安全性的 Azure 許可權
本文列出安全性類別中 Azure 資源提供者的許可權。 您可以在自己的 Azure 自定義角色 中使用這些許可權,為 Azure 中的資源提供細微的訪問控制。 權限字串的格式如下: {Company}.{ProviderName}/{resourceType}/{action}
Microsoft.AppComplianceAutomation
Azure 服務: 適用於 Microsoft 365 的應用程式合規性自動化工具
| 動作 | 描述 |
|---|---|
| Microsoft.AppComplianceAutomation/onboard/action | 將指定的訂用帳戶上線至 Microsoft.AppComplianceAutomation 提供者。 |
| Microsoft.AppComplianceAutomation/triggerEvaluation/action | 觸發指定訂用帳戶的快速評估。 |
| Microsoft.AppComplianceAutomation/listInUseStorageAccounts/action | 列出相關報表正在使用的記憶體帳戶 |
| Microsoft.AppComplianceAutomation/checkNameAvailability/action | action checkNameAvailability |
| Microsoft.AppComplianceAutomation/getCollectionCount/action | 取得報表計數。 |
| Microsoft.AppComplianceAutomation/getOverviewStatus/action | 取得資源概觀狀態。 |
| Microsoft.AppComplianceAutomation/register/action | 註冊 Microsoft.AppComplianceAutomation 的訂用帳戶 |
| Microsoft.AppComplianceAutomation/unregister/action | 取消註冊 Microsoft.AppComplianceAutomation 的訂用帳戶 |
| Microsoft.AppComplianceAutomation/locations/operationStatuses/read | read operationStatuses |
| Microsoft.AppComplianceAutomation/locations/operationStatuses/write | write operationStatuses |
| Microsoft.AppComplianceAutomation/operations/read | 讀取作業 |
| Microsoft.AppComplianceAutomation/reports/read | 取得租使用者的AppComplianceAutomation 報告清單。 |
| Microsoft.AppComplianceAutomation/reports/read | 取得 AppComplianceAutomation 報表及其屬性。 |
| Microsoft.AppComplianceAutomation/reports/write | 建立新的 AppComplianceAutomation 報表,或更新結束的 AppComplianceAutomation 報表。 |
| Microsoft.AppComplianceAutomation/reports/delete | 刪除 AppComplianceAutomation 報表。 |
| Microsoft.AppComplianceAutomation/reports/write | 更新結束的AppComplianceAutomation 報告。 |
| Microsoft.AppComplianceAutomation/reports/checkNameAvailability/action | 檢查報表的巢狀資源名稱可用性,例如:Webhook、辨識項、快照集。 |
| Microsoft.AppComplianceAutomation/reports/fix/action | 修正 AppComplianceAutomation 報告錯誤。 例如:應用程式合規性自動化工具服務未註冊、已移除自動化。 |
| Microsoft.AppComplianceAutomation/reports/getScopingQuestions/action | 修正 AppComplianceAutomation 報告錯誤。 例如:應用程式合規性自動化工具服務未註冊、已移除自動化。 |
| Microsoft.AppComplianceAutomation/reports/syncCertRecord/action | 從應用程式合規性同步處理證明記錄。 |
| Microsoft.AppComplianceAutomation/reports/verify/action | 確認AppComplianceAutomation 報告健康情況狀態。 |
| Microsoft.AppComplianceAutomation/reports/evidences/read | 傳回指定之報表的編頁辨識項清單。 |
| Microsoft.AppComplianceAutomation/reports/evidences/read | 取得辨識項元數據 |
| Microsoft.AppComplianceAutomation/reports/evidences/write | 建立或更新指定報表的辨識項 |
| Microsoft.AppComplianceAutomation/reports/evidences/delete | 從指定的報表中刪除現有辨識項 |
| Microsoft.AppComplianceAutomation/reports/evidences/download/action | 下載辨識項檔案。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/read | 傳回指定報表之單一範圍設定的清單格式。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/read | 取得特定報表的AppComplianceAutomation範圍設定。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/write | 取得特定報表的AppComplianceAutomation範圍設定。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/delete | 清除特定報表的AppComplianceAutomation範圍設定。 |
| Microsoft.AppComplianceAutomation/reports/snapshots/read | 取得 AppComplianceAutomation 快照集清單。 |
| Microsoft.AppComplianceAutomation/reports/snapshots/read | 取得 AppComplianceAutomation 快照集及其屬性。 |
| Microsoft.AppComplianceAutomation/reports/snapshots/download/action | 從快照集下載合規性需求,例如:合規性報告、資源清單。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/read | 取得 AppComplianceAutomation Webhook 列表。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/read | 取得 AppComplianceAutomation Webhook 及其屬性。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/write | 建立新的 AppComplianceAutomation Webhook,或更新結束的 AppComplianceAutomation Webhook。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/delete | 刪除 AppComplianceAutomation Webhook。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/write | 更新結束的 AppComplianceAutomation Webhook。 |
Microsoft.DataProtection
Azure 服務:數據保護
| 動作 | 描述 |
|---|---|
| Microsoft.DataProtection/register/action | 註冊指定資源提供者的訂用帳戶 |
| Microsoft.DataProtection/unregister/action | 取消註冊指定資源提供者的訂用帳戶 |
| Microsoft.DataProtection/backupVaults/write | 建立BackupVault作業會建立類型為 『Backup Vault』 的 Azure 資源 |
| Microsoft.DataProtection/backupVaults/write | 更新BackupVault作業會更新類型為 『Backup Vault』 的 Azure 資源 |
| Microsoft.DataProtection/backupVaults/read | 取得備份保存庫作業會取得代表 『Backup Vault』 類型的 Azure 資源的物件 |
| Microsoft.DataProtection/backupVaults/read | 取得訂用帳戶中的備份保存庫清單 |
| Microsoft.DataProtection/backupVaults/read | 取得資源群組中的備份保存庫清單 |
| Microsoft.DataProtection/backupVaults/delete | Delete Vault 作業會刪除 'Backup Vault' 類型的指定 Azure 資源 |
| Microsoft.DataProtection/backupVaults/validateForBackup/action | 驗證備份實例的備份 |
| Microsoft.DataProtection/backupVaults/backupInstances/write | 建立備份實例 |
| Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action | 驗證備份實例的修改 |
| Microsoft.DataProtection/backupVaults/backupInstances/delete | 刪除備份實例 |
| Microsoft.DataProtection/backupVaults/backupInstances/read | 傳回備份實例的詳細數據 |
| Microsoft.DataProtection/backupVaults/backupInstances/read | 傳回所有備份實例 |
| Microsoft.DataProtection/backupVaults/backupInstances/backup/action | 在備份實例上執行備份 |
| Microsoft.DataProtection/backupVaults/backupInstances/sync/action | 同步處理作業會重試備份實例上最後失敗的作業,使其處於有效狀態。 |
| Microsoft.DataProtection/backupVaults/backupInstances/restore/action | 觸發備份實例上的還原 |
| Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action | 驗證備份實例的還原 |
| Microsoft.DataProtection/backupVaults/backupInstances/stopProtection/action | 停止保護作業會停止備份實例的備份和保留排程。 現有的數據將永遠保留。 |
| Microsoft.DataProtection/backupVaults/backupInstances/suspendBackups/action | 暫停備份作業只會停止備份實例的備份。 保留活動將會繼續,因此會根據原則來重新整理數據。 |
| Microsoft.DataProtection/backupVaults/backupInstances/resumeProtection/action | 繼續保護保護已設定的BI。 |
| Microsoft.DataProtection/backupVaults/backupInstances/resumeBackups/action | 繼續備份備份Suspended BI。 |
| Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action | 尋找可還原的時間範圍 |
| Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read | 傳回備份保存庫的備份作業結果。 |
| Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read | 傳回恢復點的詳細數據 |
| Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read | 傳回所有恢復點 |
| Microsoft.DataProtection/backupVaults/backupJobs/read | 取得作業清單 |
| Microsoft.DataProtection/backupVaults/backupJobs/enableProgress/action | 取得作業詳細數據 |
| Microsoft.DataProtection/backupVaults/backupPolicies/write | 建立備份原則 |
| Microsoft.DataProtection/backupVaults/backupPolicies/delete | 刪除備份原則 |
| Microsoft.DataProtection/backupVaults/backupPolicies/read | 傳回備份原則的詳細數據 |
| Microsoft.DataProtection/backupVaults/backupPolicies/read | 傳回所有備份原則 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read | 取得資源的 ResourceGuard Proxy 清單 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read | 取得 ResourceGuard Proxy 作業會取得代表類型為 'ResourceGuard Proxy' 的 Azure 資源的物件 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write | 建立 ResourceGuard Proxy 作業會建立類型為 'ResourceGuard Proxy' 的 Azure 資源 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete | 刪除 ResourceGuard Proxy 作業會刪除類型為 'ResourceGuard Proxy' 的指定 Azure 資源 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action | 解除鎖定刪除 ResourceGuard Proxy 作業會解除鎖定下一個刪除關鍵作業 |
| Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action | 執行虛刪除備份實例的取消刪除。 備份實例會從SoftDelet移至 ProtectionStopped 狀態。 |
| Microsoft.DataProtection/backupVaults/deletedBackupInstances/read | 依名稱取得備份保存庫中虛刪除的備份實例 |
| Microsoft.DataProtection/backupVaults/deletedBackupInstances/read | 列出備份保存庫中虛刪除的備份實例。 |
| Microsoft.DataProtection/backupVaults/operationResults/read | 取得備份保存庫修補作業的作業結果 |
| Microsoft.DataProtection/backupVaults/operationStatus/read | 傳回備份保存庫的備份作業狀態。 |
| Microsoft.DataProtection/locations/checkNameAvailability/action | 檢查要求的BackupVault名稱是否可用 |
| Microsoft.DataProtection/locations/getBackupStatus/action | 檢查復原服務保存庫的備份狀態 |
| Microsoft.DataProtection/locations/checkFeatureSupport/action | 驗證是否支援功能 |
| Microsoft.DataProtection/locations/operationResults/read | 傳回備份保存庫的備份作業結果。 |
| Microsoft.DataProtection/locations/operationStatus/read | 傳回備份保存庫的備份作業狀態。 |
| Microsoft.DataProtection/operations/read | 作業會傳回資源提供者的作業清單 |
| Microsoft.DataProtection/subscriptions/providers/resourceGuards/read | 取得訂用帳戶中的 ResourceGuards 清單 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action | 針對已啟用跨區域還原的備份保存庫,從次要區域傳回恢復點。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action | 在指定的備份實例上觸發跨區域還原作業。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action | 執行跨區域還原作業的驗證。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action | 從次要區域列出備份實例的跨區域還原作業。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action | 從次要區域取得跨區域還原作業詳細數據。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read | 傳回備份保存庫的備份作業狀態。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write | 建立 ResourceGuard 作業會建立類型為 'ResourceGuard' 的 Azure 資源 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read | 取得 ResourceGuard 作業會取得代表 『ResourceGuard』 類型的 Azure 資源的物件 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete | 刪除 ResourceGuard 作業會刪除類型為 'ResourceGuard' 的指定 Azure 資源 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read | 取得資源群組中的 ResourceGuards 清單 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write | 更新 ResouceGuard 作業會更新類型為 'ResourceGuard' 的 Azure 資源 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read | 取得 ResourceGuard 作業要求資訊 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read | 取得 ResourceGuard 預設作業要求資訊 |
Microsoft.KeyVault
保護並維護金鑰及其他祕密的控管。
Azure 服務:金鑰保存庫
| 動作 | 描述 |
|---|---|
| Microsoft.KeyVault/register/action | 註冊訂用帳戶 |
| Microsoft.KeyVault/unregister/action | 取消註冊訂用帳戶 |
| Microsoft.KeyVault/checkNameAvailability/read | 檢查金鑰保存庫名稱是否有效且未使用中 |
| Microsoft.KeyVault/deletedManagedHsms/read | 檢視已刪除受控 hsm 的屬性 |
| Microsoft.KeyVault/deletedVaults/read | 檢視虛刪除金鑰保存庫的屬性 |
| Microsoft.KeyVault/hsmPools/read | 檢視 HSM 集區的屬性 |
| Microsoft.KeyVault/hsmPools/write | 建立新的 HSM 集區,以更新現有 HSM 集區的屬性 |
| Microsoft.KeyVault/hsmPools/delete | 刪除 HSM 集區 |
| Microsoft.KeyVault/hsmPools/joinVault/action | 將金鑰保存庫加入 HSM 集區 |
| Microsoft.KeyVault/locations/deleteVirtualNetworkOrSubnets/action | 通知Microsoft.KeyVault 正在刪除虛擬網路或子網 |
| Microsoft.KeyVault/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action | 檢查網路安全性周邊的設定是否需要更新。 |
| Microsoft.KeyVault/locations/deletedManagedHsms/read | 檢視已刪除受控 hsm 的屬性 |
| Microsoft.KeyVault/locations/deletedManagedHsms/purge/action | 清除虛刪除的受控 hsm |
| Microsoft.KeyVault/locations/deletedManagedHsms/delete | 清除虛刪除的受控 hsm |
| Microsoft.KeyVault/locations/deletedVaults/read | 檢視虛刪除之 Key Vault 的屬性 |
| Microsoft.KeyVault/locations/deletedVaults/purge/action | 清除虛刪除的 Key Vault |
| Microsoft.KeyVault/locations/managedHsmOperationResults/read | 檢查長時間執行作業的結果 |
| Microsoft.KeyVault/locations/operationResults/read | 檢查長時間執行作業的結果 |
| Microsoft.KeyVault/managedHSMs/read | 檢視受控 HSM 的屬性 |
| Microsoft.KeyVault/managedHSMs/write | 建立新的受控 HSM 或更新現有受控 HSM 的屬性 |
| Microsoft.KeyVault/managedHSMs/delete | 刪除受控 HSM |
| Microsoft.KeyVault/managedHSMs/PrivateEndpointConnectionsApproval/action | 核准或拒絕Microsoft.Network 提供者的私人端點資源連線 |
| Microsoft.KeyVault/managedHSMs/keys/read | 列出指定 Managed hsm 中的金鑰,或讀取指定金鑰的目前版本。 |
| Microsoft.KeyVault/managedHSMs/keys/write | 如果新金鑰不存在,則會建立第一個版本。 如果已經存在,則會傳回現有的索引鍵,而不會進行任何修改。 此 API 不會建立後續版本,也不會更新現有的金鑰。 |
| Microsoft.KeyVault/managedHSMs/keys/versions/read | 列出指定索引鍵的版本,或讀取指定的金鑰版本。 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/read | 檢視 Microsoft.Network 提供者私人端點資源連線 Proxy 的狀態 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/write | 將連線 Proxy 的狀態變更為 Microsoft.Network 提供者的私人端點資源 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/delete | 刪除 Microsoft.Network 提供者私人端點資源的連線 Proxy |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/validate/action | 驗證 Microsoft.Network 提供者私人端點資源的連線 Proxy |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnections/read | 檢視Microsoft.Network 提供者私人端點資源的連線狀態 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnections/write | 將連線的狀態變更為 Microsoft.Network 提供者的私人端點資源 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnections/delete | 刪除 Microsoft.Network 提供者私人端點資源的連線 |
| Microsoft.KeyVault/managedHSMs/privateLinkResources/read | 取得所指定受控 HSM 實例的可用私人鏈接資源。 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/diagnosticSettings/Read | 取得資源的診斷設定 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/diagnosticSettings/Write | 建立或更新資源的診斷設定 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/logDefinitions/read | 取得受控 HSM 的可用記錄 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/metricDefinitions/read | 取得金鑰保存庫的可用計量 |
| Microsoft.KeyVault/operations/read | 列出 Microsoft.KeyVault 資源提供者上可用的作業 |
| Microsoft.KeyVault/vaults/read | 檢視 Key Vault 的屬性 |
| Microsoft.KeyVault/vaults/write | 建立新的金鑰保存庫,或更新現有金鑰保存庫的屬性。 某些屬性可能需要更多權限。 |
| Microsoft.KeyVault/vaults/delete | 刪除金鑰保存庫 |
| Microsoft.KeyVault/vaults/deploy/action | 在部署 Azure 資源時,啟用金鑰保存庫中秘密的存取 |
| Microsoft.KeyVault/vaults/PrivateEndpointConnectionsApproval/action | 核准或拒絕Microsoft.Network 提供者的私人端點資源連線 |
| Microsoft.KeyVault/vaults/joinPerimeter/action | 聯結網路安全性周邊的動作,由 NRP 連結存取檢查使用。 |
| Microsoft.KeyVault/vaults/accessPolicies/write | 透過合併或取代以更新現有的存取原則,或將新的存取原則新增至金鑰保存庫。 |
| Microsoft.KeyVault/vaults/eventGridFilters/read | 通知 Microsoft.KeyVault 正在檢視 金鑰保存庫 的 EventGrid 訂用帳戶 |
| Microsoft.KeyVault/vaults/eventGridFilters/write | 通知Microsoft.KeyVault 正在建立 金鑰保存庫 的新 EventGrid 訂用帳戶 |
| Microsoft.KeyVault/vaults/eventGridFilters/delete | 通知 Microsoft.KeyVault 正在刪除 金鑰保存庫 的 EventGrid 訂用帳戶 |
| Microsoft.KeyVault/vaults/keys/read | 列出指定保存庫中的金鑰,或讀取指定金鑰的目前版本。 |
| Microsoft.KeyVault/vaults/keys/write | 如果新金鑰不存在,則會建立第一個版本。 如果已經存在,則會傳回現有的索引鍵,而不會進行任何修改。 此 API 不會建立後續版本,也不會更新現有的金鑰。 |
| Microsoft.KeyVault/vaults/keys/versions/read | 列出指定索引鍵的版本,或讀取指定的金鑰版本。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/delete | 刪除 Microsoft.Network 提供者的網路安全性周邊資源關聯 Proxy。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/read | 刪除 Microsoft.Network 提供者的網路安全性周邊資源關聯 Proxy。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/write | 將關聯的狀態變更為 Microsoft.Network provider 的網路安全性周邊資源 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterConfigurations/read | 讀取儲存在保存庫中的網路安全性周邊組態。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterConfigurations/reconcile/action | 使用 NRP 的 (Microsoft.Network Resource Provider) 複本,協調儲存在保存庫中的網路安全性周邊組態。 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/read | 檢視 Microsoft.Network 提供者私人端點資源連線 Proxy 的狀態 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/write | 將連線 Proxy 的狀態變更為 Microsoft.Network 提供者的私人端點資源 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/delete | 刪除 Microsoft.Network 提供者私人端點資源的連線 Proxy |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/validate/action | 驗證 Microsoft.Network 提供者私人端點資源的連線 Proxy |
| Microsoft.KeyVault/vaults/privateEndpointConnections/read | 檢視Microsoft.Network 提供者私人端點資源的連線狀態 |
| Microsoft.KeyVault/vaults/privateEndpointConnections/write | 將連線的狀態變更為 Microsoft.Network 提供者的私人端點資源 |
| Microsoft.KeyVault/vaults/privateEndpointConnections/delete | 刪除 Microsoft.Network 提供者私人端點資源的連線 |
| Microsoft.KeyVault/vaults/privateLinkResources/read | 取得指定實例的可用私人鏈接資源 金鑰保存庫 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/Read | 取得資源的診斷設定 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/Write | 建立或更新資源的診斷設定 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/logDefinitions/read | 取得金鑰保存庫的可用記錄 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/metricDefinitions/read | 取得金鑰保存庫的可用計量 |
| Microsoft.KeyVault/vaults/secrets/read | 檢視秘密的屬性,但不要檢視其值。 |
| Microsoft.KeyVault/vaults/secrets/write | 建立新的祕密,或更新現有祕密的值。 |
| DataAction | 說明 |
| Microsoft.KeyVault/vaults/certificatecas/delete | 刪除憑證簽發者 |
| Microsoft.KeyVault/vaults/certificatecas/read | 讀取憑證簽發者 |
| Microsoft.KeyVault/vaults/certificatecas/write | 寫入憑證簽發者 |
| Microsoft.KeyVault/vaults/certificatecontacts/write | 管理憑證聯繫人 |
| Microsoft.KeyVault/vaults/certificates/delete | 刪除憑證。 所有版本都會被刪除。 |
| Microsoft.KeyVault/vaults/certificates/read | 列出指定之金鑰保存庫中的憑證,或取得憑證的相關信息。 |
| Microsoft.KeyVault/vaults/certificates/backup/action | 建立憑證的備份檔。 檔案可用來還原相同訂用帳戶 金鑰保存庫 中的憑證。 可能適用限制。 |
| Microsoft.KeyVault/vaults/certificates/purge/action | 清除憑證,使其無法復原。 |
| Microsoft.KeyVault/vaults/certificates/update/action | 更新與指定憑證相關聯的指定屬性。 |
| Microsoft.KeyVault/vaults/certificates/create/action | 建立新的憑證。 如果憑證不存在,則會建立第一個版本。 否則,會建立新版本。 |
| Microsoft.KeyVault/vaults/certificates/import/action | 匯入包含私鑰的現有有效憑證。 要匯入的憑證可以是 PFX 或 PEM 格式。 如果憑證不存在於 金鑰保存庫 中,則會使用指定的內容建立第一個版本。 否則,會使用指定的內容來建立新版本。 |
| Microsoft.KeyVault/vaults/certificates/recover/action | 復原已刪除的憑證。 此作業會執行Delete作業的反轉。 此作業適用於啟用虛刪除的保存庫,而且必須在保留間隔期間發出。 |
| Microsoft.KeyVault/vaults/certificates/restore/action | 從 金鑰保存庫 所產生的備份檔還原憑證及其所有版本。 |
| Microsoft.KeyVault/vaults/keyrotationpolicies/read | 擷取指定金鑰的輪替原則。 |
| Microsoft.KeyVault/vaults/keyrotationpolicies/write | 更新指定金鑰的輪替原則。 |
| Microsoft.KeyVault/vaults/keys/read | 列出指定保存庫中的金鑰,或讀取金鑰的屬性和公開數據。 針對非對稱金鑰,此作業會公開公鑰,並包含執行公鑰演演算法的能力,例如加密和驗證簽章。 私鑰和對稱金鑰永遠不會公開。 |
| Microsoft.KeyVault/vaults/keys/update/action | 更新與指定索引鍵相關聯的指定屬性。 |
| Microsoft.KeyVault/vaults/keys/create/action | 建立新的金鑰。 如果機碼不存在,則會建立第一個版本。 否則,會以指定的值建立新版本。 |
| Microsoft.KeyVault/vaults/keys/import/action | 匯入外部建立的金鑰。 如果機碼不存在,則會使用匯入的數據建立第一個版本。 否則,會使用匯入的數據建立新版本。 |
| Microsoft.KeyVault/vaults/keys/recover/action | 復原已刪除的金鑰。 此作業會執行Delete作業的反轉。 此作業適用於啟用虛刪除的保存庫,而且必須在保留間隔期間發出。 |
| Microsoft.KeyVault/vaults/keys/restore/action | 從 金鑰保存庫產生的備份檔還原金鑰及其所有版本。 |
| Microsoft.KeyVault/vaults/keys/delete | 刪除金鑰。 所有版本都會被刪除。 |
| Microsoft.KeyVault/vaults/keys/backup/action | 建立金鑰的備份檔案。 檔案可用來還原相同訂用帳戶 金鑰保存庫 中的金鑰。 可能適用限制。 |
| Microsoft.KeyVault/vaults/keys/purge/action | 清除索引鍵,使其無法復原。 |
| Microsoft.KeyVault/vaults/keys/encrypt/action | 使用金鑰加密純文字。 請注意,如果密鑰非對稱,則此作業可由具有讀取許可權的主體執行。 |
| Microsoft.KeyVault/vaults/keys/decrypt/action | 使用金鑰解密加密文字。 |
| Microsoft.KeyVault/vaults/keys/wrap/action | 使用 金鑰保存庫 金鑰包裝對稱金鑰。 請注意,如果 金鑰保存庫 金鑰非對稱,則此作業可由具有讀取存取權的主體執行。 |
| Microsoft.KeyVault/vaults/keys/unwrap/action | 使用 金鑰保存庫 金鑰解除包裝對稱金鑰。 |
| Microsoft.KeyVault/vaults/keys/sign/action | 使用索引鍵簽署訊息摘要(哈希)。 |
| Microsoft.KeyVault/vaults/keys/verify/action | 使用金鑰驗證訊息摘要 (hash) 的簽章。 請注意,如果密鑰非對稱,則此作業可由具有讀取許可權的主體執行。 |
| Microsoft.KeyVault/vaults/keys/release/action | 從證明令牌使用KEK的公開部分來釋放金鑰。 |
| Microsoft.KeyVault/vaults/keys/rotate/action | 建立新版的現有金鑰(具有相同的參數)。 |
| Microsoft.KeyVault/vaults/secrets/delete | 刪除秘密。 所有版本都會被刪除。 |
| Microsoft.KeyVault/vaults/secrets/backup/action | 建立祕密的備份檔案。 檔案可用來還原相同訂用帳戶 金鑰保存庫 中的秘密。 可能適用限制。 |
| Microsoft.KeyVault/vaults/secrets/purge/action | 清除秘密,使其無法復原。 |
| Microsoft.KeyVault/vaults/secrets/update/action | 更新與指定秘密相關聯的指定屬性。 |
| Microsoft.KeyVault/vaults/secrets/recover/action | 復原已刪除的秘密。 此作業會執行Delete作業的反轉。 此作業適用於啟用虛刪除的保存庫,而且必須在保留間隔期間發出。 |
| Microsoft.KeyVault/vaults/secrets/restore/action | 從 金鑰保存庫所產生的備份檔還原秘密及其所有版本。 |
| Microsoft.KeyVault/vaults/secrets/readMetadata/action | 列出或檢視秘密的屬性,但不是其值。 |
| Microsoft.KeyVault/vaults/secrets/getSecret/action | 取得密碼的值。 |
| Microsoft.KeyVault/vaults/secrets/setSecret/action | 設定秘密的值。 如果秘密不存在,則會建立第一個版本。 否則,會以指定的值建立新版本。 |
| Microsoft.KeyVault/vaults/storageaccounts/read | 讀取受控記憶體帳戶的定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/set/action | 建立或更新受控記憶體帳戶的定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/delete | 刪除受控記憶體帳戶的定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/backup/action | 建立受控記憶體帳戶及其 SAS(共用存取簽章)定義的備份檔。 |
| Microsoft.KeyVault/vaults/storageaccounts/purge/action | 清除受控記憶體帳戶或 SAS(共用存取簽章)的虛刪除定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/regeneratekey/action | 重新產生受控記憶體帳戶的存取金鑰。 |
| Microsoft.KeyVault/vaults/storageaccounts/recover/action | 復原受控記憶體帳戶或 SAS(共用存取簽章)的虛刪除定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/restore/action | 從 金鑰保存庫 所產生的備份檔還原受控記憶體帳戶及其 SAS(共用存取簽章)的定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/sas/set/action | 建立或更新受控記憶體帳戶的 SAS(共用存取簽章)定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/sas/delete | 刪除受控記憶體帳戶的 SAS(共用存取簽章)定義。 |
| Microsoft.KeyVault/vaults/storageaccounts/sas/read | 讀取受控記憶體帳戶的 SAS (共用存取簽章) 定義。 |
Microsoft.Security
保護您的企業免於跨混合式雲端工作負載的進階威脅。
Azure 服務: 資訊安全中心
| 動作 | 描述 |
|---|---|
| Microsoft.Security/register/action | 註冊 Azure 資訊安全中心 的訂用帳戶 |
| Microsoft.Security/unregister/action | 從 Azure 資訊安全中心 取消註冊訂用帳戶 |
| Microsoft.Security/aggregations/action | 取得匯總 |
| Microsoft.Security/adaptiveNetworkHardenings/read | 取得 Azure 受保護資源的自適性網路強化建議 |
| Microsoft.Security/adaptiveNetworkHardenings/enforce/action | 藉由在指定的網路安全組上建立相符的安全性規則,強制執行指定的流量強化規則 |
| Microsoft.Security/advancedThreatProtectionSettings/read | 取得資源的進階威脅防護設定 |
| Microsoft.Security/advancedThreatProtectionSettings/write | 更新資源的進階威脅防護設定 |
| Microsoft.Security/aggregations/read | 取得匯總 |
| Microsoft.Security/alerts/read | 取得所有可用的安全性警示 |
| Microsoft.Security/alertsSuppressionRules/read | 取得所有可用的安全性警示歸並規則 |
| Microsoft.Security/alertsSuppressionRules/write | 建立新的安全性警示歸並規則或更新現有的規則 |
| Microsoft.Security/alertsSuppressionRules/delete | 刪除安全性警示歸並規則 |
| Microsoft.Security/apiCollections/read | 取得 Api 集合 |
| Microsoft.Security/apiCollections/write | 建立 Api 集合 |
| Microsoft.Security/apiCollections/delete | 刪除 API 集合 |
| Microsoft.Security/applicationWhitelistings/read | 取得應用程式允許清單 |
| Microsoft.Security/applicationWhitelistings/write | 建立新的應用程式允許清單或更新現有的應用程式 |
| Microsoft.Security/assessmentMetadata/read | 在您的訂用帳戶上取得可用的安全性評估元數據 |
| Microsoft.Security/assessmentMetadata/write | 建立或更新安全性評估元數據 |
| Microsoft.Security/assessments/read | 取得訂用帳戶的安全性評量 |
| Microsoft.Security/assessments/write | 在您的訂用帳戶上建立或更新安全性評定 |
| Microsoft.Security/assessments/governanceAssignments/read | 取得安全性評定的治理指派 |
| Microsoft.Security/assessments/governanceAssignments/write | 建立或更新安全性評定的治理指派 |
| Microsoft.Security/assessments/subAssessments/read | 取得訂用帳戶的安全性子評估 |
| Microsoft.Security/assessments/subAssessments/write | 在您的訂用帳戶上建立或更新安全性子評定 |
| Microsoft.Security/assignments/read | 取得安全性指派 |
| Microsoft.Security/assignments/write | 建立或更新安全性指派 |
| Microsoft.Security/assignments/delete | 刪除安全性指派 |
| Microsoft.Security/automations/read | 取得範圍的自動化 |
| Microsoft.Security/automations/write | 建立或更新範圍的自動化 |
| Microsoft.Security/automations/delete | 刪除範圍的自動化 |
| Microsoft.Security/automations/validate/action | 驗證範圍的自動化模型 |
| Microsoft.Security/autoProvisioningSettings/read | 取得訂用帳戶的安全性自動布建設定 |
| Microsoft.Security/autoProvisioningSettings/write | 建立或更新訂用帳戶的安全性自動布建設定 |
| Microsoft.Security/complianceResults/read | 取得資源的合規性結果 |
| Microsoft.Security/customRecommendations/read | 取得自訂建議 |
| Microsoft.Security/customRecommendations/write | 建立或更新自定義建議 |
| Microsoft.Security/customRecommendations/delete | 刪除自訂建議 |
| Microsoft.Security/datascanners/read | 取得範圍的 datascanners |
| Microsoft.Security/datascanners/write | 建立或更新範圍的數據掃描程式 |
| Microsoft.Security/datascanners/delete | 刪除範圍的數據掃描程式 |
| Microsoft.Security/defenderforstoragesettings/read | 取得範圍的 defenderforstoragesettings |
| Microsoft.Security/defenderforstoragesettings/write | 建立或更新範圍的 defenderforstoragesettings |
| Microsoft.Security/defenderforstoragesettings/delete | 刪除範圍的 defenderforstoragesettings |
| Microsoft.Security/deviceSecurityGroups/write | 建立或更新IoT裝置安全組 |
| Microsoft.Security/deviceSecurityGroups/delete | 刪除IoT裝置安全組 |
| Microsoft.Security/deviceSecurityGroups/read | 取得IoT裝置安全組 |
| Microsoft.Security/externalSecuritySolutions/read | 取得外部安全性解決方案 |
| Microsoft.Security/governanceRules/read | 取得管理安全性狀態的治理規則 |
| Microsoft.Security/governanceRules/write | 建立或更新管理安全性狀態的治理規則 |
| Microsoft.Security/informationProtectionPolicies/read | 取得資源的信息保護原則 |
| Microsoft.Security/informationProtectionPolicies/write | 更新資源的信息保護原則 |
| Microsoft.Security/integration/read | 取得範圍上的整合 |
| Microsoft.Security/integration/write | 在您的範圍上建立或更新整合 |
| Microsoft.Security/integration/delete | 在範圍上委派或更新整合 |
| Microsoft.Security/iotDefenderSettings/read | 取得IoT Defender 設定 |
| Microsoft.Security/iotDefenderSettings/write | 建立或更新IoT Defender設定 |
| Microsoft.Security/iotDefenderSettings/delete | 刪除IoT Defender 設定 |
| Microsoft.Security/iotDefenderSettings/PackageDownloads/action | 取得可下載的IoT Defender套件資訊 |
| Microsoft.Security/iotDefenderSettings/DownloadManagerActivation/action | 下載具有訂用帳戶配額數據的管理員啟用檔案 |
| Microsoft.Security/iotSecuritySolutions/write | 建立或更新IoT安全性解決方案 |
| Microsoft.Security/iotSecuritySolutions/delete | 刪除IoT安全性解決方案 |
| Microsoft.Security/iotSecuritySolutions/read | 取得IoT安全性解決方案 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 取得IoT安全性分析模型 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 取得IoT警示類型 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 取得IoT警示 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 取得IoT建議類型 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 取得IoT建議 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 取得裝置 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedAlerts/read | 取得IoT匯總警示 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedAlerts/dismiss/action | 關閉 IoT 匯總警示 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedRecommendations/read | 取得IoT匯總建議 |
| Microsoft.Security/iotSensors/read | 取得IoT感測器 |
| Microsoft.Security/iotSensors/write | 建立或更新IoT感測器 |
| Microsoft.Security/iotSensors/delete | 刪除IoT感測器 |
| Microsoft.Security/iotSensors/DownloadActivation/action | 下載IoT感測器的啟用檔案 |
| Microsoft.Security/iotSensors/TriggerTiPackageUpdate/action | 觸發威脅情報套件更新 |
| Microsoft.Security/iotSensors/DownloadResetPassword/action | 下載IoT感測器的重設密碼檔案 |
| Microsoft.Security/iotSite/read | 取得IoT網站 |
| Microsoft.Security/iotSite/write | 建立或更新IoT網站 |
| Microsoft.Security/iotSite/delete | 刪除 IoT 網站 |
| Microsoft.Security/jitNetworkAccessPolicies/read | 取得 Just-in-Time 網路存取原則 |
| Microsoft.Security/locations/read | 取得安全性數據位置 |
| Microsoft.Security/locations/alerts/read | 取得所有可用的安全性警示 |
| Microsoft.Security/locations/alerts/dismiss/action | 關閉安全性警示 |
| Microsoft.Security/locations/alerts/activate/action | 啟用安全性警示 |
| Microsoft.Security/locations/alerts/resolve/action | 解決安全性警示 |
| Microsoft.Security/locations/alerts/simulate/action | 模擬安全性警示 |
| Microsoft.Security/locations/externalSecuritySolutions/read | 取得外部安全性解決方案 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/read | 取得 Just-in-Time 網路存取原則 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/write | 建立新的 Just-in-Time 網路存取原則,或更新現有的 Just-in-Time 網路存取原則 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/delete | 刪除 Just-In-Time 網路存取原則 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/initiate/action | 起始 Just-In-Time 網路存取原則要求 |
| Microsoft.Security/locations/securitySolutions/read | 取得安全性解決方案 |
| Microsoft.Security/locations/securitySolutions/write | 建立新的安全性解決方案或更新現有的解決方案 |
| Microsoft.Security/locations/securitySolutions/delete | 刪除安全性解決方案 |
| Microsoft.Security/locations/tasks/read | 取得所有可用的安全性建議 |
| Microsoft.Security/locations/tasks/start/action | 啟動安全性建議 |
| Microsoft.Security/locations/tasks/resolve/action | 解決安全性建議 |
| Microsoft.Security/locations/tasks/activate/action | 啟用安全性建議 |
| Microsoft.Security/locations/tasks/dismiss/action | 關閉安全性建議 |
| Microsoft.Security/mdeOnboardings/read | 取得 適用於端點的 Microsoft Defender 上線腳本 |
| Microsoft.Security/policies/read | 取得安全策略 |
| Microsoft.Security/policies/write | 更新安全策略 |
| Microsoft.Security/pricings/read | 取得範圍的定價設定 |
| Microsoft.Security/pricings/write | 更新範圍的定價設定 |
| Microsoft.Security/pricings/delete | 刪除範圍的定價設定 |
| Microsoft.Security/pricings/securityoperators/read | 取得範圍的安全性運算元 |
| Microsoft.Security/pricings/securityoperators/write | 更新範圍的安全性運算元 |
| Microsoft.Security/pricings/securityoperators/delete | 刪除範圍的安全性運算元 |
| Microsoft.Security/secureScoreControlDefinitions/read | 取得安全分數控制定義 |
| Microsoft.Security/secureScoreControls/read | 取得訂用帳戶的計算安全分數控制 |
| Microsoft.Security/secureScores/read | 取得訂用帳戶的計算安全分數 |
| Microsoft.Security/secureScores/secureScoreControls/read | 取得安全分數計算的計算安全分數控制 |
| Microsoft.Security/securityConnectors/read | 取得安全性連接器 |
| Microsoft.Security/securityConnectors/write | 更新安全性連接器 |
| Microsoft.Security/securityConnectors/delete | 刪除安全性連接器 |
| Microsoft.Security/securityConnectors/devops/listAvailableAzureDevOpsOrgs/action | 傳回連接器所取用使用者令牌可存取的所有 Azure DevOps 組織清單。 |
| Microsoft.Security/securityConnectors/devops/write | 建立或更新DevOps組態。 |
| Microsoft.Security/securityConnectors/devops/delete | 刪除 DevOps 連接器。 |
| Microsoft.Security/securityConnectors/devops/read | 取得DevOps組態。 |
| Microsoft.Security/securityConnectors/devops/read | 列出DevOps組態。 |
| Microsoft.Security/securityConnectors/devops/write | 更新DevOps組態。 |
| Microsoft.Security/securityConnectors/devops/listAvailableGitHubOwners/action | 傳回連接器所取用使用者令牌可存取的所有 GitHub 擁有者清單。 |
| Microsoft.Security/securityConnectors/devops/listAvailableGitLabGroups/action | 傳回連接器所取用使用者令牌可存取的所有 GitLab 群組清單。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/write | 建立或更新受監視的 Azure DevOps 組織詳細數據。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/delete | 刪除受監視的 Azure DevOps 組織。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/read | 傳回受監視的 Azure DevOps 組織資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/read | 傳回已上線至連接器的 Azure DevOps 組織清單。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/write | 更新受監視的 Azure DevOps 組織詳細數據。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/listAvailableProjects/action | 傳回連接器所取用使用者令牌可存取的所有 Azure DevOps 專案清單。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/write | 建立或更新受監視的 Azure DevOps 項目資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/delete | 刪除受監視的 Azure DevOps 項目資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/read | 傳回受監視的 Azure DevOps 項目資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/read | 傳回上線至連接器的 Azure DevOps 項目清單。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/write | 更新受監視的 Azure DevOps 項目資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/listAvailableRepos/action | 傳回連接器所取用使用者令牌可存取的所有 Azure DevOps 存放庫清單。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/write | 建立或更新受監視的 Azure DevOps 存放庫資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/delete | 刪除受監視的 Azure DevOps 存放庫資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/read | 傳回受監視的 Azure DevOps 存放庫資源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/read | 傳回上線至連接器的 Azure DevOps 存放庫清單。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/write | 更新受監視的 Azure DevOps 存放庫資源。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/write | 建立或更新受監視的 GitHub 擁有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/delete | 刪除受監視的 GitHub 擁有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/read | 傳回受監視的 GitHub 擁有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/read | 傳回已上線至連接器的 GitHub 擁有者清單。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/write | 更新受監視的 GitHub 擁有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/listAvailableRepos/action | 傳回連接器所使用之使用者令牌和應用程式安裝可存取的所有 GitHub 存放庫清單。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/write | 建立或更新受監視的 GitHub 存放庫。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/delete | 刪除受監視的 GitHub 存放庫。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/read | 傳回受監視的 GitHub 存放庫。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/read | 傳回上線至連接器的 GitHub 存放庫清單。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/write | 更新受監視的 GitHub 存放庫。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/write | 建立或更新受監視的 GitLab 群組詳細數據。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/delete | 刪除受監視的 GitLab 群組。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/read | 傳回指定完整名稱的受監視 GitLab 群組資源。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/read | 傳回已上線至連接器的 GitLab 群組清單。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/write | 更新受監視的 GitLab 群組詳細數據。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/listAvailableProjects/action | 取得由指定群組直接擁有的所有 GitLab 專案清單,並由連接器取用的使用者令牌存取。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/listSubgroups/action | 取得已上線至連接器之指定 GitLab 群組的巢狀子群組。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/listAvailableSubgroups/action | 取得指定 GitLab 群組的所有巢狀子群組,這些子群組可由連接器取用的使用者令牌存取。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/write | 建立或更新受監視的 GitLab 專案詳細數據。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/delete | 刪除受監視的 GitLab 專案。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/read | 針對指定的完整組名和專案名稱,傳回受監視的 GitLab 項目資源。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/read | 取得由指定群組直接擁有並上線至連接器的 GitLab 項目清單。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/write | 更新受監視的 GitLab 專案詳細數據。 |
| Microsoft.Security/securityConnectors/devops/operationResults/read | 取得 Devops 長時間執行的作業結果。 |
| Microsoft.Security/securityContacts/read | 取得安全性聯繫人 |
| Microsoft.Security/securityContacts/write | 更新安全性聯繫人 |
| Microsoft.Security/securityContacts/delete | 刪除安全性聯繫人 |
| Microsoft.Security/securitySolutions/read | 取得安全性解決方案 |
| Microsoft.Security/securitySolutions/write | 建立新的安全性解決方案或更新現有的解決方案 |
| Microsoft.Security/securitySolutions/delete | 刪除安全性解決方案 |
| Microsoft.Security/securitySolutionsReferenceData/read | 取得安全性解決方案參考數據 |
| Microsoft.Security/securityStandards/read | 取得安全性標準 |
| Microsoft.Security/securityStandards/write | 建立或更新安全性標準 |
| Microsoft.Security/securityStandards/delete | 刪除安全性標準 |
| Microsoft.Security/securityStatuses/read | 取得 Azure 資源的安全性健康狀態 |
| Microsoft.Security/securityStatusesSummaries/read | 取得範圍的安全性狀態摘要 |
| Microsoft.Security/sensitivitySettings/read | 取得租用戶層級敏感度設定 |
| Microsoft.Security/sensitivitySettings/write | 更新租用戶層級敏感度設定 |
| Microsoft.Security/serverVulnerabilityAssessments/read | 取得指定資源上的伺服器弱點評估上線狀態 |
| Microsoft.Security/serverVulnerabilityAssessments/write | 在資源上建立或更新伺服器弱點評估解決方案 |
| Microsoft.Security/serverVulnerabilityAssessments/delete | 從資源移除伺服器弱點評估解決方案 |
| Microsoft.Security/serverVulnerabilityAssessmentsSettings/read | 取得指定訂用帳戶的伺服器弱點評估設定上線狀態 |
| Microsoft.Security/serverVulnerabilityAssessmentsSettings/write | 在指定的訂用帳戶上建立或更新伺服器弱點評估設定 |
| Microsoft.Security/serverVulnerabilityAssessmentsSettings/delete | 從指定的訂用帳戶移除伺服器弱點評估設定 |
| Microsoft.Security/settings/read | 取得範圍的設定 |
| Microsoft.Security/settings/write | 更新範圍的設定 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/action | 將規則結果清單新增至基準。 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/read | 傳回資料庫的基準(新增至基準的所有規則),或取得指定規則標識碼的規則基準結果。 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/write | 變更規則基準結果。 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/delete | 從基準移除規則結果。 |
| Microsoft.Security/sqlVulnerabilityAssessments/scans/read | 傳回弱點評估掃描記錄清單,或取得指定掃描標識碼的掃描記錄。 |
| Microsoft.Security/sqlVulnerabilityAssesssments/scans/scanResults/read | 傳回弱點評估規則結果的清單,或取得指定規則標識碼的規則結果。 |
| Microsoft.Security/standardAssignments/read | 取得標準指派 |
| Microsoft.Security/standardAssignments/write | 建立或更新標準指派 |
| Microsoft.Security/standardAssignments/delete | 刪除標準指派 |
| Microsoft.Security/standard/read | 取得安全性標準 |
| Microsoft.Security/standard/write | 建立或更新安全性標準 |
| Microsoft.Security/standard/delete | 刪除安全性標準 |
| Microsoft.Security/tasks/read | 取得所有可用的安全性建議 |
| Microsoft.Security/webApplicationFirewalls/read | 取得 Web 應用程式防火牆 |
| Microsoft.Security/webApplicationFirewalls/write | 建立新的 Web 應用程式防火牆或更新現有的 Web 應用程式防火牆 |
| Microsoft.Security/webApplicationFirewalls/delete | 刪除 Web 應用程式防火牆 |
| Microsoft.Security/workspaceSettings/read | 取得工作區設定 |
| Microsoft.Security/workspaceSettings/write | 更新工作區設定 |
| Microsoft.Security/workspaceSettings/delete | 刪除工作區設定 |
| Microsoft.Security/workspaceSettings/connect/action | 變更工作區設定重新連線設定 |
Microsoft.SecurityGraph
Azure 服務:Microsoft Monitoring Insights
| 動作 | 描述 |
|---|---|
| Microsoft.SecurityGraph/diagnosticsettings/write | 撰寫診斷設定 |
| Microsoft.SecurityGraph/diagnosticsettings/read | 讀取診斷設定 |
| Microsoft.SecurityGraph/diagnosticsettings/delete | 刪除診斷設定 |
| Microsoft.SecurityGraph/diagnosticsettingscategories/read | 讀取診斷設定類別 |
Microsoft.SecurityInsights
Azure 服務: Microsoft Sentinel
| 動作 | 描述 |
|---|---|
| Microsoft.SecurityInsights/register/action | 向 Azure Sentinel 註冊訂用帳戶 |
| Microsoft.SecurityInsights/unregister/action | 從 Azure Sentinel 取消註冊訂用帳戶 |
| Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action | 檢查使用者授權和授權 |
| Microsoft.SecurityInsights/contentTranslators/action | 檢查內容的翻譯 |
| Microsoft.SecurityInsights/Aggregations/read | 取得匯總資訊 |
| Microsoft.SecurityInsights/alertRules/read | 取得警示規則 |
| Microsoft.SecurityInsights/alertRules/write | 更新警示規則 |
| Microsoft.SecurityInsights/alertRules/delete | 刪除警示規則 |
| Microsoft.SecurityInsights/alertRules/triggerRuleRun/action | 觸發隨選規則執行 |
| Microsoft.SecurityInsights/alertRules/actions/read | 取得警示規則的回應動作 |
| Microsoft.SecurityInsights/alertRules/actions/write | 更新警示規則的回應動作 |
| Microsoft.SecurityInsights/alertRules/actions/delete | 刪除警示規則的回應動作 |
| Microsoft.SecurityInsights/automationRules/read | 取得自動化規則 |
| Microsoft.SecurityInsights/automationRules/write | 更新自動化規則 |
| Microsoft.SecurityInsights/automationRules/delete | 刪除自動化規則 |
| Microsoft.SecurityInsights/BillingStatistics/read | 讀取 BillingStatistics |
| Microsoft.SecurityInsights/Bookmarks/read | 取得書籤 |
| Microsoft.SecurityInsights/Bookmarks/write | 更新書籤 |
| Microsoft.SecurityInsights/Bookmarks/delete | 刪除書籤 |
| Microsoft.SecurityInsights/Bookmarks/expand/action | 依特定擴充取得實體的相關實體 |
| Microsoft.SecurityInsights/bookmarks/relations/read | 取得書籤關聯 |
| Microsoft.SecurityInsights/bookmarks/relations/write | 更新書籤關聯 |
| Microsoft.SecurityInsights/bookmarks/relations/delete | 刪除書籤關聯 |
| Microsoft.SecurityInsights/businessApplicationAgents/read | 取得商務應用程式代理程式 |
| Microsoft.SecurityInsights/businessApplicationAgents/write | 建立或更新商務應用程式代理程式 |
| Microsoft.SecurityInsights/businessApplicationAgents/delete | 刪除商務應用程式代理程式 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/read | 取得商務應用程式代理程序的系統 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/write | 建立或更新商務應用程式代理程序的系統 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/delete | 刪除商務應用程式代理程序的系統 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action | 列出系統的動作 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action | 報告動作的狀態 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action | 復原動作 |
| Microsoft.SecurityInsights/cases/read | 取得案例 |
| Microsoft.SecurityInsights/cases/write | 更新案例 |
| Microsoft.SecurityInsights/cases/delete | 刪除案例 |
| Microsoft.SecurityInsights/cases/comments/read | 取得案例批注 |
| Microsoft.SecurityInsights/cases/comments/write | 建立案例批注 |
| Microsoft.SecurityInsights/cases/investigations/read | 取得案例調查 |
| Microsoft.SecurityInsights/cases/investigations/write | 更新案例的元數據 |
| Microsoft.SecurityInsights/ConfidentialWatchlists/read | 取得機密關注清單 |
| Microsoft.SecurityInsights/ConfidentialWatchlists/write | 建立機密監看清單 |
| Microsoft.SecurityInsights/ConfidentialWatchlists/delete | 刪除機密關注清單 |
| Microsoft.SecurityInsights/ContentPackages/read | 讀取可用的內容套件。 |
| Microsoft.SecurityInsights/ContentPackages/write | 安裝或卸載內容套件。 |
| Microsoft.SecurityInsights/ContentTemplates/read | 讀取已安裝的內容範本。 |
| Microsoft.SecurityInsights/ContentTemplates/delete | 刪除已安裝的內容範本。 |
| Microsoft.SecurityInsights/dataConnectors/read | 取得數據連接器 |
| Microsoft.SecurityInsights/dataConnectors/write | 更新數據連接器 |
| Microsoft.SecurityInsights/dataConnectors/delete | 刪除資料連接器 |
| Microsoft.SecurityInsights/enrichment/domain/whois/read | 取得網域的 whois 擴充 |
| Microsoft.SecurityInsights/enrichment/ip/geodata/read | 取得IP的地理數據擴充 |
| Microsoft.SecurityInsights/entities/read | 取得 sentinel 實體圖表 |
| Microsoft.SecurityInsights/entities/gettimeline/action | 取得特定範圍的實體時程表 |
| Microsoft.SecurityInsights/entities/getInsights/action | 取得特定範圍的實體深入解析 |
| Microsoft.SecurityInsights/entities/runPlaybook/action | 在實體上執行劇本 |
| Microsoft.SecurityInsights/entities/relations/read | 取得實體與相關資源之間的關聯性 |
| Microsoft.SecurityInsights/entities/relations/write | 更新實體與相關資源之間的關聯性 |
| Microsoft.SecurityInsights/entities/relations/delete | 刪除實體與相關資源之間的關聯性 |
| Microsoft.SecurityInsights/entityQueries/read | 取得實體的調查展開 |
| Microsoft.SecurityInsights/ExportConnections/read | 讀取 ExportConnections |
| Microsoft.SecurityInsights/ExportConnections/write | write ExportConnections |
| Microsoft.SecurityInsights/ExportConnections/delete | 刪除 ExportConnections |
| Microsoft.SecurityInsights/ExportConnections/ExportJobs/read | 讀取 ExportJobs |
| Microsoft.SecurityInsights/ExportConnections/ExportJobs/write | write ExportJobs |
| Microsoft.SecurityInsights/ExportConnections/ExportJobs/delete | 刪除 ExportJobs |
| Microsoft.SecurityInsights/fileimports/read | 讀取檔案匯入物件 |
| Microsoft.SecurityInsights/fileimports/write | 建立或更新檔案匯入 |
| Microsoft.SecurityInsights/fileimports/delete | 刪除檔案匯入 |
| Microsoft.SecurityInsights/hunts/read | 取得搜捕 |
| Microsoft.SecurityInsights/hunts/write | 建立搜捕 |
| Microsoft.SecurityInsights/hunts/delete | 刪除搜捕 |
| Microsoft.SecurityInsights/hunts/comments/read | 取得搜捕批注 |
| Microsoft.SecurityInsights/hunts/comments/write | 建立搜捕批注 |
| Microsoft.SecurityInsights/hunts/comments/delete | 刪除搜捕批注 |
| Microsoft.SecurityInsights/hunts/relations/read | 取得亨特關係 |
| Microsoft.SecurityInsights/hunts/relations/write | 建立搜捕關係 |
| Microsoft.SecurityInsights/hunts/relations/delete | 刪除搜捕關聯 |
| Microsoft.SecurityInsights/incidents/read | 取得事件 |
| Microsoft.SecurityInsights/incidents/write | 更新事件 |
| Microsoft.SecurityInsights/incidents/delete | 刪除事件 |
| Microsoft.SecurityInsights/incidents/createTeam/action | 建立Microsoft小組,藉由在參與者之間共用資訊和見解來調查事件 |
| Microsoft.SecurityInsights/incidents/runPlaybook/action | 在事件上執行劇本 |
| Microsoft.SecurityInsights/incidents/comments/read | 取得事件批注 |
| Microsoft.SecurityInsights/incidents/comments/write | 建立事件的批注 |
| Microsoft.SecurityInsights/incidents/comments/delete | 刪除事件的批注 |
| Microsoft.SecurityInsights/incidents/relations/read | 取得事件與相關資源之間的關聯性 |
| Microsoft.SecurityInsights/incidents/relations/write | 更新事件與相關資源之間的關聯性 |
| Microsoft.SecurityInsights/incidents/relations/delete | 刪除事件與相關資源之間的關聯性 |
| Microsoft.SecurityInsights/incidents/tasks/read | 取得事件的工作 |
| Microsoft.SecurityInsights/incidents/tasks/write | 更新事件的工作 |
| Microsoft.SecurityInsights/incidents/tasks/delete | 刪除事件的工作 |
| Microsoft.SecurityInsights/Metadata/read | 讀取 Sentinel 內容的元數據。 |
| Microsoft.SecurityInsights/Metadata/write | 寫入 Sentinel 內容的元數據。 |
| Microsoft.SecurityInsights/Metadata/delete | 刪除 Sentinel 內容的元數據。 |
| Microsoft.SecurityInsights/officeConsents/read | 取得 Microsoft Office 的同意 |
| Microsoft.SecurityInsights/officeConsents/delete | 從 Microsoft Office 刪除同意 |
| Microsoft.SecurityInsights/onboardingStates/read | 取得上線狀態 |
| Microsoft.SecurityInsights/onboardingStates/write | 更新上線狀態 |
| Microsoft.SecurityInsights/onboardingStates/delete | 刪除上線狀態 |
| Microsoft.SecurityInsights/operations/read | 取得作業 |
| Microsoft.SecurityInsights/securityMLAnalyticsSettings/read | 取得分析設定 |
| Microsoft.SecurityInsights/securityMLAnalyticsSettings/write | 更新分析設定 |
| Microsoft.SecurityInsights/securityMLAnalyticsSettings/delete | 刪除分析設定 |
| Microsoft.SecurityInsights/settings/read | 取得設定 |
| Microsoft.SecurityInsights/settings/write | 更新設定 |
| Microsoft.SecurityInsights/settings/delete | 刪除設定 |
| Microsoft.SecurityInsights/SourceControls/read | 讀取 SourceControls |
| Microsoft.SecurityInsights/SourceControls/write | write SourceControls |
| Microsoft.SecurityInsights/SourceControls/delete | 刪除 SourceControls |
| Microsoft.SecurityInsights/threatintelligence/read | 取得威脅情報 |
| Microsoft.SecurityInsights/threatintelligence/write | 更新威脅情報 |
| Microsoft.SecurityInsights/threatintelligence/delete | 刪除威脅情報 |
| Microsoft.SecurityInsights/threatintelligence/query/action | 查詢威脅情報 |
| Microsoft.SecurityInsights/threatintelligence/metrics/action | 收集威脅情報計量 |
| Microsoft.SecurityInsights/threatintelligence/bulkDelete/action | 大量刪除威脅情報 |
| Microsoft.SecurityInsights/threatintelligence/bulkTag/action | 大量標記威脅情報 |
| Microsoft.SecurityInsights/threatintelligence/createIndicator/action | 建立威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/queryIndicators/action | 查詢威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/read | 讀取 TI 大量動作物件 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/write | 建立或更新 TI 大量動作 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/delete | 刪除 TI 大量動作 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/query/action | 查詢威脅情報 STIX 物件 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/count/action | 查詢威脅情報 STIX 物件計數 |
| Microsoft.SecurityInsights/threatintelligence/indicators/write | 更新威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/indicators/delete | 刪除威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/indicators/query/action | 查詢威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/indicators/metrics/action | 取得威脅情報指標計量 |
| Microsoft.SecurityInsights/threatintelligence/indicators/bulkDelete/action | 大量刪除威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/indicators/bulkTag/action | 大量標記威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/indicators/read | 取得威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/indicators/appendTags/action | 將標籤附加至威脅情報指標 |
| Microsoft.SecurityInsights/threatintelligence/indicators/replaceTags/action | 取代威脅情報指標的標記 |
| Microsoft.SecurityInsights/threatintelligence/ingestionrulelist/read | 讀取 TI 擷取規則物件的集合 |
| Microsoft.SecurityInsights/threatintelligence/ingestionrulelist/write | 建立或更新一組 TI 擷取規則 |
| Microsoft.SecurityInsights/threatintelligence/metrics/read | 收集威脅情報計量 |
| Microsoft.SecurityInsights/threatintelligence/threatactors/read | 讀取 TI 威脅執行者物件 |
| Microsoft.SecurityInsights/threatintelligence/threatactors/write | 建立或更新 TI 威脅執行者 |
| Microsoft.SecurityInsights/threatintelligence/threatactors/delete | 刪除 TI 威脅執行者 |
| Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/read | 取得觸發的分析規則執行 |
| Microsoft.SecurityInsights/Watchlists/read | 取得監看清單 |
| Microsoft.SecurityInsights/Watchlists/write | 建立監看清單 |
| Microsoft.SecurityInsights/Watchlists/delete | 刪除關注清單 |
| Microsoft.SecurityInsights/WorkspaceManagerAssignments/read | 取得 WorkspaceManager 指派 |
| Microsoft.SecurityInsights/WorkspaceManagerAssignments/write | 建立 WorkspaceManager 指派 |
| Microsoft.SecurityInsights/WorkspaceManagerAssignments/delete | 刪除 WorkspaceManager 指派 |
| Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/read | 取得 WorkspaceManagerAssignments 作業 |
| Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/write | 建立 WorkspaceManagerAssignments 作業 |
| Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/delete | 刪除 WorkspaceManagerAssignments 作業 |
| Microsoft.SecurityInsights/WorkspaceManagerConfigurations/read | 取得 WorkspaceManager 組態 |
| Microsoft.SecurityInsights/WorkspaceManagerConfigurations/write | 建立 WorkspaceManager 組態 |
| Microsoft.SecurityInsights/WorkspaceManagerConfigurations/delete | 刪除 WorkspaceManager 組態 |
| Microsoft.SecurityInsights/WorkspaceManagerGroups/read | 取得 WorkspaceManager 群組 |
| Microsoft.SecurityInsights/WorkspaceManagerGroups/write | 建立 WorkspaceManager 群組 |
| Microsoft.SecurityInsights/WorkspaceManagerGroups/delete | 刪除 WorkspaceManager 群組 |
| Microsoft.SecurityInsights/WorkspaceManagerMembers/read | 取得 WorkspaceManager 成員 |
| Microsoft.SecurityInsights/WorkspaceManagerMembers/write | 建立 WorkspaceManager 成員 |
| Microsoft.SecurityInsights/WorkspaceManagerMembers/delete | 刪除 WorkspaceManager 成員 |
下一步
- Azure 資源提供者和類型 \(部分機器翻譯\)