Ingebouwde Azure-rollen voor integratie
Dit artikel bevat de ingebouwde Azure-rollen in de categorie Integratie.
Inhoudseditor voor API Management-ontwikkelaarsportal
Kan de ontwikkelaarsportal aanpassen, de inhoud ervan bewerken en publiceren.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/portalRevisions/read | Geeft een verzameling revisieentiteiten van de ontwikkelaarsportal weer. of haalt de revisie van de ontwikkelaarsportal op die is opgegeven met de id. |
| Microsoft.ApiManagement/service/portalRevisions/write | Hiermee maakt u een nieuwe revisie van de ontwikkelaarsportal. of werkt de beschrijving van de opgegeven portalrevisie bij of maakt deze actueel. |
| Microsoft.ApiManagement/service/contentTypes/read | Retourneert een lijst met inhoudstypen of retourneert inhoudstype |
| Microsoft.ApiManagement/service/contentTypes/delete | Hiermee verwijdert u het inhoudstype. |
| Microsoft.ApiManagement/service/contentTypes/write | Nieuw inhoudstype maken |
| Microsoft.ApiManagement/service/contentTypes/contentItems/read | Retourneert een lijst met inhoudsitems of retourneert details van inhoudsitems |
| Microsoft.ApiManagement/service/contentTypes/contentItems/write | Nieuw inhoudsitem maken of opgegeven inhoudsitem bijwerken |
| Microsoft.ApiManagement/service/contentTypes/contentItems/delete | Hiermee verwijdert u het opgegeven inhoudsitem. |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Can customize the developer portal, edit its content, and publish it.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c031e6a8-4391-4de0-8d69-4706a7ed3729",
"name": "c031e6a8-4391-4de0-8d69-4706a7ed3729",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/portalRevisions/read",
"Microsoft.ApiManagement/service/portalRevisions/write",
"Microsoft.ApiManagement/service/contentTypes/read",
"Microsoft.ApiManagement/service/contentTypes/delete",
"Microsoft.ApiManagement/service/contentTypes/write",
"Microsoft.ApiManagement/service/contentTypes/contentItems/read",
"Microsoft.ApiManagement/service/contentTypes/contentItems/write",
"Microsoft.ApiManagement/service/contentTypes/contentItems/delete"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Developer Portal Content Editor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor API Management-services
Kan de service en de API's beheren
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/* | API Management-service maken en beheren |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Can manage service and the APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c",
"name": "312a565d-c81f-4fd8-895a-4e21e48d571c",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operatorrol voor API Management-service
Kan de service beheren, maar niet de API's
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/*/read | API Management Service-exemplaren lezen |
| Microsoft.ApiManagement/service/backup/action | Back-up van API Management-service naar de opgegeven container in een door de gebruiker opgegeven opslagaccount |
| Microsoft.ApiManagement/service/delete | API Management Service-exemplaar verwijderen |
| Microsoft.ApiManagement/service/managedeployments/action | SKU/eenheden wijzigen, regionale implementaties van API Management Service toevoegen/verwijderen |
| Microsoft.ApiManagement/service/read | Metagegevens lezen voor een API Management Service-exemplaar |
| Microsoft.ApiManagement/service/restore/action | API Management Service herstellen vanuit de opgegeven container in een door de gebruiker opgegeven opslagaccount |
| Microsoft.ApiManagement/service/updatecertificate/action | TLS/SSL-certificaat uploaden voor een API Management-service |
| Microsoft.ApiManagement/service/updatehostname/action | Aangepaste domeinnamen instellen, bijwerken of verwijderen voor een API Management-service |
| Microsoft.ApiManagement/service/write | API Management Service-exemplaar maken of bijwerken |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| Microsoft.ApiManagement/service/users/keys/read | Sleutels ophalen die zijn gekoppeld aan de gebruiker |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Can manage service but not the APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61",
"name": "e022efe7-f5ba-4159-bbe4-b44f577e9b61",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*/read",
"Microsoft.ApiManagement/service/backup/action",
"Microsoft.ApiManagement/service/delete",
"Microsoft.ApiManagement/service/managedeployments/action",
"Microsoft.ApiManagement/service/read",
"Microsoft.ApiManagement/service/restore/action",
"Microsoft.ApiManagement/service/updatecertificate/action",
"Microsoft.ApiManagement/service/updatehostname/action",
"Microsoft.ApiManagement/service/write",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.ApiManagement/service/users/keys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Operator Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lezerrol voor API Management-service
Alleen-lezentoegang tot service en API's
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/*/read | API Management Service-exemplaren lezen |
| Microsoft.ApiManagement/service/read | Metagegevens lezen voor een API Management Service-exemplaar |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| Microsoft.ApiManagement/service/users/keys/read | Sleutels ophalen die zijn gekoppeld aan de gebruiker |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Read-only access to service and APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d",
"name": "71522526-b88f-4d52-b57f-d31fc3546d0d",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*/read",
"Microsoft.ApiManagement/service/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.ApiManagement/service/users/keys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Reader Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API-ontwikkelaar voor API Management-servicewerkruimte
Heeft leestoegang tot tags en producten en schrijftoegang om toe te staan: API's toewijzen aan producten, tags toewijzen aan producten en API's. Deze rol moet worden toegewezen aan het servicebereik.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/tags/read | Een lijst met een verzameling tags die zijn gedefinieerd in een service-exemplaar. of haalt de details op van de tag die is opgegeven door de id. |
| Microsoft.ApiManagement/service/tags/apiLinks/* | |
| Microsoft.ApiManagement/service/tags/operationLinks/* | |
| Microsoft.ApiManagement/service/tags/productLinks/* | |
| Microsoft.ApiManagement/service/products/read | Geeft een verzameling producten weer in het opgegeven service-exemplaar. of haalt de details op van het product dat is opgegeven door de id. |
| Microsoft.ApiManagement/service/products/apiLinks/* | |
| Microsoft.ApiManagement/service/read | Metagegevens lezen voor een API Management Service-exemplaar |
| Microsoft.ApiManagement/service/authorizationServers/read | Geeft een verzameling autorisatieservers weer die zijn gedefinieerd in een service-exemplaar. of haalt de details van de autorisatieserver zonder geheimen op. |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3",
"name": "9565a273-41b9-4368-97d2-aeb0c976a9b3",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/tags/read",
"Microsoft.ApiManagement/service/tags/apiLinks/*",
"Microsoft.ApiManagement/service/tags/operationLinks/*",
"Microsoft.ApiManagement/service/tags/productLinks/*",
"Microsoft.ApiManagement/service/products/read",
"Microsoft.ApiManagement/service/products/apiLinks/*",
"Microsoft.ApiManagement/service/read",
"Microsoft.ApiManagement/service/authorizationServers/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Workspace API Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API-productbeheer voor API Management-servicewerkruimten
Heeft dezelfde toegang als API Management Service Workspace API Developer en leestoegang tot gebruikers en schrijftoegang om gebruikers toe te staan aan groepen toe te wijzen. Deze rol moet worden toegewezen aan het servicebereik.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/users/read | Een lijst met geregistreerde gebruikers in het opgegeven service-exemplaar. of haalt de details op van de gebruiker die is opgegeven door de id. |
| Microsoft.ApiManagement/service/tags/read | Een lijst met een verzameling tags die zijn gedefinieerd in een service-exemplaar. of haalt de details op van de tag die is opgegeven door de id. |
| Microsoft.ApiManagement/service/tags/apiLinks/* | |
| Microsoft.ApiManagement/service/tags/operationLinks/* | |
| Microsoft.ApiManagement/service/tags/productLinks/* | |
| Microsoft.ApiManagement/service/products/read | Geeft een verzameling producten weer in het opgegeven service-exemplaar. of haalt de details op van het product dat is opgegeven door de id. |
| Microsoft.ApiManagement/service/products/apiLinks/* | |
| Microsoft.ApiManagement/service/groups/read | Een lijst met een verzameling groepen die zijn gedefinieerd in een service-exemplaar. of haalt de details op van de groep die is opgegeven met de id. |
| Microsoft.ApiManagement/service/groups/users/* | |
| Microsoft.ApiManagement/service/read | Metagegevens lezen voor een API Management Service-exemplaar |
| Microsoft.ApiManagement/service/authorizationServers/read | Geeft een verzameling autorisatieservers weer die zijn gedefinieerd in een service-exemplaar. of haalt de details van de autorisatieserver zonder geheimen op. |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da",
"name": "d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/users/read",
"Microsoft.ApiManagement/service/tags/read",
"Microsoft.ApiManagement/service/tags/apiLinks/*",
"Microsoft.ApiManagement/service/tags/operationLinks/*",
"Microsoft.ApiManagement/service/tags/productLinks/*",
"Microsoft.ApiManagement/service/products/read",
"Microsoft.ApiManagement/service/products/apiLinks/*",
"Microsoft.ApiManagement/service/groups/read",
"Microsoft.ApiManagement/service/groups/users/*",
"Microsoft.ApiManagement/service/read",
"Microsoft.ApiManagement/service/authorizationServers/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Workspace API Product Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API-ontwikkelaar voor API Management-werkruimte
Heeft leestoegang tot entiteiten in de werkruimte en lees- en schrijftoegang tot entiteiten voor het bewerken van API's. Deze rol moet worden toegewezen aan het werkruimtebereik.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/workspaces/*/read | |
| Microsoft.ApiManagement/service/workspaces/apis/* | |
| Microsoft.ApiManagement/service/workspaces/apiVersionSets/* | |
| Microsoft.ApiManagement/service/workspaces/policies/* | |
| Microsoft.ApiManagement/service/workspaces/schema's/* | |
| Microsoft.ApiManagement/service/workspaces/products/* | |
| Microsoft.ApiManagement/service/workspaces/policyFragments/* | |
| Microsoft.ApiManagement/service/workspaces/namedValues/* | |
| Microsoft.ApiManagement/service/workspaces/tags/* | |
| Microsoft.ApiManagement/service/workspaces/backends/* | |
| Microsoft.ApiManagement/service/workspaces/certificates/* | |
| Microsoft.ApiManagement/service/workspaces/diagnostics/* | |
| Microsoft.ApiManagement/service/workspaces/loggers/* | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6",
"name": "56328988-075d-4c6a-8766-d93edd6725b6",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.ApiManagement/service/workspaces/apis/*",
"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*",
"Microsoft.ApiManagement/service/workspaces/policies/*",
"Microsoft.ApiManagement/service/workspaces/schemas/*",
"Microsoft.ApiManagement/service/workspaces/products/*",
"Microsoft.ApiManagement/service/workspaces/policyFragments/*",
"Microsoft.ApiManagement/service/workspaces/namedValues/*",
"Microsoft.ApiManagement/service/workspaces/tags/*",
"Microsoft.ApiManagement/service/workspaces/backends/*",
"Microsoft.ApiManagement/service/workspaces/certificates/*",
"Microsoft.ApiManagement/service/workspaces/diagnostics/*",
"Microsoft.ApiManagement/service/workspaces/loggers/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace API Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Workspace API Product Manager
Heeft leestoegang tot entiteiten in de werkruimte en lees- en schrijftoegang tot entiteiten voor het publiceren van API's. Deze rol moet worden toegewezen aan het werkruimtebereik.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/workspaces/*/read | |
| Microsoft.ApiManagement/service/workspaces/products/* | |
| Microsoft.ApiManagement/service/workspaces/subscriptions/* | |
| Microsoft.ApiManagement/service/workspaces/groups/* | |
| Microsoft.ApiManagement/service/workspaces/tags/* | |
| Microsoft.ApiManagement/service/workspaces/notifications/* | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f",
"name": "73c2c328-d004-4c5e-938c-35c6f5679a1f",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.ApiManagement/service/workspaces/products/*",
"Microsoft.ApiManagement/service/workspaces/subscriptions/*",
"Microsoft.ApiManagement/service/workspaces/groups/*",
"Microsoft.ApiManagement/service/workspaces/tags/*",
"Microsoft.ApiManagement/service/workspaces/notifications/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace API Product Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor API Management-werkruimte
Kan de werkruimte beheren en bekijken, maar de leden ervan niet wijzigen. Deze rol moet worden toegewezen aan het werkruimtebereik.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/workspaces/* | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799",
"name": "0c34c906-8d99-4cb7-8bb7-33f5b0a1a799",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Api Management-werkruimtelezer
Heeft alleen-lezentoegang tot entiteiten in de werkruimte. Deze rol moet worden toegewezen aan het werkruimtebereik.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiManagement/service/workspaces/*/read | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2",
"name": "ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor app-configuratie
Verleent machtigingen voor alle beheerbewerkingen, met uitzondering van opschonen, voor App Configuration-resources.
| Acties | Beschrijving |
|---|---|
| Microsoft.AppConfiguration/* | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action | Verwijder het opgegeven verwijderde configuratiearchief. |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Grants permission for all management operations, except purge, for App Configuration resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/fe86443c-f201-4fc4-9d2a-ac61149fbda0",
"name": "fe86443c-f201-4fc4-9d2a-ac61149fbda0",
"permissions": [
{
"actions": [
"Microsoft.AppConfiguration/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [
"Microsoft.AppConfiguration/locations/deletedConfigurationStores/purge/action"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "App Configuration Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Eigenaar van app-configuratiegegevens
Hiermee heeft u volledige toegang tot App Configuration-gegevens.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.AppConfiguration/configurationStores/*/read | |
| Microsoft.AppConfiguration/configurationStores/*/write | |
| Microsoft.AppConfiguration/configurationStores/*/delete | |
| Microsoft.AppConfiguration/configurationStores/*/action | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows full access to App Configuration data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
"name": "5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppConfiguration/configurationStores/*/read",
"Microsoft.AppConfiguration/configurationStores/*/write",
"Microsoft.AppConfiguration/configurationStores/*/delete",
"Microsoft.AppConfiguration/configurationStores/*/action"
],
"notDataActions": []
}
],
"roleName": "App Configuration Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lezer van app-configuratiegegevens
Hiermee staat u leestoegang tot App Configuration-gegevens toe.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.AppConfiguration/configurationStores/*/read | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows read access to App Configuration data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071",
"name": "516239f1-63e1-4d78-a4de-a74fb236a071",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppConfiguration/configurationStores/*/read"
],
"notDataActions": []
}
],
"roleName": "App Configuration Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
App Configuration Reader
Verleent machtigingen voor leesbewerkingen voor App Configuration-resources.
| Acties | Beschrijving |
|---|---|
| Microsoft.AppConfiguration/*/read | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/read | Een klassieke metrische waarschuwing lezen |
| Microsoft.Resources/deployments/read | Hiermee haalt u implementaties op of vermeldt u deze. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Grants permission for read operations for App Configuration resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/175b81b9-6e0d-490a-85e4-0d422273c10c",
"name": "175b81b9-6e0d-490a-85e4-0d422273c10c",
"permissions": [
{
"actions": [
"Microsoft.AppConfiguration/*/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/read",
"Microsoft.Resources/deployments/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "App Configuration Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Nalevingsbeheer voor Azure API Center
Hiermee kunt u API-naleving beheren in de Azure API Center-service.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiCenter/services/*/read | |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action | Hiermee worden analyseresultaten bijgewerkt voor de opgegeven API-definitie. |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action | Hiermee exporteert u het API-definitiebestand. |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows managing API compliance in Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d",
"name": "ede9aaa3-4627-494e-be13-4aa7c256148d",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*/read",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Compliance Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure API Center-gegevenslezer
Hiermee hebt u toegang tot leesbewerkingen voor het gegevensvlak van Azure API Center.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.ApiCenter/services/*/read | |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action | Hiermee exporteert u het API-definitiebestand. |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows for access to Azure API Center data plane read operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706",
"name": "c7244dfb-f447-457d-b2ba-3999044d1706",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.ApiCenter/services/*/read",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action"
],
"notDataActions": []
}
],
"roleName": "Azure API Center Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor Azure API Center-service
Hiermee staat u het beheer van de Azure API Center-service toe.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiCenter/services/* | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action | Hiermee worden analyseresultaten bijgewerkt voor de opgegeven API-definitie. |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows managing Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713",
"name": "dd24193f-ef65-44e5-8a7e-6fa6e03f7713",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure API Center-servicelezer
Hiermee staat u alleen-lezentoegang toe tot de Azure API Center-service.
| Acties | Beschrijving |
|---|---|
| Microsoft.ApiCenter/services/*/read | |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action | Hiermee exporteert u het API-definitiebestand. |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows read-only access to Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04",
"name": "6cba8790-29c5-48e5-bab1-c7541b01cb04",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*/read",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Service Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Relay-listener
Hiermee kunt u luisteren naar Azure Relay-resources.
| Acties | Beschrijving |
|---|---|
| Microsoft.Relay/*/wcfRelays/read | |
| Microsoft.Relay/*/hybridConnections/read | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.Relay/*/listen/action | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows for listen access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d",
"name": "26e0b698-aa6d-4085-9386-aadae190014d",
"permissions": [
{
"actions": [
"Microsoft.Relay/*/wcfRelays/read",
"Microsoft.Relay/*/hybridConnections/read"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*/listen/action"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Listener",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Relay-eigenaar
Biedt volledige toegang tot Azure Relay-resources.
| Acties | Beschrijving |
|---|---|
| Microsoft.Relay/* | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.Relay/* | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38",
"name": "2787bf04-f1f5-4bfe-8383-c8a24483ee38",
"permissions": [
{
"actions": [
"Microsoft.Relay/*"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Afzender van Azure Relay
Hiermee kunt u toegang tot Azure Relay-resources verzenden.
| Acties | Beschrijving |
|---|---|
| Microsoft.Relay/*/wcfRelays/read | |
| Microsoft.Relay/*/hybridConnections/read | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.Relay/*/send/action | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows for send access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d",
"name": "26baccc8-eea7-41f1-98f4-1762cc7f685d",
"permissions": [
{
"actions": [
"Microsoft.Relay/*/wcfRelays/read",
"Microsoft.Relay/*/hybridConnections/read"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*/send/action"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Abonnee van systeemonderwerpen voor Azure Resource Notifications System
Hiermee kunt u systeemonderwerpen en gebeurtenisabonnementen maken op alle systeemonderwerpen die momenteel en in de toekomst worden weergegeven door Azure Resource Notifications
| Acties | Beschrijving |
|---|---|
| Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action | Machtiging voor het maken en maken van gebeurtenisabonnementen in een resourcesysteemonderwerp |
| Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action | Machtiging voor het maken en maken van gebeurtenisabonnementen in een HealthResources-systeemonderwerp |
| Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action | Machtiging voor het maken en maken van gebeurtenisabonnementen in een MaintenanceResources-systeemonderwerp |
| Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action | Machtiging voor het maken en maken van gebeurtenisabonnementen in een ComputeResources-systeemonderwerp |
| Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action | Machtiging voor het maken en maken van gebeurtenisabonnementen in een systeemonderwerp ComputeScheduleResources |
| Microsoft.EventGrid/eventSubscriptions/write | Een eventSubscription maken of bijwerken |
| Microsoft.EventGrid/systemTopics/eventSubscriptions/write | Een SystemTopic eventSubscription maken of bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you create system topics and event subscriptions on all system topics exposed currently and in the future by Azure Resource Notifications",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0b962ed2-6d56-471c-bd5f-3477d83a7ba4",
"name": "0b962ed2-6d56-471c-bd5f-3477d83a7ba4",
"permissions": [
{
"actions": [
"Microsoft.ResourceNotifications/systemTopics/subscribeToResources/action",
"Microsoft.ResourceNotifications/systemTopics/subscribeToHealthResources/action",
"Microsoft.ResourceNotifications/systemTopics/subscribeToMaintenanceResources/action",
"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeResources/action",
"Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action",
"Microsoft.EventGrid/eventSubscriptions/write",
"Microsoft.EventGrid/systemTopics/eventSubscriptions/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Resource Notifications System Topics Subscriber",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Service Bus-gegevenseigenaar
Biedt volledige toegang tot Azure Service Bus-resources.
| Acties | Beschrijving |
|---|---|
| Microsoft.ServiceBus/* | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.ServiceBus/* | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419",
"name": "090c5cfd-751d-490a-894a-3ce6f1109419",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Service Bus-gegevensontvanger
Hiermee kunt u toegang krijgen tot Azure Service Bus-resources.
| Acties | Beschrijving |
|---|---|
| Microsoft.ServiceBus/*/queues/read | |
| Microsoft.ServiceBus/*/topics/read | |
| Microsoft.ServiceBus/*/topics/subscriptions/read | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.ServiceBus/*/receive/action | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows for receive access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
"name": "4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*/queues/read",
"Microsoft.ServiceBus/*/topics/read",
"Microsoft.ServiceBus/*/topics/subscriptions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*/receive/action"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Receiver",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Afzender van Azure Service Bus-gegevens
Hiermee kunt u toegang tot Azure Service Bus-resources verzenden.
| Acties | Beschrijving |
|---|---|
| Microsoft.ServiceBus/*/queues/read | |
| Microsoft.ServiceBus/*/topics/read | |
| Microsoft.ServiceBus/*/topics/subscriptions/read | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.ServiceBus/*/send/action | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows for send access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
"name": "69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*/queues/read",
"Microsoft.ServiceBus/*/topics/read",
"Microsoft.ServiceBus/*/topics/subscriptions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*/send/action"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
BizTalk-inzender
Hiermee kunt u BizTalk-services beheren, maar geen toegang tot deze services.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.BizTalkServices/BizTalk/* | BizTalk-services maken en beheren |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage BizTalk services, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342",
"name": "5e3c6656-6cfa-4708-81fe-0de47ac73342",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.BizTalkServices/BizTalk/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "BizTalk Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kamerbeheerder
Hiermee kunt u alles beheren onder uw Werkbench-kamer voor modellering en simulatie.
| Acties | Beschrijving |
|---|---|
| Microsoft.ModSimWorkbench/*/read | |
| Microsoft.ModSimWorkbench/workbenches/chambers/* | |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| Microsoft.ModSimWorkbench/workbenches/chambers/fileRequests/manage/action | fileRequests beheren |
| Microsoft.ModSimWorkbench/workbenches/chambers/connector/setCopyPaste/action | |
| DataActions | |
| Microsoft.ModSimWorkbench/workbenches/chambers/upload/action | |
| Microsoft.ModSimWorkbench/workbenches/chambers/files/* | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage everything under your Modeling and Simulation Workbench chamber.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4e9b8407-af2e-495b-ae54-bb60a55b1b5a",
"name": "4e9b8407-af2e-495b-ae54-bb60a55b1b5a",
"permissions": [
{
"actions": [
"Microsoft.ModSimWorkbench/*/read",
"Microsoft.ModSimWorkbench/workbenches/chambers/*",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [
"Microsoft.ModSimWorkbench/workbenches/chambers/fileRequests/manage/action",
"Microsoft.ModSimWorkbench/workbenches/chambers/connector/setCopyPaste/action"
],
"dataActions": [
"Microsoft.ModSimWorkbench/workbenches/chambers/upload/action",
"Microsoft.ModSimWorkbench/workbenches/chambers/files/*"
],
"notDataActions": []
}
],
"roleName": "Chamber Admin",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Kamergebruiker
Hiermee kunt u alles onder uw Werkbench-kamer voor modellering en simulatie bekijken, maar geen wijzigingen aanbrengen.
| Acties | Beschrijving |
|---|---|
| Microsoft.ModSimWorkbench/workbenches/chambers/*/read | |
| Microsoft.ModSimWorkbench/workbenches/chambers/workloads/* | |
| Microsoft.ModSimWorkbench/workbenches/chambers/getUploadUri/action | getUploadUri-kamers |
| Microsoft.ModSimWorkbench/workbenches/chambers/fileRequests/getDownloadUri/action | getDownloadUri fileRequests |
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.ModSimWorkbench/workbenches/chambers/upload/action | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you view everything under your Modeling and Simulation Workbench chamber, but not make any changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4447db05-44ed-4da3-ae60-6cbece780e32",
"name": "4447db05-44ed-4da3-ae60-6cbece780e32",
"permissions": [
{
"actions": [
"Microsoft.ModSimWorkbench/workbenches/chambers/*/read",
"Microsoft.ModSimWorkbench/workbenches/chambers/workloads/*",
"Microsoft.ModSimWorkbench/workbenches/chambers/getUploadUri/action",
"Microsoft.ModSimWorkbench/workbenches/chambers/fileRequests/getDownloadUri/action",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.ModSimWorkbench/workbenches/chambers/upload/action"
],
"notDataActions": []
}
],
"roleName": "Chamber User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DeID Batch-gegevenseigenaar
DeID-batchtaken maken en beheren. Deze rol is in preview en kan worden gewijzigd.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthDataAIServices/DeidServices/Batch/write | Batches maken |
| Microsoft.HealthDataAIServices/DeidServices/Batch/delete | Een batch verwijderen |
| Microsoft.HealthDataAIServices/DeidServices/Batch/read | Leest een batch |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Create and manage DeID batch jobs. This role is in preview and subject to change.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8a90fa6b-6997-4a07-8a95-30633a7c97b9",
"name": "8a90fa6b-6997-4a07-8a95-30633a7c97b9",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthDataAIServices/DeidServices/Batch/write",
"Microsoft.HealthDataAIServices/DeidServices/Batch/delete",
"Microsoft.HealthDataAIServices/DeidServices/Batch/read"
],
"notDataActions": []
}
],
"roleName": "DeID Batch Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DeID Batch-gegevenslezer
Lees DeID-batchtaken. Deze rol is in preview en kan worden gewijzigd.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthDataAIServices/DeidServices/Batch/read | Leest een batch |
| NotDataActions | |
| Microsoft.HealthDataAIServices/DeidServices/Batch/write | Batches maken |
| Microsoft.HealthDataAIServices/DeidServices/Batch/delete | Een batch verwijderen |
{
"assignableScopes": [
"/"
],
"description": "Read DeID batch jobs. This role is in preview and subject to change.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b73a14ee-91f5-41b7-bd81-920e12466be9",
"name": "b73a14ee-91f5-41b7-bd81-920e12466be9",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthDataAIServices/DeidServices/Batch/read"
],
"notDataActions": [
"Microsoft.HealthDataAIServices/DeidServices/Batch/write",
"Microsoft.HealthDataAIServices/DeidServices/Batch/delete"
]
}
],
"roleName": "DeID Batch Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DeID-gegevenseigenaar
Volledige toegang tot DeID-gegevens. Deze rol is in preview en kan worden gewijzigd
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthDataAIServices/DeidServices/* | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Full access to DeID data. This role is in preview and subject to change",
"id": "/providers/Microsoft.Authorization/roleDefinitions/78e4b983-1a0b-472e-8b7d-8d770f7c5890",
"name": "78e4b983-1a0b-472e-8b7d-8d770f7c5890",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthDataAIServices/DeidServices/*"
],
"notDataActions": []
}
],
"roleName": "DeID Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DeID Realtime-gegevensgebruiker
Voer aanvragen uit op het realtime-eindpunt van DeID. Deze rol is in preview en kan worden gewijzigd.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthDataAIServices/DeidServices/Realtime/action | Toegang tot het realtime-eindpunt toestaan |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Execute requests against DeID realtime endpoint. This role is in preview and subject to change.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e",
"name": "bb6577c4-ea0a-40b2-8962-ea18cb8ecd4e",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthDataAIServices/DeidServices/Realtime/action"
],
"notDataActions": []
}
],
"roleName": "DeID Realtime Data User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DICOM-gegevenseigenaar
Volledige toegang tot DICOM-gegevens.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/workspaces/dicomservices/resources/* | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Full access to DICOM data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/58a3b984-7adf-4c20-983a-32417c86fbc8",
"name": "58a3b984-7adf-4c20-983a-32417c86fbc8",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/workspaces/dicomservices/resources/*"
],
"notDataActions": []
}
],
"roleName": "DICOM Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DICOM-gegevenslezer
DICOM-gegevens lezen en doorzoeken.
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/workspaces/dicomservices/resources/read | DICOM-resources lezen (inclusief zoeken en wijzigingenfeed). |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Read and search DICOM data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a",
"name": "e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/workspaces/dicomservices/resources/read"
],
"notDataActions": []
}
],
"roleName": "DICOM Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid-inzender
Hiermee kunt u EventGrid-bewerkingen beheren.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.EventGrid/* | Event Grid-resources maken en beheren |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage EventGrid operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de",
"name": "1e241071-0855-49ea-94dc-649edcd759de",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid-gegevenszender
Hiermee kunt u toegang tot Event Grid-gebeurtenissen verzenden.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.EventGrid/topics/read | Een onderwerp lezen |
| Microsoft.EventGrid/domains/read | Een domein lezen |
| Microsoft.EventGrid/partnerNamespaces/read | Een partnernaamruimte lezen |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.EventGrid/naamruimten/lezen | Een naamruimte lezen |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.EventGrid/events/send/action | Gebeurtenissen verzenden naar onderwerpen |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows send access to event grid events.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7",
"name": "d5a91429-5739-47e2-a06b-3470a27159e7",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/topics/read",
"Microsoft.EventGrid/domains/read",
"Microsoft.EventGrid/partnerNamespaces/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.EventGrid/namespaces/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventGrid/events/send/action"
],
"notDataActions": []
}
],
"roleName": "EventGrid Data Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid EventSubscription-inzender
Hiermee kunt u gebeurtenisabonnementbewerkingen voor EventGrid beheren.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.EventGrid/eventSubscriptions/* | Regionale gebeurtenisabonnementen maken en beheren |
| Microsoft.EventGrid/topicTypes/eventSubscriptions/read | Algemene gebeurtenisabonnementen weergeven op onderwerptype |
| Microsoft.EventGrid/locations/eventSubscriptions/read | Regionale gebeurtenisabonnementen vermelden |
| Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read | Regionale gebeurtenisabonnementen per onderwerptype weergeven |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage EventGrid event subscription operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
"name": "428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/eventSubscriptions/*",
"Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
"Microsoft.EventGrid/locations/eventSubscriptions/read",
"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid EventSubscription Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid EventSubscription Reader
Hiermee kunt u EventGrid-gebeurtenisabonnementen lezen.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.EventGrid/eventSubscriptions/read | Een eventSubscription lezen |
| Microsoft.EventGrid/topicTypes/eventSubscriptions/read | Algemene gebeurtenisabonnementen weergeven op onderwerptype |
| Microsoft.EventGrid/locations/eventSubscriptions/read | Regionale gebeurtenisabonnementen vermelden |
| Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read | Regionale gebeurtenisabonnementen per onderwerptype weergeven |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you read EventGrid event subscriptions.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405",
"name": "2414bbcf-6497-4faf-8c65-045460748405",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/eventSubscriptions/read",
"Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
"Microsoft.EventGrid/locations/eventSubscriptions/read",
"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid EventSubscription Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid TopicSpaces Publisher
Hiermee kunt u berichten publiceren op onderwerpruimten.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.EventGrid/*/read | |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.EventGrid/topicSpaces/publish/action | Publiceren naar een onderwerpruimte |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you publish messages on topicspaces.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a12b0b94-b317-4dcd-84a8-502ce99884c6",
"name": "a12b0b94-b317-4dcd-84a8-502ce99884c6",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventGrid/topicSpaces/publish/action"
],
"notDataActions": []
}
],
"roleName": "EventGrid TopicSpaces Publisher",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid TopicSpaces-abonnee
Hiermee kunt u berichten abonneren op onderwerpruimten.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.EventGrid/*/read | |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.EventGrid/topicSpaces/subscribe/action | Abonneren op een onderwerpruimte |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you subscribe messages on topicspaces.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4b0f2fd7-60b4-4eca-896f-4435034f8bf5",
"name": "4b0f2fd7-60b4-4eca-896f-4435034f8bf5",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventGrid/topicSpaces/subscribe/action"
],
"notDataActions": []
}
],
"roleName": "EventGrid TopicSpaces Subscriber",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-gegevensbijdrager
Met de rol heeft de gebruiker of principal volledige toegang tot FHIR-gegevens
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/* | |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/* | |
| NotDataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/smart/action | Hiermee heeft de gebruiker toegang tot de FHIR-service volgens de specificatie SMART on FHIR. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action | Hiermee heeft de gebruiker toegang tot de FHIR-service volgens de specificatie SMART on FHIR. |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal full access to FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd",
"name": "5a1fc7df-4bf1-4951-a576-89034ee01acd",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/*",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*"
],
"notDataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/smart/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action"
]
}
],
"roleName": "FHIR Data Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-gegevensconversieprogramma
Met de rol kunnen gebruikers of principal gegevens converteren van verouderde indeling naar FHIR
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/convertData/action | Bewerking voor gegevens converteren ($convert-gegevens) |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action | Bewerking voor gegevens converteren ($convert-gegevens) |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to convert data from legacy format to FHIR",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"name": "a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/convertData/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Converter",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-gegevensexporteur
Met de rol kan de gebruiker of principal FHIR-gegevens lezen en exporteren
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/services/fhir/resources/export/action | Exportbewerking ($export). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action | Exportbewerking ($export). |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and export FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843",
"name": "3db33094-8700-4567-8da5-1501d4e7e843",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/services/fhir/resources/export/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Exporter",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-gegevensimporteur
Met de rol kan de gebruiker of principal FHIR-gegevens lezen en importeren
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action | FHIR-resources importeren in batch. |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and import FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b",
"name": "4465e953-8ced-4406-a58e-0f6e3f3b530b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Importer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-gegevenslezer
Met de rol kan de gebruiker of principal FHIR-gegevens lezen
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508",
"name": "4c8d0bbc-75d3-4935-991f-5f3c56d81508",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-gegevensschrijver
Met de rol kunnen gebruikers of principal FHIR-gegevens lezen en schrijven
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/services/fhir/resources/write | FHIR-resources schrijven (inclusief maken en bijwerken). |
| Microsoft.HealthcareApis/services/fhir/resources/delete | FHIR-resources verwijderen (voorlopig verwijderen). |
| Microsoft.HealthcareApis/services/fhir/resources/export/action | Exportbewerking ($export). |
| Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action | Bewerking valideren ($validate). |
| Microsoft.HealthcareApis/services/fhir/resources/reindex/action | Hiermee kan de gebruiker de reindextaak uitvoeren om zoekparameters te indexeren die nog niet zijn geïndexeerd. |
| Microsoft.HealthcareApis/services/fhir/resources/convertData/action | Bewerking voor gegevens converteren ($convert-gegevens) |
| Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action | Hiermee kan de gebruiker Bewerkingen bijwerken verwijderen op profielresources uitvoeren. |
| Microsoft.HealthcareApis/services/fhir/resources/import/action | FHIR-resources importeren in batch. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/write | FHIR-resources schrijven (inclusief maken en bijwerken). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete | FHIR-resources verwijderen (voorlopig verwijderen). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action | Exportbewerking ($export). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action | Bewerking valideren ($validate). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action | Hiermee kan de gebruiker de reindextaak uitvoeren om zoekparameters te indexeren die nog niet zijn geïndexeerd. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action | Bewerking voor gegevens converteren ($convert-gegevens) |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action | Hiermee kan de gebruiker Bewerkingen bijwerken verwijderen op profielresources uitvoeren. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action | FHIR-resources importeren in batch. |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and write FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913",
"name": "3f88fce4-5892-4214-ae73-ba5294559913",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/services/fhir/resources/write",
"Microsoft.HealthcareApis/services/fhir/resources/delete",
"Microsoft.HealthcareApis/services/fhir/resources/export/action",
"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action",
"Microsoft.HealthcareApis/services/fhir/resources/reindex/action",
"Microsoft.HealthcareApis/services/fhir/resources/convertData/action",
"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action",
"Microsoft.HealthcareApis/services/fhir/resources/import/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Writer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR SMART User
Met de rol kan de gebruiker toegang krijgen tot de FHIR-service op basis van smart on FHIR-specificatie
| Acties | Beschrijving |
|---|---|
| geen | |
| NotActions | |
| geen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | FHIR-resources lezen (inclusief zoeken en versiegeschiedenis). |
| Microsoft.HealthcareApis/services/fhir/resources/smart/action | Hiermee heeft de gebruiker toegang tot de FHIR-service volgens de specificatie SMART on FHIR. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action | Hiermee heeft de gebruiker toegang tot de FHIR-service volgens de specificatie SMART on FHIR. |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user to access FHIR Service according to SMART on FHIR specification",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4ba50f17-9666-485c-a643-ff00808643f0",
"name": "4ba50f17-9666-485c-a643-ff00808643f0",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/services/fhir/resources/smart/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action"
],
"notDataActions": []
}
],
"roleName": "FHIR SMART User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor integratieserviceomgeving
Hiermee kunt u integratieserviceomgevingen beheren, maar geen toegang tot deze omgevingen.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Logic/integrationServiceEnvironments/* | |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage integration service environments, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
"name": "a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Support/*",
"Microsoft.Logic/integrationServiceEnvironments/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Integration Service Environment Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Integration Service Environment Developer
Hiermee kunnen ontwikkelaars werkstromen, integratieaccounts en API-verbindingen maken en bijwerken in integratieserviceomgevingen.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Logic/integrationServiceEnvironments/read | Leest de integratieserviceomgeving. |
| Microsoft.Logic/integrationServiceEnvironments/*/join/action | |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Allows developers to create and update workflows, integration accounts and API connections in integration service environments.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
"name": "c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Support/*",
"Microsoft.Logic/integrationServiceEnvironments/read",
"Microsoft.Logic/integrationServiceEnvironments/*/join/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Integration Service Environment Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor Intelligent Systems-accounts
Hiermee kunt u Intelligent Systems-accounts beheren, maar geen toegang tot deze accounts.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.IntelligentSystems/accounts/* | Intelligente systemenaccounts maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Intelligent Systems accounts, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e",
"name": "03a6d094-3444-4b3d-88af-7477090a9e5e",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.IntelligentSystems/accounts/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Intelligent Systems Account Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor logische apps
Hiermee kunt u logische apps beheren, maar geen toegang tot deze apps wijzigen.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.ClassicStorage/storageAccounts/listKeys/action | Hiermee worden de toegangssleutels voor de opslagaccounts weergegeven. |
| Microsoft.ClassicStorage/storageAccounts/read | Retourneer het opslagaccount met het opgegeven account. |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Insights/metricAlerts/* | |
| Microsoft.Insights/diagnosticSettings/* | Hiermee wordt de diagnostische instelling voor Analysis Server gemaakt, bijgewerkt of gelezen |
| Microsoft.Insights/logdefinitions/* | Deze machtiging is nodig voor gebruikers die toegang nodig hebben tot activiteitenlogboeken via de portal. Logboekcategorieën weergeven in activiteitenlogboek. |
| Microsoft.Insights/metricDefinitions/* | Metrische definities lezen (lijst met beschikbare metrische typen voor een resource). |
| Microsoft.Logic/* | Beheert Logic Apps-resources. |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/operationresults/read | Haal de resultaten van de abonnementsbewerking op. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Storage/storageAccounts/listkeys/action | Retourneert de toegangssleutels voor het opgegeven opslagaccount. |
| Microsoft.Storage/storageAccounts/read | Retourneert de lijst met opslagaccounts of haalt de eigenschappen voor het opgegeven opslagaccount op. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Web/connectionGateways/* | Een verbindingsgateway maken en beheren. |
| Microsoft.Web/connections/* | Een verbinding maken en beheren. |
| Microsoft.Web/customApis/* | Hiermee maakt en beheert u een aangepaste API. |
| Microsoft.Web/serverFarms/join/action | Hiermee wordt een App Service-plan samengevoegd |
| Microsoft.Web/serverFarms/read | De eigenschappen van een App Service-plan ophalen |
| Microsoft.Web/sites/functions/listSecrets/action | Functiegeheimen weergeven. |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage logic app, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e",
"name": "87a39d53-fc1b-424a-814c-f7e04687dc9e",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.ClassicStorage/storageAccounts/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metricAlerts/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.Insights/logdefinitions/*",
"Microsoft.Insights/metricDefinitions/*",
"Microsoft.Logic/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Storage/storageAccounts/listkeys/action",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Support/*",
"Microsoft.Web/connectionGateways/*",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/serverFarms/join/action",
"Microsoft.Web/serverFarms/read",
"Microsoft.Web/sites/functions/listSecrets/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic App Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logische app-operator
Hiermee kunt u logische apps lezen, inschakelen en uitschakelen, maar deze niet bewerken of bijwerken.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/*/read | Waarschuwingsregels voor Inzichten lezen |
| Microsoft.Insights/metricAlerts/*/read | |
| Microsoft.Insights/diagnosticSettings/*/read | Hiermee worden diagnostische instellingen voor Logic Apps ophaalt |
| Microsoft.Insights/metricDefinitions/*/read | Hiermee haalt u de beschikbare metrische gegevens voor Logic Apps op. |
| Microsoft.Logic/*/read | Leest Logic Apps-resources. |
| Microsoft.Logic/workflows/disable/action | Hiermee schakelt u de werkstroom uit. |
| Microsoft.Logic/workflows/enable/action | Hiermee schakelt u de werkstroom in. |
| Microsoft.Logic/workflows/validate/action | Valideert de werkstroom. |
| Microsoft.Resources/deployments/operations/read | Hiermee haalt u implementatiebewerkingen op of vermeldt u deze. |
| Microsoft.Resources/subscriptions/operationresults/read | Haal de resultaten van de abonnementsbewerking op. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Web/connectionGateways/*/read | Verbindingsgateways lezen. |
| Microsoft.Web/connections/*/read | Lees verbindingen. |
| Microsoft.Web/customApis/*/read | Aangepaste API lezen. |
| Microsoft.Web/serverFarms/read | De eigenschappen van een App Service-plan ophalen |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you read, enable and disable logic app.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe",
"name": "515c2055-d9d4-4321-b1b9-bd0c9a0f79fe",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*/read",
"Microsoft.Insights/metricAlerts/*/read",
"Microsoft.Insights/diagnosticSettings/*/read",
"Microsoft.Insights/metricDefinitions/*/read",
"Microsoft.Logic/*/read",
"Microsoft.Logic/workflows/disable/action",
"Microsoft.Logic/workflows/enable/action",
"Microsoft.Logic/workflows/validate/action",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/connectionGateways/*/read",
"Microsoft.Web/connections/*/read",
"Microsoft.Web/customApis/*/read",
"Microsoft.Web/serverFarms/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic App Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard-inzender (preview)
U kunt alle aspecten van een standaard logische app en werkstromen beheren. U kunt de toegang of het eigendom niet wijzigen.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/operations/read | Hiermee haalt u implementatiebewerkingen op of vermeldt u deze. |
| Microsoft.Resources/subscriptions/operationresults/read | Haal de resultaten van de abonnementsbewerking op. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Web/*/read | |
| Microsoft.Web/certificates/* | Een certificaat maken en beheren. |
| Microsoft.Web/connectionGateways/* | Een verbindingsgateway maken en beheren. |
| Microsoft.Web/connections/* | Een verbinding maken en beheren. |
| Microsoft.Web/customApis/* | Hiermee maakt en beheert u een aangepaste API. |
| Microsoft.Web/serverFarms/* | Een App Service-plan maken en beheren. |
| Microsoft.Web/sites/* | Een web-app maken en beheren. |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570",
"name": "ad710c24-b039-4e85-a019-deb4a06e8570",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/certificates/*",
"Microsoft.Web/connectionGateways/*",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/serverFarms/*",
"Microsoft.Web/sites/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Contributor (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard Developer (preview)
U kunt werkstromen, verbindingen en instellingen voor een standaard logische app maken en bewerken. U kunt geen wijzigingen aanbrengen buiten het werkstroombereik.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/operations/read | Hiermee haalt u implementatiebewerkingen op of vermeldt u deze. |
| Microsoft.Resources/subscriptions/operationresults/read | Haal de resultaten van de abonnementsbewerking op. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Web/*/read | |
| Microsoft.Web/connections/* | Een verbinding maken en beheren. |
| Microsoft.Web/customApis/* | Hiermee maakt en beheert u een aangepaste API. |
| Microsoft.Web/sites/config/list/Action | Lijst met beveiligingsgevoelige instellingen van web-apps, zoals publicatiereferenties, app-instellingen en verbindingsreeks s |
| microsoft.web/sites/config/Write | Configuratie-instellingen van web-app bijwerken |
| microsoft.web/sites/config/web/appsettings/delete | Web Apps-app-instelling verwijderen |
| microsoft.web/sites/config/web/appsettings/write | Instelling voor één app voor web-apps maken of bijwerken |
| microsoft.web/sites/deployWorkflowArtifacts/action | Maak de artefacten in een logische app. |
| microsoft.web/sites/hostruntime/* | Haal hostruntime-artefacten op of vermeld deze voor de web-app of functie-app. |
| microsoft.web/sites/listworkflowsconnections/action | Vermeld de verbindingen van logische apps op basis van de bijbehorende id in een logische app. |
| Microsoft.Web/sites/publish/Action | Een web-app publiceren |
| microsoft.web/sites/slots/config/appsettings/write | De instelling voor één app-site maken of bijwerken |
| Microsoft.Web/sites/slots/config/list/Action | Lijst met beveiligingsgevoelige instellingen van web-app-sites, zoals publicatiereferenties, app-instellingen en verbindingsreeks s |
| microsoft.web/sites/slots/config/web/appsettings/delete | App-instelling van web-app-site verwijderen |
| microsoft.web/sites/slots/deployWorkflowArtifacts/action | Maak de artefacten in een implementatiesite in een logische app. |
| microsoft.web/sites/slots/listworkflowsconnections/action | Vermeld de verbindingen van een logische app op basis van de bijbehorende id in een implementatiesite in een logische app. |
| Microsoft.Web/sites/slots/publish/Action | Een web-app-site publiceren |
| microsoft.web/sites/workflows/* | |
| microsoft.web/sites/workflowsconfiguration/* | |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb",
"name": "523776ba-4eb2-4600-a3c8-f2dc93da4bdb",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/sites/config/list/Action",
"microsoft.web/sites/config/Write",
"microsoft.web/sites/config/web/appsettings/delete",
"microsoft.web/sites/config/web/appsettings/write",
"microsoft.web/sites/deployWorkflowArtifacts/action",
"microsoft.web/sites/hostruntime/*",
"microsoft.web/sites/listworkflowsconnections/action",
"Microsoft.Web/sites/publish/Action",
"microsoft.web/sites/slots/config/appsettings/write",
"Microsoft.Web/sites/slots/config/list/Action",
"microsoft.web/sites/slots/config/web/appsettings/delete",
"microsoft.web/sites/slots/deployWorkflowArtifacts/action",
"microsoft.web/sites/slots/listworkflowsconnections/action",
"Microsoft.Web/sites/slots/publish/Action",
"microsoft.web/sites/workflows/*",
"microsoft.web/sites/workflowsconfiguration/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Developer (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard Operator (preview)
U kunt de logische app in- en uitschakelen, werkstroomuitvoeringen opnieuw indienen en verbindingen maken. U kunt werkstromen of instellingen niet bewerken.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/operations/read | Hiermee haalt u implementatiebewerkingen op of vermeldt u deze. |
| Microsoft.Resources/subscriptions/operationresults/read | Haal de resultaten van de abonnementsbewerking op. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Web/*/read | |
| Microsoft.Web/sites/applySlotConfig/Action | Configuratie van web-app-site toepassen van doelsite op de huidige web-app |
| microsoft.web/sites/hostruntime/* | Haal hostruntime-artefacten op of vermeld deze voor de web-app of functie-app. |
| Microsoft.Web/sites/restart/Action | Een web-app opnieuw starten |
| Microsoft.Web/sites/slots/restart/Action | Een web-app-site opnieuw starten |
| Microsoft.Web/sites/slots/slotsswap/Action | Implementatiesites voor web-apps wisselen |
| Microsoft.Web/sites/slots/start/Action | Een web-app-site starten |
| Microsoft.Web/sites/slots/stop/Action | Een web-app-site stoppen |
| Microsoft.Web/sites/slotsdiffs/Action | Verschillen in configuratie tussen web-app en sleuven ophalen |
| Microsoft.Web/sites/slotsswap/Action | Implementatiesites voor web-apps wisselen |
| Microsoft.Web/sites/start/Action | Een web-app starten |
| Microsoft.Web/sites/stop/Action | Een web-app stoppen |
| Microsoft.Web/sites/write | Een nieuwe web-app maken of een bestaande bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555",
"name": "b70c96e9-66fe-4c09-b6e7-c98e69c98555",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/sites/applySlotConfig/Action",
"microsoft.web/sites/hostruntime/*",
"Microsoft.Web/sites/restart/Action",
"Microsoft.Web/sites/slots/restart/Action",
"Microsoft.Web/sites/slots/slotsswap/Action",
"Microsoft.Web/sites/slots/start/Action",
"Microsoft.Web/sites/slots/stop/Action",
"Microsoft.Web/sites/slotsdiffs/Action",
"Microsoft.Web/sites/slotsswap/Action",
"Microsoft.Web/sites/start/Action",
"Microsoft.Web/sites/stop/Action",
"Microsoft.Web/sites/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Operator (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard Reader (preview)
U hebt alleen-lezentoegang tot alle resources in een standaard logische app en werkstromen, waaronder de werkstroomuitvoeringen en hun geschiedenis.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.Resources/deployments/operations/read | Hiermee haalt u implementatiebewerkingen op of vermeldt u deze. |
| Microsoft.Resources/subscriptions/operationresults/read | Haal de resultaten van de abonnementsbewerking op. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| Microsoft.Web/*/read | |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73",
"name": "4accf36b-2c05-432f-91c8-5c532dff4c73",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Reader (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Inzender voor Scheduler-taakverzamelingen
Hiermee kunt u Scheduler-taakverzamelingen beheren, maar geen toegang tot deze verzamelingen.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Insights/alertRules/* | Een klassieke metrische waarschuwing maken en beheren |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hiermee haalt u de beschikbaarheidsstatussen voor alle resources in het opgegeven bereik op |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Scheduler/jobcollections/* | Taakverzamelingen maken en beheren |
| Microsoft.Support/* | Een ondersteuningsticket maken en bijwerken |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Scheduler job collections, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94",
"name": "188a0f2f-5c9e-469b-ae67-2aa5ce574b94",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Scheduler/jobcollections/*",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Scheduler Job Collections Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Services Hub Operator
Met Services Hub Operator kunt u alle lees-, schrijf- en verwijderingsbewerkingen uitvoeren met betrekking tot Services Hub-connectors.
| Acties | Beschrijving |
|---|---|
| Microsoft.Authorization/*/read | Rollen en roltoewijzingen lezen |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hiermee haalt u resourcegroepen op of vermeldt u deze. |
| Microsoft.Resources/deployments/* | Een implementatie maken en beheren |
| Microsoft.ServicesHub/connectors/write | Een Services Hub Connector maken of bijwerken |
| Microsoft.ServicesHub/connectors/read | Services Hub-connectors weergeven of vermelden |
| Microsoft.ServicesHub/connectors/delete | Services Hub-connectors verwijderen |
| Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action | Geeft een overzicht van de evaluatierechten voor een bepaalde Services Hub-werkruimte |
| Microsoft.ServicesHub/supportOfferingEntitlement/read | De rechten voor ondersteuningsaanbiedingen voor een bepaalde Services Hub-werkruimte weergeven |
| Microsoft.ServicesHub/workspaces/read | De Services Hub-werkruimten voor een bepaalde gebruiker weergeven |
| NotActions | |
| geen | |
| DataActions | |
| geen | |
| NotDataActions | |
| geen |
{
"assignableScopes": [
"/"
],
"description": "Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b",
"name": "82200a5b-e217-47a5-b665-6d8765ee745b",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/deployments/*",
"Microsoft.ServicesHub/connectors/write",
"Microsoft.ServicesHub/connectors/read",
"Microsoft.ServicesHub/connectors/delete",
"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action",
"Microsoft.ServicesHub/supportOfferingEntitlement/read",
"Microsoft.ServicesHub/workspaces/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Services Hub Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}