Integrierte Azure-Rollen für Netzwerke
In diesem Artikel werden die integrierten Azure-Rollen in der Kategorie "Netzwerk" aufgeführt.
Azure Front Door Do Standard Mitwirkender
Für die interne Verwendung in Azure. Kann Azure Front Door verwalten Standard s, aber keinen Zugriff auf andere Benutzer gewähren.
Aktionen | Beschreibung |
---|---|
Microsoft.Cdn/operationresults/profileresults/customdo Standard results/read | |
Microsoft.Cdn/profiles/customdo Standard s/read | |
Microsoft.Cdn/profiles/customdo Standard s/write | |
Microsoft.Cdn/profiles/customdo Standard s/delete | |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0ab34830-df19-4f8c-b84e-aa85b8afa6e8",
"name": "0ab34830-df19-4f8c-b84e-aa85b8afa6e8",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read",
"Microsoft.Cdn/profiles/customdomains/read",
"Microsoft.Cdn/profiles/customdomains/write",
"Microsoft.Cdn/profiles/customdomains/delete",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Domain Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Front Door Do Standard Reader
Für die interne Verwendung in Azure. Kann Azure Front Door-Aktionen anzeigen Standard, aber keine Änderungen vornehmen.
Aktionen | Beschreibung |
---|---|
Microsoft.Cdn/operationresults/profileresults/customdo Standard results/read | |
Microsoft.Cdn/profiles/customdo Standard s/read | |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0f99d363-226e-4dca-9920-b807cf8e1a5f",
"name": "0f99d363-226e-4dca-9920-b807cf8e1a5f",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/customdomainresults/read",
"Microsoft.Cdn/profiles/customdomains/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Domain Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Front Door Profile Reader
Kann AFD-Standard- und Premiumprofile und deren Endpunkte anzeigen, aber keine Änderungen vornehmen.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Cdn/edgenodes/read | |
Microsoft.Cdn/operationresults/* | |
Microsoft.Cdn/profiles/*/read | |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDo Standard DNSMappingStatus/action | |
Microsoft.Cdn/profiles/queryloganalyticsmetrics/action | |
Microsoft.Cdn/profiles/queryloganalyticsrankings/action | |
Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action | |
Microsoft.Cdn/profiles/querywafloganalyticsrankings/action | |
Microsoft.Cdn/profiles/afdendpoints/CheckCustomDo Standard DNSMappingStatus/action | |
Microsoft.Cdn/profiles/Usages/action | |
Microsoft.Cdn/profiles/afdendpoints/Usages/action | |
Microsoft.Cdn/profiles/origingroups/Usages/action | |
Microsoft.Cdn/profiles/rulesets/Usages/action | |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can view AFD standard and premium profiles and their endpoints, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/662802e2-50f6-46b0-aed2-e834bacc6d12",
"name": "662802e2-50f6-46b0-aed2-e834bacc6d12",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Cdn/operationresults/profileresults/afdendpointresults/CheckCustomDomainDNSMappingStatus/action",
"Microsoft.Cdn/profiles/queryloganalyticsmetrics/action",
"Microsoft.Cdn/profiles/queryloganalyticsrankings/action",
"Microsoft.Cdn/profiles/querywafloganalyticsmetrics/action",
"Microsoft.Cdn/profiles/querywafloganalyticsrankings/action",
"Microsoft.Cdn/profiles/afdendpoints/CheckCustomDomainDNSMappingStatus/action",
"Microsoft.Cdn/profiles/Usages/action",
"Microsoft.Cdn/profiles/afdendpoints/Usages/action",
"Microsoft.Cdn/profiles/origingroups/Usages/action",
"Microsoft.Cdn/profiles/rulesets/Usages/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Profile Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Geheimer Mitwirkender von Azure Front Door
Für die interne Verwendung in Azure. Kann Geheime Azure Front Door-Schlüssel verwalten, aber keinen Zugriff auf andere Benutzer gewähren.
Aktionen | Beschreibung |
---|---|
Microsoft.Cdn/operationresults/profileresults/secretresults/read | |
Microsoft.Cdn/profiles/secrets/read | |
Microsoft.Cdn/profiles/secrets/write | |
Microsoft.Cdn/profiles/secrets/delete | |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3f2eb865-5811-4578-b90a-6fc6fa0df8e5",
"name": "3f2eb865-5811-4578-b90a-6fc6fa0df8e5",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/secretresults/read",
"Microsoft.Cdn/profiles/secrets/read",
"Microsoft.Cdn/profiles/secrets/write",
"Microsoft.Cdn/profiles/secrets/delete",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Secret Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Geheimer Azure-Vortürleser
Für die interne Verwendung in Azure. Sie können geheime Azure-Front Door-Schlüssel anzeigen, aber keine Änderungen vornehmen.
Aktionen | Beschreibung |
---|---|
Microsoft.Cdn/operationresults/profileresults/secretresults/read | |
Microsoft.Cdn/profiles/secrets/read | |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0db238c4-885e-4c4f-a933-aa2cef684fca",
"name": "0db238c4-885e-4c4f-a933-aa2cef684fca",
"permissions": [
{
"actions": [
"Microsoft.Cdn/operationresults/profileresults/secretresults/read",
"Microsoft.Cdn/profiles/secrets/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure Front Door Secret Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender für den CDN-Endpunkt
Diese Rolle kann CDN-Endpunkte verwalten, aber anderen Benutzern keinen Zugriff erteilen.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Cdn/edgenodes/read | |
Microsoft.Cdn/operationresults/* | |
Microsoft.Cdn/profiles/endpoints/* | |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Can manage CDN endpoints, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45",
"name": "426e0c7f-0c7e-4658-b36f-ff54d6c29b45",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/endpoints/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Endpoint Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
CDN-Endpunktleser
Diese Rolle kann CDN-Endpunkte anzeigen, aber keine Änderungen vornehmen.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Cdn/edgenodes/read | |
Microsoft.Cdn/operationresults/* | |
Microsoft.Cdn/profiles/endpoints/*/read | |
Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action | |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Can view CDN endpoints, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd",
"name": "871e35f6-b5c1-49cc-a043-bde969a0f2cd",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/endpoints/*/read",
"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Endpoint Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender für das CDN-Profil
Kann CDN- und Azure Front Door-Standard- und Premiumprofile und deren Endpunkte verwalten, aber keinen Zugriff auf andere Benutzer gewähren.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Cdn/edgenodes/read | |
Microsoft.Cdn/operationresults/* | |
Microsoft.Cdn/profiles/* | |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Can manage CDN and Azure Front Door standard and premium profiles and their endpoints, but can't grant access to other users.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432",
"name": "ec156ff8-a8d1-4d15-830c-5b80698ca432",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Profile Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
CDN-Profilleser
Diese Rolle kann CDN-Profile und deren Endpunkte anzeigen, aber keine Änderungen vornehmen.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Cdn/edgenodes/read | |
Microsoft.Cdn/operationresults/* | |
Microsoft.Cdn/profiles/*/read | |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action | |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
Microsoft.Cdn/profiles/CheckResourceUsage/action | |
Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action | |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Can view CDN profiles and their endpoints, but can't make changes.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af",
"name": "8f96442b-4075-438f-813d-ad51ab4019af",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Cdn/edgenodes/read",
"Microsoft.Cdn/operationresults/*",
"Microsoft.Cdn/profiles/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Cdn/profiles/afdendpoints/validateCustomDomain/action",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Cdn/profiles/CheckResourceUsage/action",
"Microsoft.Cdn/profiles/endpoints/CheckResourceUsage/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "CDN Profile Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender von klassischem Netzwerk
Ermöglicht Ihnen das Verwalten von klassischen Netzwerken, nicht aber den Zugriff darauf.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.ClassicNetwork/* | Erstellen und Verwalten von klassischen Netzwerken |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage classic networks, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f",
"name": "b34d265f-36f7-4a0d-a4d4-e158ca92e90f",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.ClassicNetwork/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Classic Network Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
DNS Zone Contributor
Ermöglicht Ihnen die Verwaltung von DNS-Zonen und Ressourceneintragssätzen in Azure DNS, aber nicht zu steuern, wer darauf Zugriff hat.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Network/dnsZones/* | Erstellen und Verwalten von DNS-Zonen und -Einträgen |
Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314",
"name": "befefa01-2a29-4197-83a8-272ff33ce314",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Network/dnsZones/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "DNS Zone Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender von virtuellem Netzwerk
Ermöglicht Ihnen das Verwalten von Netzwerken, nicht aber den Zugriff darauf.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Network/* | Erstellen und Verwalten von Netzwerken |
Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage networks, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7",
"name": "4d97b98b-1d4f-4787-a291-c67834d212e7",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Network/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Network Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Mitwirkender für private DNS-Zone
Ermöglicht Ihnen das Verwalten privater DNS-Zonenressourcen, aber nicht der virtuellen Netzwerke, mit denen sie verknüpft sind.
Aktionen | BESCHREIBUNG |
---|---|
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
Microsoft.Network/privateDnsZones/* | |
Microsoft.Network/privateDnsOperationResults/* | |
Microsoft.Network/privateDnsOperationStatuses/* | |
Microsoft.Network/virtualNetworks/read | Dient zum Abrufen der Definition des virtuellen Netzwerks. |
Microsoft.Network/virtualNetworks/join/action | Verknüpft ein virtuelles Netzwerk. Nicht warnbar. |
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage private DNS zone resources, but not the virtual networks they are linked to.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f",
"name": "b12aa53e-6015-4669-85d0-8515ebb3ae7f",
"permissions": [
{
"actions": [
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Network/privateDnsZones/*",
"Microsoft.Network/privateDnsOperationResults/*",
"Microsoft.Network/privateDnsOperationStatuses/*",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/virtualNetworks/join/action",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Private DNS Zone Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Traffic Manager-Mitwirkender
Ermöglicht Ihnen die Verwaltung von Traffic Manager-Profilen, aber nicht die Steuerung des Zugriffs darauf.
Aktionen | Beschreibung |
---|---|
Microsoft.Authorization/*/read | Lesen von Rollen und Rollenzuweisungen |
Microsoft.Insights/alertRules/* | Erstellen und Verwalten einer klassischen Metrikwarnung |
Microsoft.Network/trafficManagerProfiles/* | |
Microsoft.ResourceHealth/availabilityStatuses/read | Ruft den Verfügbarkeitsstatus für alle Ressourcen im angegebenen Bereich ab. |
Microsoft.Resources/deployments/* | Erstellen und Verwalten einer Bereitstellung |
Microsoft.Resources/subscriptions/resourceGroups/read | Ruft Ressourcengruppen ab oder listet sie auf. |
Microsoft.Support/* | Erstellen und Aktualisieren eines Supporttickets |
NotActions | |
keine | |
DataActions | |
keine | |
NotDataActions | |
keine |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Traffic Manager profiles, but does not let you control who has access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7",
"name": "a4b10055-b0c7-44c2-b00f-c7b5b3550cf7",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Network/trafficManagerProfiles/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Traffic Manager Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}