Role Definitions - Create Or Update
Membuat atau memperbarui definisi peran kustom.
PUT {vaultBaseUrl}/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionName}?api-version=7.4Parameter URI
| Nama | Dalam | Diperlukan | Jenis | Deskripsi |
|---|---|---|---|---|
|
role
|
path | True |
string |
Nama definisi peran yang akan dibuat atau diperbarui. Ini bisa menjadi GUID yang valid. |
|
scope
|
path | True |
string |
Cakupan definisi peran untuk membuat atau memperbarui. HSM terkelola hanya mendukung '/'. |
|
vault
|
path | True |
string |
Nama vault, misalnya https://myvault.vault.azure.net. |
|
api-version
|
query | True |
string |
Versi API klien. |
Isi Permintaan
| Nama | Diperlukan | Jenis | Deskripsi |
|---|---|---|---|
| properties | True |
Properti definisi peran. |
Respons
| Nama | Jenis | Deskripsi |
|---|---|---|
| 201 Created |
Dibuat - Mengembalikan informasi tentang definisi peran. |
|
| Other Status Codes |
Key Vault respons kesalahan yang menjelaskan mengapa operasi gagal. |
Contoh
PutRoleDefinition
Sample Request
PUT https://myvault.vault.azure.net//keys/providers/Microsoft.Authorization/roleDefinitions/00000000-0000-0000-0000-000000000000?api-version=7.4
{
"properties": {
"roleName": "My custom role",
"type": "CustomRole",
"description": "Role description",
"permissions": [
{
"dataActions": [
"Microsoft.KeyVault/managedHsm/keys/sign/action"
]
}
]
}
}
Sample Response
{
"properties": {
"roleName": "My custom role",
"type": "CustomRole",
"description": "Role description",
"assignableScopes": [
"/"
],
"permissions": [
{
"dataActions": [
"Microsoft.KeyVault/managedHsm/keys/sign/action"
]
}
]
},
"id": "Microsoft.KeyVault/providers/Microsoft.Authorization/roleDefinitions/00000000-0000-0000-0000-000000000000",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "00000000-0000-0000-0000-000000000000"
}Definisi
| Nama | Deskripsi |
|---|---|
|
Data |
Izin yang didukung untuk tindakan data. |
| Error |
Kesalahan server brankas kunci. |
|
Key |
Pengecualian kesalahan brankas kunci. |
| Permission |
Izin definisi peran. |
|
Role |
Definisi peran. |
|
Role |
Definisi peran membuat parameter. |
|
Role |
Properti definisi peran. |
|
Role |
Jenis definisi peran. |
|
Role |
Cakupan peran. |
|
Role |
Jenis peran. |
DataAction
Izin yang didukung untuk tindakan data.
| Nama | Jenis | Deskripsi |
|---|---|---|
| Microsoft.KeyVault/managedHsm/backup/start/action |
string |
Mulai pencadangan HSM. |
| Microsoft.KeyVault/managedHsm/backup/status/action |
string |
Membaca status pencadangan HSM. |
| Microsoft.KeyVault/managedHsm/keys/backup/action |
string |
Cadangkan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/create |
string |
Buat kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/decrypt/action |
string |
Dekripsi menggunakan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/delete |
string |
Menghapus kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/deletedKeys/delete |
string |
Hapus menyeluruh kunci HSM yang dihapus. |
| Microsoft.KeyVault/managedHsm/keys/deletedKeys/read/action |
string |
Membaca kunci HSM yang dihapus. |
| Microsoft.KeyVault/managedHsm/keys/deletedKeys/recover/action |
string |
Pulihkan kunci HSM yang dihapus. |
| Microsoft.KeyVault/managedHsm/keys/encrypt/action |
string |
Enkripsi menggunakan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/export/action |
string |
Ekspor kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/import/action |
string |
Mengimpor kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/read/action |
string |
Baca metadata kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/release/action |
string |
Merilis kunci HSM menggunakan Rilis Kunci Aman. |
| Microsoft.KeyVault/managedHsm/keys/restore/action |
string |
Memulihkan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/sign/action |
string |
Masuk menggunakan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/unwrap/action |
string |
Buka bungkus menggunakan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/verify/action |
string |
Verifikasi menggunakan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/wrap/action |
string |
Bungkus menggunakan kunci HSM. |
| Microsoft.KeyVault/managedHsm/keys/write/action |
string |
Memperbarui kunci HSM. |
| Microsoft.KeyVault/managedHsm/restore/start/action |
string |
Mulai pemulihan HSM. |
| Microsoft.KeyVault/managedHsm/restore/status/action |
string |
Membaca status pemulihan HSM. |
| Microsoft.KeyVault/managedHsm/rng/action |
string |
Menghasilkan angka acak. |
| Microsoft.KeyVault/managedHsm/roleAssignments/delete/action |
string |
Menghapus penetapan peran. |
| Microsoft.KeyVault/managedHsm/roleAssignments/read/action |
string |
Mendapatkan penetapan peran. |
| Microsoft.KeyVault/managedHsm/roleAssignments/write/action |
string |
Membuat atau memperbarui penetapan peran. |
| Microsoft.KeyVault/managedHsm/roleDefinitions/delete/action |
string |
Menghapus definisi peran. |
| Microsoft.KeyVault/managedHsm/roleDefinitions/read/action |
string |
Dapatkan definisi peran. |
| Microsoft.KeyVault/managedHsm/roleDefinitions/write/action |
string |
Membuat atau memperbarui definisi peran. |
| Microsoft.KeyVault/managedHsm/securitydomain/download/action |
string |
Unduh domain keamanan HSM. |
| Microsoft.KeyVault/managedHsm/securitydomain/download/read |
string |
Periksa status unduhan domain keamanan HSM. |
| Microsoft.KeyVault/managedHsm/securitydomain/transferkey/read |
string |
Unduh kunci transfer domain keamanan HSM. |
| Microsoft.KeyVault/managedHsm/securitydomain/upload/action |
string |
Unggah domain keamanan HSM. |
| Microsoft.KeyVault/managedHsm/securitydomain/upload/read |
string |
Periksa status file pertukaran domain keamanan HSM. |
Error
Kesalahan server brankas kunci.
| Nama | Jenis | Deskripsi |
|---|---|---|
| code |
string |
Kode kesalahan. |
| innererror |
Kesalahan server brankas kunci. |
|
| message |
string |
Pesan kesalahan. |
KeyVaultError
Pengecualian kesalahan brankas kunci.
| Nama | Jenis | Deskripsi |
|---|---|---|
| error |
Kesalahan server brankas kunci. |
Permission
Izin definisi peran.
| Nama | Jenis | Deskripsi |
|---|---|---|
| actions |
string[] |
Izin tindakan yang diberikan. |
| dataActions |
Izin tindakan data yang diberikan. |
|
| notActions |
string[] |
Izin tindakan yang dikecualikan tetapi tidak ditolak. Mereka dapat diberikan oleh definisi peran lain yang ditetapkan kepada prinsipal. |
| notDataActions |
Izin tindakan data yang dikecualikan tetapi tidak ditolak. Mereka dapat diberikan oleh definisi peran lain yang ditetapkan kepada prinsipal. |
RoleDefinition
Definisi peran.
| Nama | Jenis | Deskripsi |
|---|---|---|
| id |
string |
ID definisi peran. |
| name |
string |
Nama definisi peran. |
| properties.assignableScopes |
Cakupan yang dapat ditetapkan definisi peran. |
|
| properties.description |
string |
Deskripsi definisi peran. |
| properties.permissions |
Izin definisi peran. |
|
| properties.roleName |
string |
Nama peran. |
| properties.type |
Jenis peran. |
|
| type |
Jenis definisi peran. |
RoleDefinitionCreateParameters
Definisi peran membuat parameter.
| Nama | Jenis | Deskripsi |
|---|---|---|
| properties |
Properti definisi peran. |
RoleDefinitionProperties
Properti definisi peran.
| Nama | Jenis | Deskripsi |
|---|---|---|
| assignableScopes |
Cakupan yang dapat ditetapkan definisi peran. |
|
| description |
string |
Deskripsi definisi peran. |
| permissions |
Izin definisi peran. |
|
| roleName |
string |
Nama peran. |
| type |
Jenis peran. |
RoleDefinitionType
Jenis definisi peran.
| Nama | Jenis | Deskripsi |
|---|---|---|
| Microsoft.Authorization/roleDefinitions |
string |
RoleScope
Cakupan peran.
| Nama | Jenis | Deskripsi |
|---|---|---|
| / |
string |
Lingkup global |
| /keys |
string |
Cakupan kunci |
RoleType
Jenis peran.
| Nama | Jenis | Deskripsi |
|---|---|---|
| AKVBuiltInRole |
string |
Peran bawaan. |
| CustomRole |
string |
Peran kustom. |