueryrules/*",
"Microsoft.Insights/topology/read",
"Microsoft.Insights/transactions/read",
"Microsoft.Insights/webtests/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Application Insights Component Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Debugger Snapshot Application Insights
Memberikan izin kepada pengguna untuk melihat dan mengunduh snapshot debug yang dikumpulkan dengan Application Insights Snapshot Debugger. Perhatikan bahwa izin ini tidak disertakan dalam peran Pemilikatau Kontributor. Saat memberi pengguna peran Snapshot Debugger Application Insights, Anda harus memberikan peran langsung kepada pengguna. Peran tidak dikenali ketika ditambahkan ke peran kustom.
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| Microsoft.Insights/komponen/*/baca | |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Gives user permission to use Application Insights Snapshot Debugger features",
"id": "/providers/Microsoft.Authorization/roleDefinitions/08954f03-6346-4c2e-81c0-ec3a5cfae23b",
"name": "08954f03-6346-4c2e-81c0-ec3a5cfae23b",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/components/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Application Insights Snapshot Debugger",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Ruang Kerja Grafana Terkelola Azure
Dapat mengelola sumber daya Azure Managed Grafana, tanpa menyediakan akses ke ruang kerja itu sendiri.
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Dashboard/grafana/write | Menulis grafana |
| Microsoft.Dashboard/grafana/delete | Menghapus grafana |
| Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action | Menyetujui PrivateEndpointConnection |
| Microsoft.Dashboard/grafana/managedPrivateEndpoints/action | Operasi pada Titik Akhir Privat |
| Microsoft.Dashboard/locations/operationStatuses/write | Menulis status operasi |
| Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action | Memvalidasi PrivateEndpointConnectionProxy |
| Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write | Membuat/Memperbarui PrivateEndpointConnectionProxy |
| Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete | Menghapus PrivateEndpointConnectionProxy |
| Microsoft.Dashboard/grafana/privateEndpointConnections/write | Memperbarui PrivateEndpointConnection |
| Microsoft.Dashboard/grafana/privateEndpointConnections/delete | Menghapus PrivateEndpointConnection |
| Microsoft.Dashboard/grafana/managedPrivateEndpoints/write | Menulis Titik Akhir Privat Terkelola |
| Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete | Menghapus Titik Akhir Privat Terkelola |
| Microsoft.Dashboard/grafana/integrationFabrics/write | Tulis Integration Fabrics |
| Microsoft.Dashboard/grafana/integrationFabrics/delete | Menghapus Integration Fabrics |
| Microsoft.Authorization/*/baca | Membaca peran dan penetapan peran |
| Microsoft.Insights/AlertRules/Write | Membuat atau memperbarui pemberitahuan metrik klasik |
| Microsoft.Insights/AlertRules/Delete | Menghapus pemberitahuan metrik klasik |
| Microsoft.Insights/AlertRules/Read | Membaca pemberitahuan metrik klasik |
| Microsoft.Insights/AlertRules/Activated/Action | Pemberitahuan metrik klasik diaktifkan |
| Microsoft.Insights/AturanPeringatan/Terselesaikan/Tindakan | Pemberitahuan metrik klasik diselesaikan |
| Microsoft.Insights/AturanPeringatan/Dibatasi/Tindakan | Aturan pemberitahuan metrik klasik dibatasi |
| Microsoft.Insights/AlertRules/Incidents/Read | Membaca insiden pemberitahuan metrik klasik |
| Microsoft.Resources/penyebaran/baca | Mendapatkan atau mencantumkan penyebaran. |
| Microsoft.Resources/penyebaran/tulis | Membuat atau memperbarui penyebaran. |
| Microsoft.Resources/deployments/delete | Menghapus penyebaran. |
| Microsoft.Resources/deployments/cancel/action | Membatalkan penyebaran. |
| Microsoft.Resources/deployments/validate/action | Memvalidasi penyebaran. |
| Microsoft.Resources/deployments/whatIf/action | Memprediksi perubahan penyebaran templat. |
| Microsoft.Resources/deployments/exportTemplate/action | Mengekspor templat untuk penyebaran |
| Microsoft.Resources/penyebaran/operasi/baca | Mendapatkan atau mencantumkan operasi penyebaran. |
| Microsoft.Resources/deployments/operationstatuses/read | Mendapatkan atau mencantumkan status operasi penyebaran. |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can manage Azure Managed Grafana resources, without providing access to the workspaces themselves.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95",
"name": "5c2d7e57-b7c2-4d8a-be4f-82afa42c6e95",
"permissions": [
{
"actions": [
"Microsoft.Dashboard/grafana/write",
"Microsoft.Dashboard/grafana/delete",
"Microsoft.Dashboard/grafana/PrivateEndpointConnectionsApproval/action",
"Microsoft.Dashboard/grafana/managedPrivateEndpoints/action",
"Microsoft.Dashboard/locations/operationStatuses/write",
"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/validate/action",
"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/write",
"Microsoft.Dashboard/grafana/privateEndpointConnectionProxies/delete",
"Microsoft.Dashboard/grafana/privateEndpointConnections/write",
"Microsoft.Dashboard/grafana/privateEndpointConnections/delete",
"Microsoft.Dashboard/grafana/managedPrivateEndpoints/write",
"Microsoft.Dashboard/grafana/managedPrivateEndpoints/delete",
"Microsoft.Dashboard/grafana/integrationFabrics/write",
"Microsoft.Dashboard/grafana/integrationFabrics/delete",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/AlertRules/Write",
"Microsoft.Insights/AlertRules/Delete",
"Microsoft.Insights/AlertRules/Read",
"Microsoft.Insights/AlertRules/Activated/Action",
"Microsoft.Insights/AlertRules/Resolved/Action",
"Microsoft.Insights/AlertRules/Throttled/Action",
"Microsoft.Insights/AlertRules/Incidents/Read",
"Microsoft.Resources/deployments/read",
"Microsoft.Resources/deployments/write",
"Microsoft.Resources/deployments/delete",
"Microsoft.Resources/deployments/cancel/action",
"Microsoft.Resources/deployments/validate/action",
"Microsoft.Resources/deployments/whatIf/action",
"Microsoft.Resources/deployments/exportTemplate/action",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/deployments/operationstatuses/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Managed Grafana Workspace Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Penghapus Seluruh Data
Menghapus data pribadi dari ruang kerja Analitik Log.
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Insights/komponen/*/baca | |
| Microsoft.Insights/komponen/pembersihan/tindakan | Membersihkan data dari Application Insights |
| Microsoft.OperationalInsights/ruang kerja/*/baca | Menampilkan data analitik log |
| Microsoft.OperationalInsights/ruang kerja/pembersihan/tindakan | Hapus data yang ditentukan berdasarkan kueri dari ruang kerja. |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can purge analytics data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90",
"name": "150f5e0c-0603-4f03-8c7f-cf70034c4e90",
"permissions": [
{
"actions": [
"Microsoft.Insights/components/*/read",
"Microsoft.Insights/components/purge/action",
"Microsoft.OperationalInsights/workspaces/*/read",
"Microsoft.OperationalInsights/workspaces/purge/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Data Purger",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Grafana Admin
Kelola pengaturan di seluruh server dan kelola akses ke sumber daya seperti organisasi, pengguna, dan lisensi.
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action | Bertindak sebagai peran Admin Grafana |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Manage server-wide settings and manage access to resources such as organizations, users, and licenses.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/22926164-76b3-42b3-bc55-97df8dab3e41",
"name": "22926164-76b3-42b3-bc55-97df8dab3e41",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Dashboard/grafana/ActAsGrafanaAdmin/action"
],
"notDataActions": []
}
],
"roleName": "Grafana Admin",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Grafana Editor
Membuat, mengedit, menghapus, atau melihat dasbor; membuat, mengedit, atau menghapus folder; dan edit atau lihat daftar putar.
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action | Bertindak sebagai peran Editor Grafana |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Create, edit, delete, or view dashboards; create, edit, or delete folders; and edit or view playlists.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a79a5197-3a5c-4973-a920-486035ffd60f",
"name": "a79a5197-3a5c-4973-a920-486035ffd60f",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Dashboard/grafana/ActAsGrafanaEditor/action"
],
"notDataActions": []
}
],
"roleName": "Grafana Editor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Penampil Terbatas Grafana
Lihat beranda.
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action | Bertindak sebagai peran Penampil Terbatas Grafana |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "View home page.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/41e04612-9dac-4699-a02b-c82ff2cc3fb5",
"name": "41e04612-9dac-4699-a02b-c82ff2cc3fb5",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action"
],
"notDataActions": []
}
],
"roleName": "Grafana Limited Viewer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Penampil Grafana
Menampilkan dasbor, daftar putar, dan sumber data kueri.
| Tindakan | Deskripsi |
|---|---|
| Tidak ada | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action | Bertindak sebagai peran Penampil Grafana |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "View dashboards, playlists, and query data sources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/60921a7e-fef1-4a43-9b16-a26c52ad4769",
"name": "60921a7e-fef1-4a43-9b16-a26c52ad4769",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Dashboard/grafana/ActAsGrafanaViewer/action"
],
"notDataActions": []
}
],
"roleName": "Grafana Viewer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor untuk Analisis Log
Kontributor Analitik Log dapat membaca semua data pemantauan dan mengedit pengaturan pemantauan. Pengaturan pemantauan pengeditan termasuk menambahkan ekstensi VM ke VM; membaca kunci akun penyimpanan untuk dapat mengonfigurasi koleksi log dari Azure Storage; menambahkan solusi; dan mengonfigurasi diagnostik Azure pada semua sumber daya Azure.
Nota
Peran ini mencakup */read tindakan untuk sarana kontrol. Pengguna yang diberi peran ini dapat membaca informasi sarana kontrol untuk semua sumber daya Azure.
| Tindakan | Deskripsi |
|---|---|
| */membaca | Membaca informasi sarana kontrol untuk semua sumber daya Azure. |
| Microsoft.ClassicCompute/virtualMachines/ekstensi/* | |
| Microsoft.ClassicStorage/storageAccounts/listKeys/tindakan | Mencantumkan kunci akses untuk akun penyimpanan. |
| Microsoft.Compute/virtualMachines/ekstensi/* | |
| Microsoft.HybridCompute/mesin/ekstensi/tulis | Menginstal atau Memperbarui ekstensi Azure Arc |
| Microsoft.Insights/alertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| Microsoft.Insights/diagnosticSettings/* | Membuat, memperbarui, atau membaca pengaturan diagnostik untuk Server Analisis |
| Microsoft.OperationalInsights/* | |
| Microsoft.OperationsManagement/* | |
| Microsoft.Resources/penyebaran/* | Membuat dan mengelola penyebaran |
| Microsoft.Resources/subscriptions/resourcegroups/penyebaran/* | |
| Microsoft.Storage/storageAccounts/listKeys/tindakan | Mengembalikan kunci akses untuk akun penyimpanan tertentu. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293",
"name": "92aaf0da-9dab-42b6-94a3-d43ce8d16293",
"permissions": [
{
"actions": [
"*/read",
"Microsoft.ClassicCompute/virtualMachines/extensions/*",
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.Compute/virtualMachines/extensions/*",
"Microsoft.HybridCompute/machines/extensions/write",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.OperationalInsights/*",
"Microsoft.OperationsManagement/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Log Analytics Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Analitik Log
Pembaca Log Analytics dapat melihat dan mencari semua data pemantauan dan juga melihat pengaturan pemantauan, termasuk melihat konfigurasi diagnostik Azure di semua sumber daya Azure.
Nota
Peran ini mencakup */read tindakan untuk sarana kontrol. Pengguna yang diberi peran ini dapat membaca informasi sarana kontrol untuk semua sumber daya Azure.
| Tindakan | Deskripsi |
|---|---|
| */membaca | Membaca informasi sarana kontrol untuk semua sumber daya Azure. |
| Microsoft.OperationalInsights/ruang kerja/analitik/kueri/tindakan | Cari menggunakan mesin baru. |
| Microsoft.OperationalInsights/ruang kerja/pencarian/tindakan | Menjalankan kueri pencarian |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| NotActions | |
| Microsoft.OperationalInsights/ruang kerja/sharedKeys/baca | Mengambil kunci bersama untuk ruang kerja. Kunci ini digunakan untuk menghubungkan agen Microsoft Operational Insights ke ruang kerja. |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893",
"name": "73c42c96-874c-492b-b04d-ab87d138a893",
"permissions": [
{
"actions": [
"*/read",
"Microsoft.OperationalInsights/workspaces/analytics/query/action",
"Microsoft.OperationalInsights/workspaces/search/action",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.OperationalInsights/workspaces/sharedKeys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Log Analytics Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Pemantauan
Dapat membaca semua data pemantauan dan memperbarui pengaturan pemantauan. Untuk informasi selengkapnya, lihat Mulai menggunakan peran, izin, dan keamanan dengan Azure Monitor.
Nota
Peran ini mencakup */read tindakan untuk sarana kontrol. Pengguna yang diberi peran ini dapat membaca informasi sarana kontrol untuk semua sumber daya Azure.
| Tindakan | Deskripsi |
|---|---|
| */membaca | Membaca informasi sarana kontrol untuk semua sumber daya Azure. |
| Microsoft.AlertsMeneman/pemberitahuan/* | |
| Microsoft.AlertsMenemanase/alertsSummary/* | |
| Microsoft.AlertsManagement/issues/* | |
| Microsoft.Insights/actiongroups/* | |
| Microsoft.Insights/activityLogAlerts/* | |
| Microsoft.Insights/AlertRules/* | Membuat dan mengelola pemberitahuan metrik klasik |
| Microsoft.Insights/komponen/* | Membuat dan mengelola komponen Insight |
| Microsoft.Insights/createNotifications/* | |
| Microsoft.Insights/dataCollectionEndpoints/* | |
| Microsoft.Insights/dataCollectionRules/* | |
| Microsoft.Insights/dataCollectionRuleAssociations/* | |
| Microsoft.Insights/DiagnosticSettings/* | Membuat, memperbarui, atau membaca pengaturan diagnostik untuk Server Analisis |
| Microsoft.Insights/eventtypes/* | Cantumkan peristiwa Log Aktivitas (peristiwa manajemen) dalam langganan. Izin ini berlaku untuk akses terprogram dan portal ke Log Aktivitas. |
| Microsoft.Insights/LogDefinitions/* | Izin ini diperlukan bagi pengguna yang memerlukan akses ke Log Aktivitas melalui portal. Mencantumkan kategori log di Log Aktivitas. |
| Microsoft.Insights/metricalerts/* | |
| Microsoft.Insights/MetricDefinitions/* | Membaca definisi metrik (daftar tipe metrik yang tersedia untuk sumber daya). |
| Microsoft.Insights/Metrik/* | Membaca metrik untuk sumber daya. |
| Microsoft.Insights/notificationStatus/* | |
| Microsoft.Insights/Daftar/Tindakan | Mendaftarkan penyedia Wawasan Microsoft |
| Microsoft.Insights/scheduledqueryrules/* | |
| Microsoft.Insights/webtests/* | Membuat dan mengelola uji web Insights |
| Microsoft.Insights/buku kerja/* | |
| Microsoft.Insights/templatbukukerja/* | |
| Microsoft.Insights/privateLinkScopes/* | |
| Microsoft.Insights/privateLinkScopeOperationStatuses/* | |
| Microsoft.Monitor/accounts/* | |
| Microsoft.OperationalInsights/ruang kerja/tulis | Membuat ruang kerja baru atau menautkan ke ruang kerja yang ada dengan memberikan ID pelanggan dari ruang kerja yang ada. |
| Microsoft.OperationalInsights/ruang kerja/intelligencepacks/* | Baca/tulis/hapus paket solusi analitik log. |
| Microsoft.OperationalInsights/ruang kerja/savedSearches/* | Baca/tulis/hapus pencarian yang disimpan analitik log. |
| Microsoft.OperationalInsights/ruang kerja/pencarian/tindakan | Menjalankan kueri pencarian |
| Microsoft.OperationalInsights/ruang kerja/sharedKeys/tindakan | Mengambil kunci bersama untuk ruang kerja. Kunci ini digunakan untuk menghubungkan agen Microsoft Operational Insights ke ruang kerja. |
| Microsoft.OperationalInsights/ruang kerja/sharedKeys/baca | Mengambil kunci bersama untuk ruang kerja. Kunci ini digunakan untuk menghubungkan agen Microsoft Operational Insights ke ruang kerja. |
| Microsoft.OperationalInsights/ruang kerja/storageinsightconfigs/* | Baca/tulis/hapus konfigurasi wawasan penyimpanan analitik log. |
| Microsoft.OperationalInsights/locations/workspaces/failover/action | Memulai failover ruang kerja ke lokasi replikasi. |
| Microsoft.OperationalInsights/workspaces/failback/action | Memulai failback ruang kerja. |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.AlertsMenemanagement/smartDetectorAlertRules/* | |
| Microsoft.AlertsMeneman/actionRules/* | |
| Microsoft.AlertsManagement/smartGroups/* | |
| Microsoft.AlertsManagement/migrateFromSmartDetection/* | |
| Microsoft.AlertsManagement/investigations/* | |
| Microsoft.AlertsManagement/prometheusRuleGroups/* | |
| Microsoft.Monitor/penyelidikan/* | |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can read all monitoring data and update monitoring settings.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa",
"name": "749f88d5-cbae-40b8-bcfc-e573ddc772fa",
"permissions": [
{
"actions": [
"*/read",
"Microsoft.AlertsManagement/alerts/*",
"Microsoft.AlertsManagement/alertsSummary/*",
"Microsoft.AlertsManagement/issues/*",
"Microsoft.Insights/actiongroups/*",
"Microsoft.Insights/activityLogAlerts/*",
"Microsoft.Insights/AlertRules/*",
"Microsoft.Insights/components/*",
"Microsoft.Insights/createNotifications/*",
"Microsoft.Insights/dataCollectionEndpoints/*",
"Microsoft.Insights/dataCollectionRules/*",
"Microsoft.Insights/dataCollectionRuleAssociations/*",
"Microsoft.Insights/DiagnosticSettings/*",
"Microsoft.Insights/eventtypes/*",
"Microsoft.Insights/LogDefinitions/*",
"Microsoft.Insights/metricalerts/*",
"Microsoft.Insights/MetricDefinitions/*",
"Microsoft.Insights/Metrics/*",
"Microsoft.Insights/notificationStatus/*",
"Microsoft.Insights/Register/Action",
"Microsoft.Insights/scheduledqueryrules/*",
"Microsoft.Insights/webtests/*",
"Microsoft.Insights/workbooks/*",
"Microsoft.Insights/workbooktemplates/*",
"Microsoft.Insights/privateLinkScopes/*",
"Microsoft.Insights/privateLinkScopeOperationStatuses/*",
"Microsoft.Monitor/accounts/*",
"Microsoft.OperationalInsights/workspaces/write",
"Microsoft.OperationalInsights/workspaces/intelligencepacks/*",
"Microsoft.OperationalInsights/workspaces/savedSearches/*",
"Microsoft.OperationalInsights/workspaces/search/action",
"Microsoft.OperationalInsights/workspaces/sharedKeys/action",
"Microsoft.OperationalInsights/workspaces/sharedKeys/read",
"Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*",
"Microsoft.OperationalInsights/locations/workspaces/failover/action",
"Microsoft.OperationalInsights/workspaces/failback/action",
"Microsoft.Support/*",
"Microsoft.AlertsManagement/smartDetectorAlertRules/*",
"Microsoft.AlertsManagement/actionRules/*",
"Microsoft.AlertsManagement/smartGroups/*",
"Microsoft.AlertsManagement/migrateFromSmartDetection/*",
"Microsoft.AlertsManagement/investigations/*",
"Microsoft.AlertsManagement/prometheusRuleGroups/*",
"Microsoft.Monitor/investigations/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Monitoring Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Memantau peran Penerbit Metrik
Mengaktifkan penerbitan metrik terhadap sumber daya Azure
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Insights/Daftar/Tindakan | Mendaftarkan penyedia Wawasan Microsoft |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| Microsoft.Resources/langganan/resourceGroups/baca | Mendapatkan atau mencantumkan grup sumber daya. |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Microsoft.Insights/Metrik/Tulis | Menulis metrik |
| Microsoft.Insights/Telemetri/Tulis | Tulis telemetri |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Enables publishing metrics against Azure resources",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3913510d-42f4-4e42-8a64-420c390055eb",
"name": "3913510d-42f4-4e42-8a64-420c390055eb",
"permissions": [
{
"actions": [
"Microsoft.Insights/Register/Action",
"Microsoft.Support/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.Insights/Metrics/Write",
"Microsoft.Insights/Telemetry/Write"
],
"notDataActions": []
}
],
"roleName": "Monitoring Metrics Publisher",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Pemantauan
Dapat membaca semua data pemantauan (metrik, log, dll.). Untuk informasi selengkapnya, lihat Mulai menggunakan peran, izin, dan keamanan dengan Azure Monitor.
Nota
Peran ini mencakup */read tindakan untuk sarana kontrol. Pengguna yang diberi peran ini dapat membaca informasi sarana kontrol untuk semua sumber daya Azure.
| Tindakan | Deskripsi |
|---|---|
| */membaca | Membaca informasi sarana kontrol untuk semua sumber daya Azure. |
| Microsoft.OperationalInsights/ruang kerja/pencarian/tindakan | Menjalankan kueri pencarian |
| Microsoft.Support/* | Membuat dan memperbarui tiket dukungan |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can read all monitoring data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/43d0d8ad-25c7-4714-9337-8ba259a9fe05",
"name": "43d0d8ad-25c7-4714-9337-8ba259a9fe05",
"permissions": [
{
"actions": [
"*/read",
"Microsoft.OperationalInsights/workspaces/search/action",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Monitoring Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kontributor Buku Kerja
Dapat menyimpan buku kerja bersama.
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Insights/buku kerja/tulis | Buat atau perbarui buku kerja |
| Microsoft.Insights/buku kerja/hapus | Menghapus buku kerja |
| Microsoft.Insights/buku kerja/baca | Membaca buku kerja |
| Microsoft.Insights/workbooks/revisis/read | Mendapatkan revisi buku kerja |
| Microsoft.Insights/workbooktemplates/write | Membuat atau memperbarui templat buku kerja |
| Microsoft.Insights/workbooktemplates/delete | Menghapus templat buku kerja |
| Microsoft.Insights/workbooktemplates/read | Membaca templat buku kerja |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can save shared workbooks.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e8ddcd69-c73f-4f9f-9844-4100522f16ad",
"name": "e8ddcd69-c73f-4f9f-9844-4100522f16ad",
"permissions": [
{
"actions": [
"Microsoft.Insights/workbooks/write",
"Microsoft.Insights/workbooks/delete",
"Microsoft.Insights/workbooks/read",
"Microsoft.Insights/workbooks/revisions/read",
"Microsoft.Insights/workbooktemplates/write",
"Microsoft.Insights/workbooktemplates/delete",
"Microsoft.Insights/workbooktemplates/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Workbook Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Pembaca Buku Kerja
Dapat membaca buku kerja.
| Tindakan | Deskripsi |
|---|---|
| Microsoft.Insights/buku kerja/baca | Membaca buku kerja |
| microsoft.insights/workbooks/revisis/read | Mendapatkan revisi buku kerja |
| microsoft.insights/workbooktemplates/read | Membaca templat buku kerja |
| NotActions | |
| Tidak ada | |
| DataActions | |
| Tidak ada | |
| NotDataActions | |
| Tidak ada |
{
"assignableScopes": [
"/"
],
"description": "Can read workbooks.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b279062a-9be3-42a0-92ae-8b3cf002ec4d",
"name": "b279062a-9be3-42a0-92ae-8b3cf002ec4d",
"permissions": [
{
"actions": [
"microsoft.insights/workbooks/read",
"microsoft.insights/workbooks/revisions/read",
"microsoft.insights/workbooktemplates/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Workbook Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}