Funções internas do Azure para Análise

Este artigo lista as funções internas do Azure na categoria Análise.

Proprietário de dados dos Hubs de Eventos do Azure

Permite acesso completo aos recursos dos Hubs de Eventos do Azure.

Saiba mais

Ações	Descrição
Microsoft.EventHub/*
NotActions
none
DataActions
Microsoft.EventHub/*
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for full access to Azure Event Hubs resources.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec",
  "name": "f526a384-b230-433a-b45c-95f59c4a2dec",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/*"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Event Hubs Data Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Receptor de dados dos Hubs de Eventos do Azure

Permite acesso de recebimento aos recursos dos Hubs de Eventos do Azure.

Saiba mais

Ações	Descrição
Microsoft.EventHub/*/eventhubs/consumergroups/read
NotActions
none
DataActions
Microsoft.EventHub/*/receive/action
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows receive access to Azure Event Hubs resources.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde",
  "name": "a638d3c7-ab3a-418d-83e6-5f17a39d4fde",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/*/eventhubs/consumergroups/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/*/receive/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Event Hubs Data Receiver",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Remetente de dados dos Hubs de Eventos do Azure

Permite acesso de envio aos recursos dos Hubs de Eventos do Azure.

Saiba mais

Ações	Descrição
Microsoft.EventHub/*/eventhubs/read
NotActions
none
DataActions
Microsoft.EventHub/*/send/action
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows send access to Azure Event Hubs resources.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975",
  "name": "2b629674-e913-4c01-ae53-ef4638d8f975",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/*/eventhubs/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/*/send/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Event Hubs Data Sender",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Colaborador da fábrica de dados

Cria e gerencia data factories, assim como os recursos filhos neles.

Saiba mais

Ações	Descrição
Microsoft.Authorization/*/read	Ler funções e atribuições de função
Microsoft.DataFactory/dataFactories/*	Criar e gerenciar data factories e recursos filho dentro deles.
Microsoft.DataFactory/factories/*	Criar e gerenciar data factories e recursos filho dentro deles.
Microsoft.Insights/alertRules/*	Criar e gerenciar um alerta de métrica clássico
Microsoft.ResourceHealth/availabilityStatuses/read	Obter os status de disponibilidade para todos os recursos no escopo especificado
Microsoft.Resources/deployments/*	Criar e gerenciar uma implantação
Microsoft.Resources/subscriptions/resourceGroups/read	Obter ou listar de grupos de recursos.
Microsoft.Support/*	Criar e atualizar um tíquete de suporte
Microsoft.EventGrid/eventSubscriptions/write	Criar ou atualizar um eventSubscription
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Create and manage data factories, as well as child resources within them.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5",
  "name": "673868aa-7521-48a0-acc6-0f60742d39f5",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.DataFactory/dataFactories/*",
        "Microsoft.DataFactory/factories/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.EventGrid/eventSubscriptions/write"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Data Factory Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Limpador de Dados

Exclua dados privados de um workspace do Log Analytics.

Saiba mais

Ações	Descrição
Microsoft.Insights/components/*/read
Microsoft.Insights/components/purge/action	Limpe dados do Application Insights
Microsoft.OperationalInsights/workspaces/*/read	Exibir dados da análise de logs
Microsoft.OperationalInsights/workspaces/purge/action	Exclua dados especificados por consulta do workspace.
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Can purge analytics data",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90",
  "name": "150f5e0c-0603-4f03-8c7f-cf70034c4e90",
  "permissions": [
    {
      "actions": [
        "Microsoft.Insights/components/*/read",
        "Microsoft.Insights/components/purge/action",
        "Microsoft.OperationalInsights/workspaces/*/read",
        "Microsoft.OperationalInsights/workspaces/purge/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Data Purger",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Operador de Cluster do HDInsight

Permite que você leia e modifique as configurações de cluster do HDInsight.

Saiba mais

Ações	Descrição
Microsoft.HDInsight/*/read
Microsoft.HDInsight/clusters/getGatewaySettings/action	Obter configurações de gateway para o cluster HDInsight
Microsoft.HDInsight/clusters/updateGatewaySettings/action	Atualizar as configurações do gateway para o cluster HDInsight
Microsoft.HDInsight/clusters/configurations/*
Microsoft.Resources/subscriptions/resourceGroups/read	Obter ou listar de grupos de recursos.
Microsoft.Resources/deployments/operations/read	Obter ou lista operações de implantação.
Microsoft.Insights/alertRules/*	Criar e gerenciar um alerta de métrica clássico
Microsoft.Authorization/*/read	Ler funções e atribuições de função
Microsoft.Support/*	Criar e atualizar um tíquete de suporte
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you read and modify HDInsight cluster configurations.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a",
  "name": "61ed4efc-fab3-44fd-b111-e24485cc132a",
  "permissions": [
    {
      "actions": [
        "Microsoft.HDInsight/*/read",
        "Microsoft.HDInsight/clusters/getGatewaySettings/action",
        "Microsoft.HDInsight/clusters/updateGatewaySettings/action",
        "Microsoft.HDInsight/clusters/configurations/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Resources/deployments/operations/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Authorization/*/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "HDInsight Cluster Operator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Colaborador dos serviços de domínio do HDInsight

Pode ler, criar, modificar e excluir operações relacionadas aos serviços de domínio necessárias para o Enterprise Security Package do HDInsight

Saiba mais

Ações	Descrição
Microsoft.AAD/*/read
Microsoft.AAD/domainServices/*/read
Microsoft.AAD/domainServices/oucontainer/*
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c",
  "name": "8d8d5a11-05d3-4bda-a417-a08778121c7c",
  "permissions": [
    {
      "actions": [
        "Microsoft.AAD/*/read",
        "Microsoft.AAD/domainServices/*/read",
        "Microsoft.AAD/domainServices/oucontainer/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "HDInsight Domain Services Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Administrador de Cluster do HDInsight no AKS

Concede a um usuário/grupo a capacidade de criar, excluir e gerenciar clusters em um determinado pool de clusters. O Administrador de Cluster também pode executar cargas de trabalho, monitorar e gerenciar todas as atividades do usuário nesses clusters.

Saiba mais

Ações	Descrição
Microsoft.Authorization/*/read	Ler funções e atribuições de função
Microsoft.HDInsight/clusterPools/clusters/read	Obter detalhes sobre o HDInsight no cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/write	Criar ou atualizar o HDInsight no cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/delete	Excluir um cluster HDInsight no AKS
Microsoft.HDInsight/clusterPools/clusters/resize/action	Redimensionar um HDInsight no cluster do AKS
Microsoft.HDInsight/clusterpools/clusters/instanceviews/read	Obter detalhes sobre o HDInsight na Exibição de Instância de Cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/jobs/read	Listar trabalhos de cluster do HDInsight no AKS
Microsoft.HDInsight/clusterPools/clusters/runjob/action	Executar o HDInsight no trabalho de cluster do AKS
Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read	Obter detalhes sobre o HDInsight nas configurações do serviço de cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read	Obter atualizações disponíveis para o HDInsight no cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/upgrade/action	Atualizar o HDInsight no cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/rollback/action	Reverter o HDInsight na atualização do cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read	Ler HDInsight em históricos de atualização de cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/libraries/read	Ler HDInsight em bibliotecas de cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/managelibraries/action	Gerenciar o HDInsight em bibliotecas de cluster do AKS
Microsoft.ResourceHealth/availabilityStatuses/read	Obter os status de disponibilidade para todos os recursos no escopo especificado
Microsoft.Resources/deployments/operations/read	Obter ou lista operações de implantação.
Microsoft.Resources/deployments/*/read
Microsoft.Resources/deployments/read	Obter ou lista implantações.
Microsoft.Resources/deployments/validate/action	Validar uma implantação.
Microsoft.Resources/deployments/write	Criar ou atualizar uma implantação.
Microsoft.Resources/deployments/exportTemplate/action	Exportar o modelo para uma implantação
Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read	Obter ou lista operações de implantação.
Microsoft.Resources/subscriptions/resourcegroups/deployments/read	Obter ou lista implantações.
Microsoft.Resources/subscriptions/resourceGroups/read	Obter ou listar de grupos de recursos.
Microsoft.Resources/subscriptions/operationresults/read	Obter os resultados da operação da assinatura.
Microsoft.Insights/AlertRules/Write	Criar ou atualizar o alerta de métrica clássico
Microsoft.Insights/AlertRules/Delete	Excluir alerta de métrica clássico
Microsoft.Insights/AlertRules/Read	Ler alerta de métrica clássico
Microsoft.Insights/AlertRules/Activated/Action	Alerta de métrica clássico ativado
Microsoft.Insights/AlertRules/Resolved/Action	Alerta de métrica clássico resolvido
Microsoft.Insights/AlertRules/Throttled/Action	Regra de alerta de métrica clássico acelerada
Microsoft.Insights/AlertRules/Incidents/Read	Ler incidente de alerta de métrica clássico
Microsoft.Insights/metrics/read	Ler métrica
Microsoft.Insights/logs/read	Lendo dados de todos os seus logs
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/fd036e6b-1266-47a0-b0bb-a05d04831731",
  "name": "fd036e6b-1266-47a0-b0bb-a05d04831731",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.HDInsight/clusterPools/clusters/read",
        "Microsoft.HDInsight/clusterPools/clusters/write",
        "Microsoft.HDInsight/clusterPools/clusters/delete",
        "Microsoft.HDInsight/clusterPools/clusters/resize/action",
        "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read",
        "Microsoft.HDInsight/clusterPools/clusters/jobs/read",
        "Microsoft.HDInsight/clusterPools/clusters/runjob/action",
        "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read",
        "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read",
        "Microsoft.HDInsight/clusterPools/clusters/upgrade/action",
        "Microsoft.HDInsight/clusterPools/clusters/rollback/action",
        "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read",
        "Microsoft.HDInsight/clusterPools/clusters/libraries/read",
        "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/operations/read",
        "Microsoft.Resources/deployments/*/read",
        "Microsoft.Resources/deployments/read",
        "Microsoft.Resources/deployments/validate/action",
        "Microsoft.Resources/deployments/write",
        "Microsoft.Resources/deployments/exportTemplate/action",
        "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read",
        "Microsoft.Resources/subscriptions/resourcegroups/deployments/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Insights/AlertRules/Write",
        "Microsoft.Insights/AlertRules/Delete",
        "Microsoft.Insights/AlertRules/Read",
        "Microsoft.Insights/AlertRules/Activated/Action",
        "Microsoft.Insights/AlertRules/Resolved/Action",
        "Microsoft.Insights/AlertRules/Throttled/Action",
        "Microsoft.Insights/AlertRules/Incidents/Read",
        "Microsoft.Insights/metrics/read",
        "Microsoft.Insights/logs/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "HDInsight on AKS Cluster Admin",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Administrador do Pool de Clusters do HDInsight no AKS

Pode ler, criar, modificar e excluir o HDInsight em pools de clusters do AKS e criar clusters

Saiba mais

Ações	Descrição
Microsoft.Authorization/*/read	Ler funções e atribuições de função
Microsoft.HDInsight/clusterPools/clusters/read	Obter detalhes sobre o HDInsight no cluster do AKS
Microsoft.HDInsight/clusterPools/clusters/write	Criar ou atualizar o HDInsight no cluster do AKS
Microsoft.HDInsight/clusterPools/delete	Excluir um HDInsight no pool de clusters do AKS
Microsoft.HDInsight/clusterPools/read	Obter detalhes sobre o HDInsight no Pool de Clusters do AKS
Microsoft.HDInsight/clusterPools/write	Criar ou atualizar o HDInsight no pool de clusters do AKS
Microsoft.HDInsight/clusterpools/availableupgrades/read	Obter atualizações disponíveis para o HDInsight no pool de clusters do AKS
Microsoft.HDInsight/clusterpools/upgrade/action	Atualizar o HDInsight no pool de clusters do AKS
Microsoft.HDInsight/clusterPools/upgradehistories/read	Ler o HDInsight nos históricos de atualização do pool de clusters do AKS
Microsoft.ResourceHealth/availabilityStatuses/read	Obter os status de disponibilidade para todos os recursos no escopo especificado
Microsoft.Resources/deployments/operations/read	Obter ou lista operações de implantação.
Microsoft.Resources/deployments/validate/action	Validar uma implantação.
Microsoft.Resources/deployments/*/read
Microsoft.Resources/deployments/read	Obter ou lista implantações.
Microsoft.Resources/deployments/write	Criar ou atualizar uma implantação.
Microsoft.Resources/deployments/exportTemplate/action	Exportar o modelo para uma implantação
Microsoft.Resources/deployments/validate/action	Validar uma implantação.
Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read	Obter ou lista operações de implantação.
Microsoft.Resources/subscriptions/resourcegroups/deployments/read	Obter ou lista implantações.
Microsoft.Resources/subscriptions/resourceGroups/read	Obter ou listar de grupos de recursos.
Microsoft.Resources/subscriptions/operationresults/read	Obter os resultados da operação da assinatura.
Microsoft.Insights/AlertRules/Write	Criar ou atualizar o alerta de métrica clássico
Microsoft.Insights/AlertRules/Delete	Excluir alerta de métrica clássico
Microsoft.Insights/AlertRules/Read	Ler alerta de métrica clássico
Microsoft.Insights/AlertRules/Activated/Action	Alerta de métrica clássico ativado
Microsoft.Insights/AlertRules/Resolved/Action	Alerta de métrica clássico resolvido
Microsoft.Insights/AlertRules/Throttled/Action	Regra de alerta de métrica clássico acelerada
Microsoft.Insights/AlertRules/Incidents/Read	Ler incidente de alerta de métrica clássico
Microsoft.Insights/metrics/read	Ler métrica
Microsoft.Insights/logs/read	Lendo dados de todos os seus logs
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/7656b436-37d4-490a-a4ab-d39f838f0042",
  "name": "7656b436-37d4-490a-a4ab-d39f838f0042",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.HDInsight/clusterPools/clusters/read",
        "Microsoft.HDInsight/clusterPools/clusters/write",
        "Microsoft.HDInsight/clusterPools/delete",
        "Microsoft.HDInsight/clusterPools/read",
        "Microsoft.HDInsight/clusterPools/write",
        "Microsoft.HDInsight/clusterpools/availableupgrades/read",
        "Microsoft.HDInsight/clusterpools/upgrade/action",
        "Microsoft.HDInsight/clusterPools/upgradehistories/read",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/operations/read",
        "Microsoft.Resources/deployments/validate/action",
        "Microsoft.Resources/deployments/*/read",
        "Microsoft.Resources/deployments/read",
        "Microsoft.Resources/deployments/write",
        "Microsoft.Resources/deployments/exportTemplate/action",
        "Microsoft.Resources/deployments/validate/action",
        "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read",
        "Microsoft.Resources/subscriptions/resourcegroups/deployments/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Insights/AlertRules/Write",
        "Microsoft.Insights/AlertRules/Delete",
        "Microsoft.Insights/AlertRules/Read",
        "Microsoft.Insights/AlertRules/Activated/Action",
        "Microsoft.Insights/AlertRules/Resolved/Action",
        "Microsoft.Insights/AlertRules/Throttled/Action",
        "Microsoft.Insights/AlertRules/Incidents/Read",
        "Microsoft.Insights/metrics/read",
        "Microsoft.Insights/logs/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "HDInsight on AKS Cluster Pool Admin",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Colaborador do Log Analytics

O Colaborador do Log Analytics pode ler todos os dados de monitoramento e editar as configurações de monitoramento. A edição das configurações de monitoramento inclui a adição da extensão da VM às VMs, leitura das chaves da conta de armazenamento para poder configurar a coleção de logs do Armazenamento do Azure, adição de soluções e configuração do diagnóstico do Azure em todos os recursos do Azure.

Saiba mais

Ações	Descrição
*/leitura	Ler recursos de todos os tipos, exceto segredos.
Microsoft.ClassicCompute/virtualMachines/extensions/*
Microsoft.ClassicStorage/storageAccounts/listKeys/action	Listar as chaves de acesso das contas de armazenamento.
Microsoft.Compute/virtualMachines/extensions/*
Microsoft.HybridCompute/machines/extensions/write	Instala ou atualiza uma extensão do Azure Arc
Microsoft.Insights/alertRules/*	Criar e gerenciar um alerta de métrica clássico
Microsoft.Insights/diagnosticSettings/*	Criar, atualizar ou ler a configuração de diagnóstico do Analysis Server
Microsoft.OperationalInsights/*
Microsoft.OperationsManagement/*
Microsoft.Resources/deployments/*	Criar e gerenciar uma implantação
Microsoft.Resources/subscriptions/resourcegroups/deployments/*
Microsoft.Storage/storageAccounts/listKeys/action	Retornar as chaves de acesso da conta de armazenamento especificada.
Microsoft.Support/*	Criar e atualizar um tíquete de suporte
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293",
  "name": "92aaf0da-9dab-42b6-94a3-d43ce8d16293",
  "permissions": [
    {
      "actions": [
        "*/read",
        "Microsoft.ClassicCompute/virtualMachines/extensions/*",
        "Microsoft.ClassicStorage/storageAccounts/listKeys/action",
        "Microsoft.Compute/virtualMachines/extensions/*",
        "Microsoft.HybridCompute/machines/extensions/write",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Insights/diagnosticSettings/*",
        "Microsoft.OperationalInsights/*",
        "Microsoft.OperationsManagement/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
        "Microsoft.Storage/storageAccounts/listKeys/action",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Log Analytics Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Leitor do Log Analytics

Um Leitor do Log Analytics pode exibir e pesquisar todos os dados de monitoramento além de exibir as configurações de monitoramento, incluindo a exibição da configuração do diagnóstico do Azure em todos os recursos do Azure.

Saiba mais

Ações	Descrição
*/leitura	Ler recursos de todos os tipos, exceto segredos.
Microsoft.OperationalInsights/workspaces/analytics/query/action	Pesquisar usando o novo mecanismo.
Microsoft.OperationalInsights/workspaces/search/action	Executar uma consulta de pesquisa
Microsoft.Support/*	Criar e atualizar um tíquete de suporte
NotActions
Microsoft.OperationalInsights/workspaces/sharedKeys/read	Recupera as chaves compartilhadas do workspace. Essas chaves são usadas para conectar agentes do Insights Operacionais da Microsoft ao workspace.
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893",
  "name": "73c42c96-874c-492b-b04d-ab87d138a893",
  "permissions": [
    {
      "actions": [
        "*/read",
        "Microsoft.OperationalInsights/workspaces/analytics/query/action",
        "Microsoft.OperationalInsights/workspaces/search/action",
        "Microsoft.Support/*"
      ],
      "notActions": [
        "Microsoft.OperationalInsights/workspaces/sharedKeys/read"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Log Analytics Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Colaborador do Registro de Esquema (Versão Prévia)

Ler, gravar e excluir grupos e esquemas do Registro de Esquema.

Ações	Descrição
Microsoft.EventHub/namespaces/schemagroups/*
NotActions
none
DataActions
Microsoft.EventHub/namespaces/schemas/*
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Read, write, and delete Schema Registry groups and schemas.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/5dffeca3-4936-4216-b2bc-10343a5abb25",
  "name": "5dffeca3-4936-4216-b2bc-10343a5abb25",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/namespaces/schemagroups/*"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/namespaces/schemas/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Schema Registry Contributor (Preview)",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Leitor do Registro de Esquema (Versão Prévia)

Ler e listar os grupos e os esquemas do Registro de Esquema.

Ações	Descrição
Microsoft.EventHub/namespaces/schemagroups/read	Obter lista de descrições de recursos do SchemaGroup
NotActions
none
DataActions
Microsoft.EventHub/namespaces/schemas/read	Recuperar esquemas
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Read and list Schema Registry groups and schemas.",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/2c56ea50-c6b3-40a6-83c0-9d98858bc7d2",
  "name": "2c56ea50-c6b3-40a6-83c0-9d98858bc7d2",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/namespaces/schemagroups/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/namespaces/schemas/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Schema Registry Reader (Preview)",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Testador de Consulta do Stream Analytics

Permite que você execute o teste de consulta sem criar primeiro um trabalho de análise de fluxo

Ações	Descrição
Microsoft.StreamAnalytics/locations/TestQuery/action	Testar a Consulta para o Provedor de Recursos do Stream Analytics
Microsoft.StreamAnalytics/locations/OperationResults/read	Ler o Resultado da Operação do Stream Analytics
Microsoft.StreamAnalytics/locations/SampleInput/action	Amostra de entrada para o provedor de recursos Stream Analytics
Microsoft.StreamAnalytics/locations/CompileQuery/action	Compilar consulta para provedor de recursos de Stream Analytics
NotActions
none
DataActions
none
NotDataActions
none

{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you perform query testing without creating a stream analytics job first",
  "id": "/providers/Microsoft.Authorization/roleDefinitions/1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf",
  "name": "1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf",
  "permissions": [
    {
      "actions": [
        "Microsoft.StreamAnalytics/locations/TestQuery/action",
        "Microsoft.StreamAnalytics/locations/OperationResults/read",
        "Microsoft.StreamAnalytics/locations/SampleInput/action",
        "Microsoft.StreamAnalytics/locations/CompileQuery/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Stream Analytics Query Tester",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Próximas etapas

• Atribuir funções do Azure usando o portal do Azure