Ruoli predefiniti di AzureAzure built-in roles

Il controllo degli accessi in base al ruolo di Azure ha diversi ruoli predefiniti di Azure che è possibile assegnare a utenti, gruppi, entità servizio e identità gestite.Azure role-based access control (Azure RBAC) has several Azure built-in roles that you can assign to users, groups, service principals, and managed identities. Le assegnazioni di ruolo sono il modo in cui si controlla l'accesso alle risorse di Azure.Role assignments are the way you control access to Azure resources. Se i ruoli predefiniti non soddisfano le esigenze specifiche dell'organizzazione, è possibile creare ruoli personalizzati di Azure.If the built-in roles don't meet the specific needs of your organization, you can create your own Azure custom roles.

Questo articolo illustra i ruoli predefiniti di Azure, che sono in continua evoluzione.This article lists the Azure built-in roles, which are always evolving. Per ottenere i ruoli più recenti, usare Get-AzRoleDefinition o az role definition list.To get the latest roles, use Get-AzRoleDefinition or az role definition list. Se si cercano ruoli di amministratore per Azure Active Directory (Azure AD), vedere Autorizzazioni del ruolo di amministratore in Azure Active Directory.If you are looking for administrator roles for Azure Active Directory (Azure AD), see Administrator role permissions in Azure Active Directory.

La tabella seguente contiene una breve descrizione e l'ID univoco di ogni ruolo predefinito.The following table provides a brief description and the unique ID of each built-in role. Fare clic sul nome del ruolo per vedere l'elenco di Actions, NotActions, DataActions e NotDataActions per ogni ruolo.Click the role name to see the list of Actions, NotActions, DataActions, and NotDataActions for each role. Per informazioni sul significato di queste azioni e su come si applicano ai piani di gestione e ai piani dati, vedere Informazioni sulle definizioni dei ruoli di Azure.For information about what these actions mean and how they apply to the management and data planes, see Understand Azure role definitions.

TuttiAll

Ruolo predefinitoBuilt-in role DescrizioneDescription IDID
GeneraleGeneral
CollaboratoreContributor Concede l'accesso completo per la gestione di tutte le risorse, ma non consente di assegnare i ruoli in RBAC di Azure.Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC. b24988ac-6180-42a0-ab88-20f7382dd24cb24988ac-6180-42a0-ab88-20f7382dd24c
ProprietarioOwner Concede l'accesso completo per la gestione di tutte le risorse, inclusa la possibilità di assegnare ruoli in controllo degli accessi in base al ruoloGrants full access to manage all resources, including the ability to assign roles in Azure RBAC. 8e3af657-a8ff-443c-a75c-2fe8c4bcb6358e3af657-a8ff-443c-a75c-2fe8c4bcb635
LettoreReader Consente di visualizzare tutte le risorse, ma non di apportare modifiche.View all resources, but does not allow you to make any changes. acdd72a7-3385-48ef-bd42-f606fba81ae7acdd72a7-3385-48ef-bd42-f606fba81ae7
Amministratore accessi utenteUser Access Administrator Consente di gestire gli accessi utente alle risorse di Azure.Lets you manage user access to Azure resources. 18d7d88d-d35e-4fb5-a5c3-7773c20a72d918d7d88d-d35e-4fb5-a5c3-7773c20a72d9
CalcoloCompute
Collaboratore macchine virtuali classicheClassic Virtual Machine Contributor Consente di gestire le macchine virtuali classiche, ma non di accedervi né di gestire la rete virtuale o l'account di archiviazione a cui sono connesse.Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they're connected to. d73bb868-a0df-4d4d-bd69-98a00b01fccbd73bb868-a0df-4d4d-bd69-98a00b01fccb
Virtual Machine Administrator Login (Accesso amministratore macchina virtuale)Virtual Machine Administrator Login Consente di visualizzare le macchine virtuali nel portale e di accedere come amministratoreView Virtual Machines in the portal and login as administrator 1c0163c0-47e6-4577-8991-ea5c82e286e41c0163c0-47e6-4577-8991-ea5c82e286e4
Collaboratore macchine virtualiVirtual Machine Contributor Consente di gestire le macchine virtuali, ma non di accedervi né di gestire la rete virtuale o l'account di archiviazione a cui sono connesse.Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to. 9980e02c-c2be-4d73-94e8-173b1dc7cf3c9980e02c-c2be-4d73-94e8-173b1dc7cf3c
Virtual Machine User Login (Accesso utente macchina virtuale)Virtual Machine User Login Consente di visualizzare le macchine virtuali nel portale e di accedere come utente normale.View Virtual Machines in the portal and login as a regular user. fb879df8-f326-4884-b1cf-06f3ad86be52fb879df8-f326-4884-b1cf-06f3ad86be52
ReteNetworking
Collaboratore endpoint rete CDNCDN Endpoint Contributor Può gestire gli endpoint della rete CDN, ma non può concedere l'accesso ad altri utenti.Can manage CDN endpoints, but can't grant access to other users. 426e0c7f-0c7e-4658-b36f-ff54d6c29b45426e0c7f-0c7e-4658-b36f-ff54d6c29b45
Lettore endpoint rete CDNCDN Endpoint Reader Può visualizzare gli endpoint della rete CDN, ma non può apportare modifiche.Can view CDN endpoints, but can't make changes. 871e35f6-b5c1-49cc-a043-bde969a0f2cd871e35f6-b5c1-49cc-a043-bde969a0f2cd
Collaboratore profilo rete CDNCDN Profile Contributor Può gestire i profili e i rispettivi endpoint della rete CDN, ma non può concedere l'accesso ad altri utenti.Can manage CDN profiles and their endpoints, but can't grant access to other users. ec156ff8-a8d1-4d15-830c-5b80698ca432ec156ff8-a8d1-4d15-830c-5b80698ca432
Lettore profilo rete CDNCDN Profile Reader Può visualizzare i profili e i rispettivi endpoint della rete CDN, ma non può apportare modifiche.Can view CDN profiles and their endpoints, but can't make changes. 8f96442b-4075-438f-813d-ad51ab4019af8f96442b-4075-438f-813d-ad51ab4019af
Collaboratore reti virtuali classicheClassic Network Contributor Consente di gestire le reti classiche, ma non di accedervi.Lets you manage classic networks, but not access to them. b34d265f-36f7-4a0d-a4d4-e158ca92e90fb34d265f-36f7-4a0d-a4d4-e158ca92e90f
Collaboratore zona DNSDNS Zone Contributor Consente di gestire le zone DNS e i set di record in DNS di Azure, ma non di controllare chi è autorizzato ad accedervi.Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them. befefa01-2a29-4197-83a8-272ff33ce314befefa01-2a29-4197-83a8-272ff33ce314
Collaboratore di reteNetwork Contributor Consente di gestire le reti, ma non di accedervi.Lets you manage networks, but not access to them. 4d97b98b-1d4f-4787-a291-c67834d212e74d97b98b-1d4f-4787-a291-c67834d212e7
Collaboratore zona DNS privatoPrivate DNS Zone Contributor Consente di gestire le risorse della zona DNS privata, ma non le reti virtuali a cui sono collegate.Lets you manage private DNS zone resources, but not the virtual networks they are linked to. b12aa53e-6015-4669-85d0-8515ebb3ae7fb12aa53e-6015-4669-85d0-8515ebb3ae7f
Collaboratore Gestione trafficoTraffic Manager Contributor Consente di gestire i profili di Gestione traffico, ma non di controllare chi è autorizzato ad accedervi.Lets you manage Traffic Manager profiles, but does not let you control who has access to them. a4b10055-b0c7-44c2-b00f-c7b5b3550cf7a4b10055-b0c7-44c2-b00f-c7b5b3550cf7
StorageStorage
Collaboratore per AvereAvere Contributor Può creare e gestire un cluster Avere vFXT.Can create and manage an Avere vFXT cluster. 4f8fab4f-1852-4a58-a46a-8eaf358af14a4f8fab4f-1852-4a58-a46a-8eaf358af14a
Operatore di AvereAvere Operator Usato dal cluster Avere vFXT per gestire il clusterUsed by the Avere vFXT cluster to manage the cluster c025889f-8102-4ebf-b32c-fc0c6f0c6bd9c025889f-8102-4ebf-b32c-fc0c6f0c6bd9
Collaboratore di backupBackup Contributor Consente di gestire il servizio di backup, ma non di creare insiemi di credenziali e concedere l'accesso ad altri utentiLets you manage backup service, but can't create vaults and give access to others 5e467623-bb1f-42f4-a55d-6e525e11384b5e467623-bb1f-42f4-a55d-6e525e11384b
Operatore di backupBackup Operator Consente di gestire i servizi di backup, ma non di rimuovere il backup, creare insiemi di credenziali e concedere l'accesso ad altri utenti.Lets you manage backup services, except removal of backup, vault creation and giving access to others 00c29273-979b-4161-815c-10b084fb932400c29273-979b-4161-815c-10b084fb9324
Lettore di backupBackup Reader Può visualizzare i servizi di backup, ma non può apportare modifiche.Can view backup services, but can't make changes a795c7a0-d4a2-40c1-ae25-d81f01202912a795c7a0-d4a2-40c1-ae25-d81f01202912
Collaboratore account di archiviazione classicoClassic Storage Account Contributor Consente di gestire gli account di archiviazione classici, ma non di accedervi.Lets you manage classic storage accounts, but not access to them. 86e8f5dc-a6e9-4c67-9d15-de283e8eac2586e8f5dc-a6e9-4c67-9d15-de283e8eac25
Ruolo del servizio dell'operatore della chiave dell'account di archiviazione classicoClassic Storage Account Key Operator Service Role Gli operatori della chiave dell'account di archiviazione classico sono autorizzati a elencare e rigenerare le chiavi negli account di archiviazione classiciClassic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts 985d6b00-f706-48f5-a6fe-d0ca12fb668d985d6b00-f706-48f5-a6fe-d0ca12fb668d
Collaboratore Data BoxData Box Contributor Consente di gestire tutto il servizio Data Box, ad eccezione della concessione dell'accesso ad altri utenti.Lets you manage everything under Data Box Service except giving access to others. add466c9-e687-43fc-8d98-dfcf8d720be5add466c9-e687-43fc-8d98-dfcf8d720be5
Lettore Data BoxData Box Reader Consente di gestire il servizio Data Box, ad eccezione della creazione di ordini, della modifica dei dettagli dell'ordine e della concessione dell'accesso ad altri utenti.Lets you manage Data Box Service except creating order or editing order details and giving access to others. 028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027
Sviluppatore di Data Lake AnalyticsData Lake Analytics Developer Consente di inviare, monitorare e gestire i propri processi, ma non di creare o eliminare account Data Lake Analytics.Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts. 47b7735b-770e-4598-a7da-8b91488b4c8847b7735b-770e-4598-a7da-8b91488b4c88
Lettore e accesso ai datiReader and Data Access Consente di visualizzare tutti gli elementi ma non consente di eliminare o creare un account di archiviazione o una risorsa contenuta.Lets you view everything but will not let you delete or create a storage account or contained resource. Consente anche l'accesso in lettura/scrittura a tutti i dati contenuti in un account di archiviazione tramite l'accesso alle chiavi dell'account di archiviazione.It will also allow read/write access to all data contained in a storage account via access to storage account keys. c12c1c16-33a1-487b-954d-41c89c60f349c12c1c16-33a1-487b-954d-41c89c60f349
Collaboratore account di archiviazioneStorage Account Contributor Consente di gestire gli account di archiviazione.Permits management of storage accounts. Consente di accedere alla chiave dell'account, che può essere usata per accedere ai dati usando l'autorizzazione con chiave condivisa.Provides access to the account key, which can be used to access data via Shared Key authorization. 17d1049b-9a84-46fb-8f53-869881c3d3ab17d1049b-9a84-46fb-8f53-869881c3d3ab
Ruolo del servizio dell'operatore della chiave dell'account di archiviazioneStorage Account Key Operator Service Role Consente di elencare e rigenerare le chiavi di accesso dell'account di archiviazione.Permits listing and regenerating storage account access keys. 81a9662b-bebf-436f-a333-f67b29880f1281a9662b-bebf-436f-a333-f67b29880f12
Collaboratore ai dati del BLOB di archiviazioneStorage Blob Data Contributor Consente di leggere, scrivere ed eliminare i contenitori e i BLOB di archiviazione di Azure.Read, write, and delete Azure Storage containers and blobs. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. ba92f5b4-2d11-453d-a403-e96b0029c9feba92f5b4-2d11-453d-a403-e96b0029c9fe
Proprietario dei dati del BLOB di archiviazioneStorage Blob Data Owner Concede l'accesso completo ai contenitori e ai dati dei BLOB di Archiviazione di Azure, inclusa l'assegnazione del controllo di accesso POSIX.Provides full access to Azure Storage blob containers and data, including assigning POSIX access control. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. b7e6dc6d-f1e8-4753-8033-0f276bb0955bb7e6dc6d-f1e8-4753-8033-0f276bb0955b
Lettore dei dati del BLOB di archiviazioneStorage Blob Data Reader Consente di leggere ed elencare i contenitori e i BLOB di archiviazione di Azure.Read and list Azure Storage containers and blobs. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. 2a2b9908-6ea1-4ae2-8e65-a410df84e7d12a2b9908-6ea1-4ae2-8e65-a410df84e7d1
Delegante di BLOB di archiviazioneStorage Blob Delegator Ottiene una chiave di delega utente, che può quindi essere usata per creare una firma di accesso condiviso per un contenitore o un BLOB firmato con credenziali di Azure AD.Get a user delegation key, which can then be used to create a shared access signature for a container or blob that is signed with Azure AD credentials. Per altre informazioni, vedere Creare una firma di accesso condiviso di delega utente.For more information, see Create a user delegation SAS. db58b8e5-c6ad-4a2a-8342-4190687cbf4adb58b8e5-c6ad-4a2a-8342-4190687cbf4a
Collaboratore per la condivisione SMB di dati per file di archiviazioneStorage File Data SMB Share Contributor Consente l'accesso in lettura, scrittura ed eliminazione a file e directory nelle condivisioni file di Azure.Allows for read, write, and delete access on files/directories in Azure file shares. Questo ruolo non ha un equivalente predefinito nei file server Windows.This role has no built-in equivalent on Windows file servers. 0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb
Collaboratore con privilegi elevati per la condivisione SMB di dati per file di archiviazioneStorage File Data SMB Share Elevated Contributor Consente la lettura, scrittura, eliminazione e modifica degli ACL nei file e nelle directory delle condivisioni file di Azure.Allows for read, write, delete, and modify ACLs on files/directories in Azure file shares. Questo ruolo è equivalente a un ACL di modifica della condivisione file nei file server Windows.This role is equivalent to a file share ACL of change on Windows file servers. a7264617-510b-434b-a828-9731dc254ea7a7264617-510b-434b-a828-9731dc254ea7
Ruolo con autorizzazioni di lettura per la condivisione SMB di dati per file di archiviazioneStorage File Data SMB Share Reader Consente l'accesso in lettura a file e directory nelle condivisioni file di Azure.Allows for read access on files/directories in Azure file shares. Questo ruolo è equivalente a un ACL di lettura della condivisione file nei file server Windows.This role is equivalent to a file share ACL of read on Windows file servers. aba4ae5f-2193-4029-9191-0cb91df5e314aba4ae5f-2193-4029-9191-0cb91df5e314
Collaboratore ai dati della coda di archiviazioneStorage Queue Data Contributor Lettura, scrittura ed eliminazione delle code e dei messaggi delle code di Azure.Read, write, and delete Azure Storage queues and queue messages. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. 974c5e8b-45b9-4653-ba55-5f855dd0fb88974c5e8b-45b9-4653-ba55-5f855dd0fb88
Ruolo con autorizzazioni di elaborazione per i messaggi sui dati della coda di archiviazioneStorage Queue Data Message Processor Visualizzazione in anteprima, recupero ed eliminazione di un messaggio da una coda di Archiviazione di Azure.Peek, retrieve, and delete a message from an Azure Storage queue. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. 8a0f0c08-91a1-4084-bc3d-661d67233fed8a0f0c08-91a1-4084-bc3d-661d67233fed
Mittente dei messaggi sui dati della coda di archiviazioneStorage Queue Data Message Sender Consente di aggiungere messaggi a una coda di Archiviazione di Azure.Add messages to an Azure Storage queue. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. c6a89b2d-59bc-44d0-9896-0f6e12d7b80ac6a89b2d-59bc-44d0-9896-0f6e12d7b80a
Ruolo con autorizzazioni di lettura per i dati della coda di archiviazioneStorage Queue Data Reader Consente di leggere ed elencare le code e i messaggi delle code di Azure.Read and list Azure Storage queues and queue messages. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. 19e7f393-937e-4f77-808e-94535e29792519e7f393-937e-4f77-808e-94535e297925
WebWeb
Lettore di dati per Mappe di AzureAzure Maps Data Reader Concede l'accesso per la lettura dei dati correlati alle mappe da un account Mappe di Azure.Grants access to read map related data from an Azure maps account. 423170ca-a8f6-4b0f-8487-9e4eb8f49bfa423170ca-a8f6-4b0f-8487-9e4eb8f49bfa
Collaboratore servizi di ricercaSearch Service Contributor Consente di gestire i servizi di Ricerca, ma non di accedervi.Lets you manage Search services, but not access to them. 7ca78c08-252a-4471-8644-bb5ff32d4ba07ca78c08-252a-4471-8644-bb5ff32d4ba0
Collaboratore piani WebWeb Plan Contributor Consente di gestire i piani Web per i siti Web, ma non di accedervi.Lets you manage the web plans for websites, but not access to them. 2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b
Collaboratore siti WebWebsite Contributor Consente di gestire i siti Web (non i piani Web), ma non di accedervi.Lets you manage websites (not web plans), but not access to them. de139f84-1756-47ae-9be6-808fbbe84772de139f84-1756-47ae-9be6-808fbbe84772
ContenitoriContainers
AcrDeleteAcrDelete acr deleteacr delete c2f4ef07-c644-48eb-af81-4b1b4947fb11c2f4ef07-c644-48eb-af81-4b1b4947fb11
AcrImageSignerAcrImageSigner firmatario immagine acracr image signer 6cef56e8-d556-48e5-a04f-b8e64114680f6cef56e8-d556-48e5-a04f-b8e64114680f
AcrPullAcrPull acr pullacr pull 7f951dda-4ed3-4680-a7ca-43fe172d538d7f951dda-4ed3-4680-a7ca-43fe172d538d
AcrPushAcrPush acr pushacr push 8311e382-0749-4cb8-b61a-304f252e45ec8311e382-0749-4cb8-b61a-304f252e45ec
AcrQuarantineReaderAcrQuarantineReader lettore di dati di quarantena acracr quarantine data reader cdda3590-29a3-44f6-95f2-9f980659eb04cdda3590-29a3-44f6-95f2-9f980659eb04
AcrQuarantineWriterAcrQuarantineWriter writer di dati di quarantena acracr quarantine data writer c8d4ff99-41c3-41a8-9f60-21dfdad59608c8d4ff99-41c3-41a8-9f60-21dfdad59608
Ruolo di amministratore del cluster del servizio Azure KubernetesAzure Kubernetes Service Cluster Admin Role Elencare l'azione delle credenziali di amministratore del cluster.List cluster admin credential action. 0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be80ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8
Ruolo di utente del cluster del servizio Azure KubernetesAzure Kubernetes Service Cluster User Role Elencare l'azione delle credenziali di utente del cluster.List cluster user credential action. 4abbcc35-e782-43d8-92c5-2d3f1bd2253f4abbcc35-e782-43d8-92c5-2d3f1bd2253f
Ruolo Collaboratore servizio di Azure KubernetesAzure Kubernetes Service Contributor Role Concede l'accesso per la lettura e la scrittura di cluster di servizi Kubernetes di AzureGrants access to read and write Azure Kubernetes Service clusters ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8
Amministratore RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Admin Consente di gestire tutte le risorse in cluster/spazio dei nomi, ad eccezione di Aggiorna o Elimina le quote e gli spazi dei nomi delle risorse.Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. 3498e952-d568-435e-9b2c-8d77e338d7f73498e952-d568-435e-9b2c-8d77e338d7f7
Amministrazione del cluster RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Cluster Admin Consente di gestire tutte le risorse del cluster.Lets you manage all resources in the cluster. b1ff04bb-8a4e-4dc4-8eb5-8693973ce19bb1ff04bb-8a4e-4dc4-8eb5-8693973ce19b
Lettore RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Reader Consente di visualizzare tutte le risorse in cluster/spazio dei nomi, eccetto i segreti.Lets you view all resources in cluster/namespace, except secrets. 7f6c6a51-bcf8-42ba-9220-52d62157d7db7f6c6a51-bcf8-42ba-9220-52d62157d7db
Writer RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Writer Consente di aggiornare tutti gli elementi in cluster/spazio dei nomi, eccetto le quote di risorse, gli spazi dei nomi, i criteri di sicurezza Pod, le richieste di firma dei certificati, i ruoli (cluster) e le associazioni di ruolo (cluster).Lets you update everything in cluster/namespace, except resource quotas, namespaces, pod security policies, certificate signing requests, (cluster)roles and (cluster)role bindings. a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eba7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb
DatabaseDatabases
Ruolo Lettore dell'account Cosmos DBCosmos DB Account Reader Role Può leggere i dati degli account Azure Cosmos DB.Can read Azure Cosmos DB account data. Vedere Collaboratore account DocumentDB per la gestione degli account Azure Cosmos DB.See DocumentDB Account Contributor for managing Azure Cosmos DB accounts. fbdf93bf-df7d-467e-a4d2-9458aa1360c8fbdf93bf-df7d-467e-a4d2-9458aa1360c8
Operatore di Cosmos DBCosmos DB Operator Consente di gestire gli account Azure Cosmos DB, ma non di accedere ai dati contenuti negli stessi.Lets you manage Azure Cosmos DB accounts, but not access data in them. Impedisce l'accesso a chiavi dell'account e stringhe di connessione.Prevents access to account keys and connection strings. 230815da-be43-4aae-9cb4-875f7bd000aa230815da-be43-4aae-9cb4-875f7bd000aa
CosmosBackupOperatorCosmosBackupOperator Può inviare una richiesta di ripristino per un database di Cosmos DB o un contenitore per un accountCan submit restore request for a Cosmos DB database or a container for an account db7b14f2-5adf-42da-9f96-f2ee17bab5cbdb7b14f2-5adf-42da-9f96-f2ee17bab5cb
Collaboratore account DocumentDBDocumentDB Account Contributor È in grado di gestire account Azure Cosmos DB.Can manage Azure Cosmos DB accounts. Azure Cosmos DB era precedentemente noto come DocumentDB.Azure Cosmos DB is formerly known as DocumentDB. 5bd9cd88-fe45-4216-938b-f97437e154505bd9cd88-fe45-4216-938b-f97437e15450
Collaboratore cache RedisRedis Cache Contributor Consente di gestire le cache Redis, ma non di accedervi.Lets you manage Redis caches, but not access to them. e0f68234-74aa-48ed-b826-c38b57376e17e0f68234-74aa-48ed-b826-c38b57376e17
Collaboratore database SQLSQL DB Contributor Consente di gestire i database SQL, ma non di accederviLets you manage SQL databases, but not access to them. né di gestirne i criteri relativi alla sicurezza o i rispettivi server SQL padre.Also, you can't manage their security-related policies or their parent SQL servers. 9b7fa17d-e63e-47b0-bb0a-15c516ac86ec9b7fa17d-e63e-47b0-bb0a-15c516ac86ec
Collaboratore per Istanza gestita di SQLSQL Managed Instance Contributor Consente di gestire le istanze gestite di SQL e la configurazione di rete necessaria, ma non consente l'accesso ad altri utenti.Lets you manage SQL Managed Instances and required network configuration, but can't give access to others. 4939a1f6-9ae0-4e48-a1e0-f2cbe897382d4939a1f6-9ae0-4e48-a1e0-f2cbe897382d
Gestione della sicurezza SQLSQL Security Manager Consente di gestire i criteri relativi alla sicurezza di server e database SQL, ma non di accedervi.Lets you manage the security-related policies of SQL servers and databases, but not access to them. 056cd41c-7e88-42e1-933e-88ba6a50c9c3056cd41c-7e88-42e1-933e-88ba6a50c9c3
Collaboratore SQL ServerSQL Server Contributor Consente di gestire i server e i database SQL, ma non di accedervi né di gestirne i criteri relativi alla sicurezza.Lets you manage SQL servers and databases, but not access to them, and not their security-related policies. 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b4376d8ee4ec-f05a-4a1d-8b00-a9b17e38b437
AnalisiAnalytics
Proprietario dei dati di Hub eventi di AzureAzure Event Hubs Data Owner Consente l'accesso completo alle risorse di Hub eventi di Azure.Allows for full access to Azure Event Hubs resources. f526a384-b230-433a-b45c-95f59c4a2decf526a384-b230-433a-b45c-95f59c4a2dec
Ricevitore dei dati di Hub eventi di AzureAzure Event Hubs Data Receiver Consente l'accesso per la ricezione alle risorse dell'Hub eventi di Azure.Allows receive access to Azure Event Hubs resources. a638d3c7-ab3a-418d-83e6-5f17a39d4fdea638d3c7-ab3a-418d-83e6-5f17a39d4fde
Mittente dei dati di Hub eventi di AzureAzure Event Hubs Data Sender Consente l'accesso per l'invio alle risorse dell'Hub eventi di Azure.Allows send access to Azure Event Hubs resources. 2b629674-e913-4c01-ae53-ef4638d8f9752b629674-e913-4c01-ae53-ef4638d8f975
Collaboratore Data FactoryData Factory Contributor Consente di creare e gestire data factory, oltre alle risorse figlio in esse contenute.Create and manage data factories, as well as child resources within them. 673868aa-7521-48a0-acc6-0f60742d39f5673868aa-7521-48a0-acc6-0f60742d39f5
Pulizia datiData Purger Può eliminare i dati di analisiCan purge analytics data 150f5e0c-0603-4f03-8c7f-cf70034c4e90150f5e0c-0603-4f03-8c7f-cf70034c4e90
Operatore di cluster HDInsightHDInsight Cluster Operator Consente di leggere e modificare le configurazioni dei cluster HDInsight.Lets you read and modify HDInsight cluster configurations. 61ed4efc-fab3-44fd-b111-e24485cc132a61ed4efc-fab3-44fd-b111-e24485cc132a
Collaboratore Servizi di dominio HDInsightHDInsight Domain Services Contributor Può leggere, creare, modificare ed eliminare operazioni correlate ai Servizi di dominio necessarie per HDInsight Enterprise Security PackageCan Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package 8d8d5a11-05d3-4bda-a417-a08778121c7c8d8d5a11-05d3-4bda-a417-a08778121c7c
Collaboratore di Log AnalyticsLog Analytics Contributor Il ruolo Collaboratore di Log Analytics può leggere tutti i dati di monitoraggio e modificare le impostazioni di monitoraggio.Log Analytics Contributor can read all monitoring data and edit monitoring settings. La modifica delle impostazioni di monitoraggio include l'aggiunta di estensioni delle VM alle VM, la lettura delle chiavi dell'account di archiviazione per potere configurare la raccolta di log dall'Archiviazione di Azure, la creazione e la configurazione degli account di Automazione, l'aggiunta di soluzioni e la configurazione di Diagnostica di Azure in tutte le risorse di Azure.Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources. 92aaf0da-9dab-42b6-94a3-d43ce8d1629392aaf0da-9dab-42b6-94a3-d43ce8d16293
Lettore di Log AnalyticsLog Analytics Reader Il ruolo Lettore di Log Analytics può visualizzare ed eseguire ricerche in tutti i dati di monitoraggio e può visualizzare le impostazioni di monitoraggio, inclusa la visualizzazione della configurazione di Diagnostica di Azure in tutte le risorse di Azure.Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources. 73c42c96-874c-492b-b04d-ab87d138a89373c42c96-874c-492b-b04d-ab87d138a893
BlockchainBlockchain
Accesso ai nodi di tipo membro della blockchain (anteprima)Blockchain Member Node Access (Preview) Consente l'accesso ai nodi di tipo membro della blockchainAllows for access to Blockchain Member nodes 31a002a1-acaf-453e-8a5b-297c9ca1ea2431a002a1-acaf-453e-8a5b-297c9ca1ea24
Intelligenza artificiale e Machine LearningAI + machine learning
Collaboratore Servizi cognitiviCognitive Services Contributor Consente di creare, leggere, aggiornare, eliminare e gestire le chiavi di Servizi cognitivi.Lets you create, read, update, delete and manage keys of Cognitive Services. 25fbc0a9-bd7c-42a3-aa1a-3b75d497ee6825fbc0a9-bd7c-42a3-aa1a-3b75d497ee68
Ruolo con autorizzazioni di lettura per i dati di Servizi cognitivi (anteprima)Cognitive Services Data Reader (Preview) Consente di leggere i dati di Servizi cognitivi.Lets you read Cognitive Services data. b59867f0-fa02-499b-be73-45a86b5b3e1cb59867f0-fa02-499b-be73-45a86b5b3e1c
Utente Servizi cognitiviCognitive Services User Consente di leggere ed elencare le chiavi di Servizi cognitivi.Lets you read and list keys of Cognitive Services. a97b65f3-24c7-4388-baec-2e87135dc908a97b65f3-24c7-4388-baec-2e87135dc908
Realtà mistaMixed reality
Amministratore per il rendering remotoRemote Rendering Administrator Fornisce agli utenti funzionalità di conversione, gestione delle sessioni, rendering e diagnostica per il rendering remoto di AzureProvides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering 3df8b902-2a6f-47c7-8cc5-360e9b272a7e3df8b902-2a6f-47c7-8cc5-360e9b272a7e
Client di rendering remotoRemote Rendering Client Consente agli utenti di gestire le funzionalità di sessione, rendering e diagnostica per il rendering remoto di Azure.Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering. d39065c4-c120-43c9-ab0a-63eed9795f0ad39065c4-c120-43c9-ab0a-63eed9795f0a
Collaboratore per l'account per gli ancoraggi spazialiSpatial Anchors Account Contributor Consente di gestire gli ancoraggi nello spazio nell'account, ma non di eliminarliLets you manage spatial anchors in your account, but not delete them 8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c8278bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827
Proprietario dell'account per gli ancoraggi spazialiSpatial Anchors Account Owner Consente di gestire gli ancoraggi nello spazio nell'account, incluse le operazioni di eliminazioneLets you manage spatial anchors in your account, including deleting them 70bbe301-9835-447d-afdd-19eb3167307c70bbe301-9835-447d-afdd-19eb3167307c
Ruolo Lettore dell'account per gli ancoraggi spazialiSpatial Anchors Account Reader Consente di individuare e leggere le proprietà degli ancoraggi nello spazio nell'accountLets you locate and read properties of spatial anchors in your account 5d51204f-eb77-4b1c-b86a-2ec626c494135d51204f-eb77-4b1c-b86a-2ec626c49413
IntegrazioneIntegration
Collaboratore servizio Gestione APIAPI Management Service Contributor Può gestire il servizio e le API.Can manage service and the APIs 312a565d-c81f-4fd8-895a-4e21e48d571c312a565d-c81f-4fd8-895a-4e21e48d571c
Ruolo operatore del servizio Gestione APIAPI Management Service Operator Role Può gestire il servizio ma non le API.Can manage service but not the APIs e022efe7-f5ba-4159-bbe4-b44f577e9b61e022efe7-f5ba-4159-bbe4-b44f577e9b61
Ruolo lettura del servizio Gestione APIAPI Management Service Reader Role Consente l'accesso di sola lettura al servizio e alle API.Read-only access to service and APIs 71522526-b88f-4d52-b57f-d31fc3546d0d71522526-b88f-4d52-b57f-d31fc3546d0d
Proprietario dei dati di Configurazione dell'appApp Configuration Data Owner Consente l'accesso completo ai dati di Configurazione dell'app.Allows full access to App Configuration data. 5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b
Ruolo con autorizzazioni di lettura per i dati di Configurazione dell'appApp Configuration Data Reader Consente l'accesso in lettura ai dati di Configurazione dell'app.Allows read access to App Configuration data. 516239f1-63e1-4d78-a4de-a74fb236a071516239f1-63e1-4d78-a4de-a74fb236a071
Proprietario dei dati del bus di servizio di AzureAzure Service Bus Data Owner Consente l'accesso completo alle risorse del bus di servizio di Azure.Allows for full access to Azure Service Bus resources. 090c5cfd-751d-490a-894a-3ce6f1109419090c5cfd-751d-490a-894a-3ce6f1109419
Ricevitore dei dati del bus di servizio di AzureAzure Service Bus Data Receiver Consente l'accesso per la ricezione alle risorse del bus di servizio di Azure.Allows for receive access to Azure Service Bus resources. 4f6d3b9b-027b-4f4c-9142-0e5a2a2247e04f6d3b9b-027b-4f4c-9142-0e5a2a2247e0
Mittente dei dati del bus di servizio di AzureAzure Service Bus Data Sender Consente l'accesso per l'invio alle risorse del bus di servizio di Azure.Allows for send access to Azure Service Bus resources. 69a216fc-b8fb-44d8-bc22-1f3c2cd27a3969a216fc-b8fb-44d8-bc22-1f3c2cd27a39
Proprietario della registrazione di Azure StackAzure Stack Registration Owner Consente di gestire le registrazioni di Azure Stack.Lets you manage Azure Stack registrations. 6f12a6df-dd06-4f3e-bcb1-ce8be600526a6f12a6df-dd06-4f3e-bcb1-ce8be600526a
Collaboratore per sottoscrizioni di eventi di Griglia di eventiEventGrid EventSubscription Contributor Consente di gestire le operazioni di sottoscrizione di eventi EventGrid.Lets you manage EventGrid event subscription operations. 428e0ff0-5e57-4d9c-a221-2c70d0e0a443428e0ff0-5e57-4d9c-a221-2c70d0e0a443
Ruolo con autorizzazioni di lettura per sottoscrizioni di eventi di Griglia di eventiEventGrid EventSubscription Reader Consente di leggere le sottoscrizioni di eventi EventGrid.Lets you read EventGrid event subscriptions. 2414bbcf-6497-4faf-8c65-0454607484052414bbcf-6497-4faf-8c65-045460748405
Collaboratore dati FHIRFHIR Data Contributor Il ruolo consente all'utente o all'entità di accesso completo ai dati di FHIRRole allows user or principal full access to FHIR Data 5a1fc7df-4bf1-4951-a576-89034ee01acd5a1fc7df-4bf1-4951-a576-89034ee01acd
Esportatore dati FHIRFHIR Data Exporter Role consente all'utente o all'entità di leggere ed esportare i dati di FHIRRole allows user or principal to read and export FHIR Data 3db33094-8700-4567-8da5-1501d4e7e8433db33094-8700-4567-8da5-1501d4e7e843
Lettore dati FHIRFHIR Data Reader Il ruolo consente all'utente o all'entità di leggere i dati di FHIRRole allows user or principal to read FHIR Data 4c8d0bbc-75d3-4935-991f-5f3c56d815084c8d0bbc-75d3-4935-991f-5f3c56d81508
FHIR Data writerFHIR Data Writer Role consente a un utente o a un'entità di leggere e scrivere dati FHIRRole allows user or principal to read and write FHIR Data 3f88fce4-5892-4214-ae73-ba52945599133f88fce4-5892-4214-ae73-ba5294559913
Collaboratore ambiente del servizio di integrazioneIntegration Service Environment Contributor Consente di gestire gli ambienti del servizio di integrazione, ma non di accedervi.Lets you manage integration service environments, but not access to them. a41e2c5b-bd99-4a07-88f4-9bf657a760b8a41e2c5b-bd99-4a07-88f4-9bf657a760b8
Sviluppatore ambiente del servizio di integrazioneIntegration Service Environment Developer Consente agli sviluppatori di creare e aggiornare i flussi di lavoro, gli account di integrazione e le connessioni API negli ambienti di Integration Services.Allows developers to create and update workflows, integration accounts and API connections in integration service environments. c7aa55d3-1abb-444a-a5ca-5e51e485d6ecc7aa55d3-1abb-444a-a5ca-5e51e485d6ec
Collaboratore account Intelligent SystemsIntelligent Systems Account Contributor Consente di gestire gli account Sistemi intelligenti, ma non di accedervi.Lets you manage Intelligent Systems accounts, but not access to them. 03a6d094-3444-4b3d-88af-7477090a9e5e03a6d094-3444-4b3d-88af-7477090a9e5e
Collaboratore per app per la logicaLogic App Contributor Consente di gestire le app per la logica, ma non di modificarne l'accesso.Lets you manage logic apps, but not change access to them. 87a39d53-fc1b-424a-814c-f7e04687dc9e87a39d53-fc1b-424a-814c-f7e04687dc9e
Operatore per app per la logicaLogic App Operator Consente di leggere, abilitare e disabilitare le app per la logica, ma non di modificarle o aggiornarle.Lets you read, enable, and disable logic apps, but not edit or update them. 515c2055-d9d4-4321-b1b9-bd0c9a0f79fe515c2055-d9d4-4321-b1b9-bd0c9a0f79fe
IdentitàIdentity
Managed Identity Contributor (Collaboratore per identità gestita)Managed Identity Contributor Crea, legge, aggiorna ed elimina l'identità assegnata all'utenteCreate, Read, Update, and Delete User Assigned Identity e40ec5ca-96e0-45a2-b4ff-59039f2c2b59e40ec5ca-96e0-45a2-b4ff-59039f2c2b59
Managed Identity Operator (Operatore per identità gestita)Managed Identity Operator Legge e assegna l'identità assegnata all'utenteRead and Assign User Assigned Identity f1a07417-d97a-45cb-824c-7a7467783830f1a07417-d97a-45cb-824c-7a7467783830
SicurezzaSecurity
Collaboratore di Azure SentinelAzure Sentinel Contributor Collaboratore di Azure SentinelAzure Sentinel Contributor ab8e14d6-4a74-4a29-9ba8-549422addadeab8e14d6-4a74-4a29-9ba8-549422addade
Ruolo con autorizzazioni di lettura di Azure SentinelAzure Sentinel Reader Ruolo con autorizzazioni di lettura di Azure SentinelAzure Sentinel Reader 8d289c81-5878-46d4-8554-54e1e3d8b5cb8d289c81-5878-46d4-8554-54e1e3d8b5cb
Risponditore di Azure SentinelAzure Sentinel Responder Risponditore di Azure SentinelAzure Sentinel Responder 3e150937-b8fe-4cfb-8069-0eaf05ecd0563e150937-b8fe-4cfb-8069-0eaf05ecd056
Amministratore Key Vault (anteprima)Key Vault Administrator (preview) Eseguire tutte le operazioni del piano dati in un insieme di credenziali delle chiavi e in tutti gli oggetti al suo interno, inclusi i certificati, le chiavi e i segreti.Perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. Non è possibile gestire le risorse di Key Vault o gestire le assegnazioni di ruolo.Cannot manage key vault resources or manage role assignments. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. 00482a5a-887f-4fb3-b363-3b7fe8e7448300482a5a-887f-4fb3-b363-3b7fe8e74483
Ufficiale certificati Key Vault (anteprima)Key Vault Certificates Officer (preview) Eseguire qualsiasi azione sui certificati di un insieme di credenziali delle chiavi, eccetto le autorizzazioni Manage.Perform any action on the certificates of a key vault, except manage permissions. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. a4417e6f-fecd-4de8-b567-7b0420556985a4417e6f-fecd-4de8-b567-7b0420556985
Collaboratore di Key VaultKey Vault Contributor Consente di gestire gli insiemi di credenziali delle chiavi, ma non di assegnare i ruoli in Azure RBAC e di accedere a segreti, chiavi o certificati.Manage key vaults, but does not allow you to assign roles in Azure RBAC, and does not allow you to access secrets, keys, or certificates. f25e0fa2-a7c8-4377-a976-54943a77a395f25e0fa2-a7c8-4377-a976-54943a77a395
Key Vault Crypto Officer (anteprima)Key Vault Crypto Officer (preview) Eseguire qualsiasi azione sulle chiavi di un insieme di credenziali delle chiavi, eccetto le autorizzazioni Manage.Perform any action on the keys of a key vault, except manage permissions. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. 14b46e9e-c2b7-41b4-b07b-48a6ebf6060314b46e9e-c2b7-41b4-b07b-48a6ebf60603
Crittografia del servizio di crittografia Key Vault (anteprima)Key Vault Crypto Service Encryption (preview) Legge i metadati delle chiavi ed esegue operazioni di wrapping/Unwrap.Read metadata of keys and perform wrap/unwrap operations. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. e147488a-f6f5-4113-8e2d-b22465e65bf6e147488a-f6f5-4113-8e2d-b22465e65bf6
Utente di crittografia Key Vault (anteprima)Key Vault Crypto User (preview) Eseguire operazioni di crittografia usando chiavi.Perform cryptographic operations using keys. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. 12338af0-0e69-4776-bea7-57ae8d29742412338af0-0e69-4776-bea7-57ae8d297424
Lettore di Key Vault (anteprima)Key Vault Reader (preview) Leggere i metadati di insiemi di credenziali delle chiavi e i relativi certificati, chiavi e segreti.Read metadata of key vaults and its certificates, keys, and secrets. Non è possibile leggere i valori sensibili come il contenuto del segreto o il materiale della chiave.Cannot read sensitive values such as secret contents or key material. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. 21090545-7ca7-4776-b22c-e363652d74d221090545-7ca7-4776-b22c-e363652d74d2
Amministratore di Key Vault Secrets (anteprima)Key Vault Secrets Officer (preview) Eseguire qualsiasi azione sui segreti di un insieme di credenziali delle chiavi, eccetto le autorizzazioni di gestione.Perform any action on the secrets of a key vault, except manage permissions. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. b86a8fe4-44CE-4948-aee5-eccb2c155cd7b86a8fe4-44ce-4948-aee5-eccb2c155cd7
Utente di Key Vault Secrets (anteprima)Key Vault Secrets User (preview) Leggere il contenuto del segreto.Read secret contents. Funziona solo per gli insiemi di credenziali delle chiavi che usano il modello di autorizzazione "controllo degli accessi in base al ruolo di Azure".Only works for key vaults that use the 'Azure role-based access control' permission model. 4633458b-17de-408a-b874-0445c86b69e64633458b-17de-408a-b874-0445c86b69e6
Amministrazione della protezioneSecurity Admin Visualizzazione e aggiornamento delle autorizzazioni per il Centro sicurezza.View and update permissions for Security Center. Ha le stesse autorizzazioni del Ruolo con autorizzazioni di lettura per la sicurezza e può anche aggiornare i criteri di sicurezza e rimuovere gli avvisi e le raccomandazioni.Same permissions as the Security Reader role and can also update the security policy and dismiss alerts and recommendations. fb1c8493-542b-48eb-b624-b4c8fea62acdfb1c8493-542b-48eb-b624-b4c8fea62acd
Collaboratore per valutazioni della sicurezzaSecurity Assessment Contributor Consente di eseguire il push delle valutazioni nel Centro sicurezzaLets you push assessments to Security Center 612c2aa1-cb24-443b-ac28-3ab7272de6f5612c2aa1-cb24-443b-ac28-3ab7272de6f5
Gestore sicurezza (legacy)Security Manager (Legacy) Questo è un ruolo legacy.This is a legacy role. Usare invece Amministratore della sicurezza.Please use Security Admin instead. e3d13bf0-dd5a-482e-ba6b-9b8433878d10e3d13bf0-dd5a-482e-ba6b-9b8433878d10
Ruolo con autorizzazioni di lettura per la sicurezzaSecurity Reader Visualizzazione delle autorizzazioni per il Centro sicurezza.View permissions for Security Center. Può visualizzare raccomandazioni, avvisi, criteri di sicurezza e stati di sicurezza, ma non può apportare modifiche.Can view recommendations, alerts, a security policy, and security states, but cannot make changes. 39bc4728-0917-49c7-9d2c-d95423bc2eb439bc4728-0917-49c7-9d2c-d95423bc2eb4
DevOpsDevOps
Utente DevTest LabsDevTest Labs User Consente di connettere, avviare, riavviare e arrestare le macchine virtuali in Azure DevTest Labs.Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs. 76283e04-6283-4c54-8f91-bcf1374a3c6476283e04-6283-4c54-8f91-bcf1374a3c64
Lab Creator (Creatore di lab)Lab Creator Consente di creare nuovi Lab con gli account di Azure Lab.Lets you create new labs under your Azure Lab Accounts. b97fb8bc-a8b2-4522-a38b-dd33c7e65eadb97fb8bc-a8b2-4522-a38b-dd33c7e65ead
MonitoraggioMonitor
Collaboratore componente di Application InsightsApplication Insights Component Contributor È in grado di gestire i componenti di Application InsightsCan manage Application Insights components ae349356-3a1b-4a5e-921d-050484c6347eae349356-3a1b-4a5e-921d-050484c6347e
Debugger di snapshot di Application InsightsApplication Insights Snapshot Debugger Concede l'autorizzazione utente per visualizzare e scaricare gli snapshot di debug raccolti con Application Insights Snapshot Debugger.Gives user permission to view and download debug snapshots collected with the Application Insights Snapshot Debugger. Si noti che queste autorizzazioni non sono incluse nei ruoli Proprietario e Collaboratore.Note that these permissions are not included in the Owner or Contributor roles. Quando si assegna agli utenti il ruolo Snapshot Debugger di Application Insights, è necessario concedere il ruolo direttamente all'utente.When giving users the Application Insights Snapshot Debugger role, you must grant the role directly to the user. Il ruolo non viene riconosciuto quando viene aggiunto a un ruolo personalizzato.The role is not recognized when it is added to a custom role. 08954f03-6346-4c2e-81c0-ec3a5cfae23b08954f03-6346-4c2e-81c0-ec3a5cfae23b
Collaboratore al monitoraggioMonitoring Contributor Può leggere tutti i dati del monitoraggio e modificare le impostazioni di monitoraggio.Can read all monitoring data and edit monitoring settings. Vedere anche Introduzione a ruoli, autorizzazioni e sicurezza con il monitoraggio di Azure.See also Get started with roles, permissions, and security with Azure Monitor. 749f88d5-cbae-40b8-bcfc-e573ddc772fa749f88d5-cbae-40b8-bcfc-e573ddc772fa
Autore delle metriche di monitoraggioMonitoring Metrics Publisher Abilitare la pubblicazione di metriche nelle risorse di AzureEnables publishing metrics against Azure resources 3913510d-42f4-4e42-8a64-420c390055eb3913510d-42f4-4e42-8a64-420c390055eb
Lettore di monitoraggioMonitoring Reader Può leggere tutti i dati del monitoraggio (metriche, log e così via).Can read all monitoring data (metrics, logs, etc.). Vedere anche Introduzione a ruoli, autorizzazioni e sicurezza con il monitoraggio di Azure.See also Get started with roles, permissions, and security with Azure Monitor. 43d0d8ad-25c7-4714-9337-8ba259a9fe0543d0d8ad-25c7-4714-9337-8ba259a9fe05
Collaboratore per le cartelle di lavoroWorkbook Contributor Può salvare le cartelle di lavoro condivise.Can save shared workbooks. e8ddcd69-c73f-4f9f-9844-4100522f16ade8ddcd69-c73f-4f9f-9844-4100522f16ad
Ruolo con autorizzazioni di lettura per le cartelle di lavoroWorkbook Reader Può leggere le cartelle di lavoro.Can read workbooks. b279062a-9be3-42a0-92ae-8b3cf002ec4db279062a-9be3-42a0-92ae-8b3cf002ec4d
Gestione e governanceManagement + governance
Operatore processo di automazioneAutomation Job Operator Consente di creare e gestire i processi tramite i runbook di Automazione.Create and Manage Jobs using Automation Runbooks. 4fe576fe-1146-4730-92eb-48519fa6bf9f4fe576fe-1146-4730-92eb-48519fa6bf9f
Operatore di automazioneAutomation Operator Gli operatori di automazione possono avviare, arrestare, sospendere e riprendere processi.Automation Operators are able to start, stop, suspend, and resume jobs d3881f73-407a-4167-8283-e981cbba0404d3881f73-407a-4167-8283-e981cbba0404
Operatore runbook di automazioneAutomation Runbook Operator Consente di leggere le proprietà del runbook per permettere di creare processi del runbook.Read Runbook properties - to be able to create Jobs of the runbook. 5fb5aef8-1081-4b8e-bb16-9d5d0385bab55fb5aef8-1081-4b8e-bb16-9d5d0385bab5
Onboarding di Azure Connected MachineAzure Connected Machine Onboarding Può eseguire l'onboarding di Azure Connected Machine.Can onboard Azure Connected Machines. b64e21ea-ac4e-4cdf-9dc9-5b892992bee7b64e21ea-ac4e-4cdf-9dc9-5b892992bee7
Amministratore delle risorse di Azure Connected MachineAzure Connected Machine Resource Administrator Può leggere, scrivere, eliminare e ripetere l'onboarding di Azure Connected Machine.Can read, write, delete and re-onboard Azure Connected Machines. cd570a14-e51a-42ad-bac8-bafd67325302cd570a14-e51a-42ad-bac8-bafd67325302
Lettore per la fatturazioneBilling Reader Consente l'accesso in lettura ai dati di fatturazione.Allows read access to billing data fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64
Collaboratore di progettoBlueprint Contributor Può gestire le definizioni di progetto, ma non assegnarle.Can manage blueprint definitions, but not assign them. 41077137-e803-4205-871c-5a86e6a753b441077137-e803-4205-871c-5a86e6a753b4
Operatore di progettoBlueprint Operator Può assegnare i progetti pubblicati esistenti, ma non creare nuovi progetti.Can assign existing published blueprints, but cannot create new blueprints. Si noti che funziona solo se l'assegnazione viene eseguita con un'identità gestita assegnata dall'utente.Note that this only works if the assignment is done with a user-assigned managed identity. 437d2ced-4a38-4302-8479-ed2bcb43d090437d2ced-4a38-4302-8479-ed2bcb43d090
Collaboratore Gestione costiCost Management Contributor Può visualizzare i costi e gestire la configurazione dei costi, ad esempio budget ed esportazioniCan view costs and manage cost configuration (e.g. budgets, exports) 434105ed-43f6-45c7-a02f-909b2ba83430434105ed-43f6-45c7-a02f-909b2ba83430
Lettore Gestione costiCost Management Reader Può visualizzare la configurazione e i dati dei costi, ad esempio budget ed esportazioniCan view cost data and configuration (e.g. budgets, exports) 72fafb9e-0641-4937-9268-a91bfd8191a372fafb9e-0641-4937-9268-a91bfd8191a3
Amministratore impostazioni gerarchiaHierarchy Settings Administrator Consente agli utenti di modificare ed eliminare le impostazioni della gerarchiaAllows users to edit and delete Hierarchy Settings 350f8d15-c687-4448-8ae1-157740a3936d350f8d15-c687-4448-8ae1-157740a3936d
Cluster Kubernetes-onboarding di Azure ArcKubernetes Cluster - Azure Arc Onboarding Definizione del ruolo per autorizzare qualsiasi utente/servizio a creare una risorsa connectedClustersRole definition to authorize any user/service to create connectedClusters resource 34e09817-6cbe-4d01-b1a2-e0eac5743d4134e09817-6cbe-4d01-b1a2-e0eac5743d41
Ruolo collaboratore per applicazioni gestiteManaged Application Contributor Role Consente la creazione di risorse di applicazioni gestite.Allows for creating managed application resources. 641177b8-a67a-45b9-a033-47bc880bb21e641177b8-a67a-45b9-a033-47bc880bb21e
Ruolo di Operatore applicazione gestitaManaged Application Operator Role Consente di leggere ed eseguire azioni sulle risorse dell'applicazione gestitaLets you read and perform actions on Managed Application resources c7393b34-138c-406f-901b-d8cf2b17e6aec7393b34-138c-406f-901b-d8cf2b17e6ae
Lettore applicazioni gestiteManaged Applications Reader Consente di leggere le risorse in un accesso di app gestita e JIT richiesta.Lets you read resources in a managed app and request JIT access. b9331d33-8a36-4f8c-b097-4f54124fdb44b9331d33-8a36-4f8c-b097-4f54124fdb44
Ruolo con autorizzazioni di eliminazione assegnazioni di registrazione dei servizi gestitiManaged Services Registration assignment Delete Role Il Ruolo con autorizzazioni di eliminazione assegnazioni di registrazione dei servizi gestiti consente agli utenti del tenant di gestione di eliminare l'assegnazione della registrazione assegnata al proprio tenant.Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant. 91c1777a-f3dc-4fae-b103-61d183457e4691c1777a-f3dc-4fae-b103-61d183457e46
Collaboratore gruppo di gestioneManagement Group Contributor Ruolo Collaboratore gruppo di gestioneManagement Group Contributor Role 5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c
Lettore gruppo di gestioneManagement Group Reader Ruolo Lettore gruppo di gestioneManagement Group Reader Role ac63b705-f282-497d-ac71-919bf39d939dac63b705-f282-497d-ac71-919bf39d939d
Collaboratore account New Relic APMNew Relic APM Account Contributor Consente di gestire gli account e le applicazioni di APR New Relic, ma non di accedervi.Lets you manage New Relic Application Performance Management accounts and applications, but not access to them. 5d28c62d-5b37-4476-8438-e587778df2375d28c62d-5b37-4476-8438-e587778df237
Ruolo con autorizzazioni di scrittura per i dati di Policy Insights (anteprima)Policy Insights Data Writer (Preview) Consente l'accesso in lettura ai criteri delle risorse e l'accesso in scrittura agli eventi dei criteri dei componenti delle risorse.Allows read access to resource policies and write access to resource component policy events. 66bb4e9e-b016-4a94-8249-4c0511c2be8466bb4e9e-b016-4a94-8249-4c0511c2be84
Collaboratore per i criteri delle risorseResource Policy Contributor Utenti con diritti di creazione/modifica di criteri delle risorse, creazione di ticket di supporto e lettura di risorse/gerarchia.Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy. 36243c78-bf99-498c-9df9-86d9f8d2860836243c78-bf99-498c-9df9-86d9f8d28608
Collaboratore al ripristino sitoSite Recovery Contributor Consente di gestire il servizio Site Recovery ad eccezione della creazione dell'insieme di credenziali e dell'assegnazione di ruolo.Lets you manage Site Recovery service except vault creation and role assignment 6670b86e-a3f7-4917-ac9b-5d6ab1be45676670b86e-a3f7-4917-ac9b-5d6ab1be4567
Operatore del ripristino sitoSite Recovery Operator Consente di eseguire il failover e il failback ma non di eseguire altre operazioni di gestione di Site Recovery.Lets you failover and failback but not perform other Site Recovery management operations 494ae006-db33-4328-bf46-533a6560a3ca494ae006-db33-4328-bf46-533a6560a3ca
Reader di ripristino sitoSite Recovery Reader Consente di visualizzare lo stato di Site Recovery ma non di eseguire altre operazioni di gestione.Lets you view Site Recovery status but not perform other management operations dbaa88c4-0c30-4179-9fb3-46319faa6149dbaa88c4-0c30-4179-9fb3-46319faa6149
Collaboratore alla richiesta di supportoSupport Request Contributor Consente di creare e gestire le richieste di supporto.Lets you create and manage Support requests cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24ecfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e
Collaboratore per tagTag Contributor Consente di gestire i tag sulle entità senza concedere l'accesso alle entità stesse.Lets you manage tags on entities, without providing access to the entities themselves. 4a9ae827-6dc8-4573-8ac7-8239d42aa03f4a9ae827-6dc8-4573-8ac7-8239d42aa03f
AltriOther
Collaboratore BizTalkBizTalk Contributor Consente di gestire i servizi BizTalk, ma non di accedervi.Lets you manage BizTalk services, but not access to them. 5e3c6656-6cfa-4708-81fe-0de47ac733425e3c6656-6cfa-4708-81fe-0de47ac73342
Utente di virtualizzazione desktopDesktop Virtualization User Consente all'utente di usare le applicazioni in un gruppo di applicazioni.Allows user to use the applications in an application group. 1d18fff3-a72a-46b5-b4a9-0b38a3cd7e631d18fff3-a72a-46b5-b4a9-0b38a3cd7e63
Collaboratore raccolte di processi dell'unità di pianificazioneScheduler Job Collections Contributor Consente di gestire le raccolte di processi dell'utilità di pianificazione, ma non di accedervi.Lets you manage Scheduler job collections, but not access to them. 188a0f2f-5c9e-469b-ae67-2aa5ce574b94188a0f2f-5c9e-469b-ae67-2aa5ce574b94

GeneraleGeneral

CollaboratoreContributor

Concede l'accesso completo per la gestione di tutte le risorse, ma non consente di assegnare i ruoli in RBAC di Azure.Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC. Altre informazioniLearn more

AzioniActions DescrizioneDescription
* È in grado di creare e gestire ogni tipo di risorsaCreate and manage resources of all types
NotActionsNotActions
Microsoft. Authorization/*/DeleteMicrosoft.Authorization/*/Delete Eliminazione di ruoli, assegnazioni di criteri, definizioni dei criteri e definizioni dei set di criteriDelete roles, policy assignments, policy definitions and policy set definitions
Microsoft. Authorization/*/WriteMicrosoft.Authorization/*/Write Creazione di ruoli, assegnazioni di ruoli, assegnazioni di criteri, definizioni dei criteri e definizioni dei set di criteriCreate roles, role assignments, policy assignments, policy definitions and policy set definitions
Microsoft. Authorization/elevateAccess/ActionMicrosoft.Authorization/elevateAccess/Action Concede al chiamante l'accesso di tipo Amministratore Accesso utenti a livello dell'ambito del tenantGrants the caller User Access Administrator access at the tenant scope
Microsoft. Blueprint/blueprintAssignments/WriteMicrosoft.Blueprint/blueprintAssignments/write Crea o aggiorna eventuali assegnazioni del progettoCreate or update any blueprint assignments
Microsoft. Blueprint/blueprintAssignments/DeleteMicrosoft.Blueprint/blueprintAssignments/delete Elimina eventuali assegnazioni del progettoDelete any blueprint assignments
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c",
  "name": "b24988ac-6180-42a0-ab88-20f7382dd24c",
  "permissions": [
    {
      "actions": [
        "*"
      ],
      "notActions": [
        "Microsoft.Authorization/*/Delete",
        "Microsoft.Authorization/*/Write",
        "Microsoft.Authorization/elevateAccess/Action",
        "Microsoft.Blueprint/blueprintAssignments/write",
        "Microsoft.Blueprint/blueprintAssignments/delete"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

ProprietarioOwner

Concede l'accesso completo per la gestione di tutte le risorse, inclusa la possibilità di assegnare ruoli in controllo degli accessi in base al ruoloGrants full access to manage all resources, including the ability to assign roles in Azure RBAC. Altre informazioniLearn more

AzioniActions DescrizioneDescription
* È in grado di creare e gestire ogni tipo di risorsaCreate and manage resources of all types
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Grants full access to manage all resources, including the ability to assign roles in Azure RBAC.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635",
  "name": "8e3af657-a8ff-443c-a75c-2fe8c4bcb635",
  "permissions": [
    {
      "actions": [
        "*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

ReaderReader

Consente di visualizzare tutte le risorse, ma non di apportare modifiche.View all resources, but does not allow you to make any changes. Altre informazioniLearn more

AzioniActions DescrizioneDescription
*/lettura*/read Legge risorse di tutti i tipi, eccetto i segreti.Read resources of all types, except secrets.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "View all resources, but does not allow you to make any changes.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
  "name": "acdd72a7-3385-48ef-bd42-f606fba81ae7",
  "permissions": [
    {
      "actions": [
        "*/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Amministratore accessi utenteUser Access Administrator

Consente di gestire gli accessi utente alle risorse di Azure.Lets you manage user access to Azure resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
*/lettura*/read Legge risorse di tutti i tipi, eccetto i segreti.Read resources of all types, except secrets.
Microsoft. Authorization/*Microsoft.Authorization/* Gestire l'autorizzazioneManage authorization
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage user access to Azure resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/18d7d88d-d35e-4fb5-a5c3-7773c20a72d9",
  "name": "18d7d88d-d35e-4fb5-a5c3-7773c20a72d9",
  "permissions": [
    {
      "actions": [
        "*/read",
        "Microsoft.Authorization/*",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "User Access Administrator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

CalcoloCompute

Collaboratore macchine virtuali classicheClassic Virtual Machine Contributor

Consente di gestire le macchine virtuali classiche, ma non di accedervi né di gestire la rete virtuale o l'account di archiviazione a cui sono connesse.Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they're connected to.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. ClassicCompute/DomainNames/*Microsoft.ClassicCompute/domainNames/* Creare e gestire nomi di dominio di calcolo classiciCreate and manage classic compute domain names
Microsoft. ClassicCompute/virtualMachines/*Microsoft.ClassicCompute/virtualMachines/* Creare e gestire macchine virtualiCreate and manage virtual machines
Microsoft. ClassicNetwork/networkSecurityGroups/join/ActionMicrosoft.ClassicNetwork/networkSecurityGroups/join/action
Microsoft. ClassicNetwork/reservedIps/Link/ActionMicrosoft.ClassicNetwork/reservedIps/link/action Collega un IP riservatoLink a reserved Ip
Microsoft. ClassicNetwork/reservedIps/ReadMicrosoft.ClassicNetwork/reservedIps/read Ottiene gli IP riservatiGets the reserved Ips
Microsoft. ClassicNetwork/virtualNetworks/join/ActionMicrosoft.ClassicNetwork/virtualNetworks/join/action Unisce la rete virtuale.Joins the virtual network.
Microsoft. ClassicNetwork/virtualNetworks/ReadMicrosoft.ClassicNetwork/virtualNetworks/read Ottiene la rete virtuale.Get the virtual network.
Microsoft. ClassicStorage/storageAccounts/disks/ReadMicrosoft.ClassicStorage/storageAccounts/disks/read Restituisce il disco dell'account di archiviazione.Returns the storage account disk.
Microsoft. ClassicStorage/storageAccounts/images/ReadMicrosoft.ClassicStorage/storageAccounts/images/read Restituisce l'immagine dell'account di archiviazione.Returns the storage account image. Operazione deprecata:(Deprecated. usare 'Microsoft.ClassicStorage/storageAccounts/vmImages'.Use 'Microsoft.ClassicStorage/storageAccounts/vmImages')
Microsoft. ClassicStorage/storageAccounts/listKeys/ActionMicrosoft.ClassicStorage/storageAccounts/listKeys/action Elenca le chiavi di accesso per gli account di archiviazione.Lists the access keys for the storage accounts.
Microsoft. ClassicStorage/storageAccounts/ReadMicrosoft.ClassicStorage/storageAccounts/read Restituisce l'account di archiviazione con l'account specificato.Return the storage account with the given account.
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they're connected to.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/d73bb868-a0df-4d4d-bd69-98a00b01fccb",
  "name": "d73bb868-a0df-4d4d-bd69-98a00b01fccb",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.ClassicCompute/domainNames/*",
        "Microsoft.ClassicCompute/virtualMachines/*",
        "Microsoft.ClassicNetwork/networkSecurityGroups/join/action",
        "Microsoft.ClassicNetwork/reservedIps/link/action",
        "Microsoft.ClassicNetwork/reservedIps/read",
        "Microsoft.ClassicNetwork/virtualNetworks/join/action",
        "Microsoft.ClassicNetwork/virtualNetworks/read",
        "Microsoft.ClassicStorage/storageAccounts/disks/read",
        "Microsoft.ClassicStorage/storageAccounts/images/read",
        "Microsoft.ClassicStorage/storageAccounts/listKeys/action",
        "Microsoft.ClassicStorage/storageAccounts/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Classic Virtual Machine Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Virtual Machine Administrator Login (Accesso amministratore macchina virtuale)Virtual Machine Administrator Login

Visualizzare le macchine virtuali nel portale e accedere come amministratore altre informazioniView Virtual Machines in the portal and login as administrator Learn more

AzioniActions DescrizioneDescription
Microsoft. Network/publicIPAddresses/ReadMicrosoft.Network/publicIPAddresses/read Ottiene una definizione dell’indirizzo IP pubblico.Gets a public ip address definition.
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. Network/loadBalancers/ReadMicrosoft.Network/loadBalancers/read Ottiene una definizione del servizio di bilanciamento del caricoGets a load balancer definition
Microsoft. Network/networkInterfaces/ReadMicrosoft.Network/networkInterfaces/read Ottiene una definizione dell’interfaccia di rete.Gets a network interface definition.
Microsoft. Compute/virtualMachines/*/ReadMicrosoft.Compute/virtualMachines/*/read
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. Compute/virtualMachines/login/ActionMicrosoft.Compute/virtualMachines/login/action Consente di accedere a una macchina virtuale come utente normaleLog in to a virtual machine as a regular user
Microsoft. Compute/virtualMachines/loginAsAdmin/ActionMicrosoft.Compute/virtualMachines/loginAsAdmin/action Consente di accedere a una macchina virtuale con privilegi di amministratore di Windows o di utente root di LinuxLog in to a virtual machine with Windows administrator or Linux root user privileges
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "View Virtual Machines in the portal and login as administrator",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/1c0163c0-47e6-4577-8991-ea5c82e286e4",
  "name": "1c0163c0-47e6-4577-8991-ea5c82e286e4",
  "permissions": [
    {
      "actions": [
        "Microsoft.Network/publicIPAddresses/read",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.Network/loadBalancers/read",
        "Microsoft.Network/networkInterfaces/read",
        "Microsoft.Compute/virtualMachines/*/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Compute/virtualMachines/login/action",
        "Microsoft.Compute/virtualMachines/loginAsAdmin/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Virtual Machine Administrator Login",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore macchine virtualiVirtual Machine Contributor

Consente di gestire le macchine virtuali, ma non di accedervi né di gestire la rete virtuale o l'account di archiviazione a cui sono connesse.Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Compute/availabilitySets/*Microsoft.Compute/availabilitySets/* Creare e gestire set di disponibilità di calcoloCreate and manage compute availability sets
Microsoft. Compute/locations/*Microsoft.Compute/locations/* Creare e gestire percorsi di calcoloCreate and manage compute locations
Microsoft. Compute/virtualMachines/*Microsoft.Compute/virtualMachines/* Eseguire tutte le azioni della macchina virtuale, tra cui creare, aggiornare, eliminare, avviare, riavviare e spegnere macchine virtuali.Perform all virtual machine actions including create, update, delete, start, restart, and power off virtual machines. Eseguire script predefiniti nelle macchine virtuali.Execute predefined scripts on virtual machines.
Microsoft. Compute/virtualMachineScaleSets/*Microsoft.Compute/virtualMachineScaleSets/* Creare e gestire i set di scalabilità delle macchine virtualiCreate and manage virtual machine scale sets
Microsoft. Compute/disks/WriteMicrosoft.Compute/disks/write Crea un nuovo disco o ne aggiorna uno esistenteCreates a new Disk or updates an existing one
Microsoft. Compute/disks/ReadMicrosoft.Compute/disks/read Ottiene le proprietà di un discoGet the properties of a Disk
Microsoft. Compute/disks/DeleteMicrosoft.Compute/disks/delete Elimina il discoDeletes the Disk
Microsoft. DevTestLab/schedules/*Microsoft.DevTestLab/schedules/*
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Network/applicationGateways/backendAddressPools/join/ActionMicrosoft.Network/applicationGateways/backendAddressPools/join/action Aggiunge un pool di indirizzi back-end del gateway applicazione.Joins an application gateway backend address pool. Senza avvisi.Not Alertable.
Microsoft. Network/loadBalancers/backendAddressPools/join/ActionMicrosoft.Network/loadBalancers/backendAddressPools/join/action Aggiunge un pool di indirizzi di back-end del servizio di bilanciamento del carico.Joins a load balancer backend address pool. Senza avvisi.Not Alertable.
Microsoft. Network/loadBalancers/inboundNatPools/join/ActionMicrosoft.Network/loadBalancers/inboundNatPools/join/action Aggiunge un pool NAT in entrata del servizio di bilanciamento del carico.Joins a load balancer inbound NAT pool. Senza avvisi.Not alertable.
Microsoft. Network/loadBalancers/inboundNatRules/join/ActionMicrosoft.Network/loadBalancers/inboundNatRules/join/action Aggiunge una regola NAT in entrata del servizio di bilanciamento del carico.Joins a load balancer inbound nat rule. Senza avvisi.Not Alertable.
Microsoft. Network/loadBalancers/Probes/join/ActionMicrosoft.Network/loadBalancers/probes/join/action Consente l'uso di probe di un servizio di bilanciamento del carico.Allows using probes of a load balancer. Con questa autorizzazione, ad esempio, la proprietà healthProbe di un set di scalabilità di macchine virtuali può fare riferimento al probe.For example, with this permission healthProbe property of VM scale set can reference the probe. Senza avvisi.Not alertable.
Microsoft. Network/loadBalancers/ReadMicrosoft.Network/loadBalancers/read Ottiene una definizione del servizio di bilanciamento del caricoGets a load balancer definition
Microsoft. Network/locations/*Microsoft.Network/locations/* Creare e gestire percorsi di reteCreate and manage network locations
Microsoft. Network/networkInterfaces/*Microsoft.Network/networkInterfaces/* Creare e gestire interfacce di reteCreate and manage network interfaces
Microsoft. Network/networkSecurityGroups/join/ActionMicrosoft.Network/networkSecurityGroups/join/action Aggiunge un gruppo di sicurezza di rete.Joins a network security group. Senza avvisi.Not Alertable.
Microsoft. Network/networkSecurityGroups/ReadMicrosoft.Network/networkSecurityGroups/read Ottiene una definizione del gruppo di sicurezza di reteGets a network security group definition
Microsoft. Network/publicIPAddresses/join/ActionMicrosoft.Network/publicIPAddresses/join/action Aggiunge un indirizzo IP pubblico.Joins a public ip address. Senza avvisi.Not Alertable.
Microsoft. Network/publicIPAddresses/ReadMicrosoft.Network/publicIPAddresses/read Ottiene una definizione dell’indirizzo IP pubblico.Gets a public ip address definition.
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. Network/virtualNetworks/Subnets/join/ActionMicrosoft.Network/virtualNetworks/subnets/join/action Aggiunge una rete virtuale.Joins a virtual network. Senza avvisi.Not Alertable.
Microsoft. RecoveryServices/locations/*Microsoft.RecoveryServices/locations/*
Microsoft. RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/WriteMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write Crea un programma di protezione del backupCreate a backup Protection Intent
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read Restituisce i dettagli dell'oggetto dell'elemento protettoReturns object details of the Protected Item
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/WriteMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write Crea un elemento protetto di backupCreate a backup Protected Item
Microsoft. RecoveryServices/Vaults/backupPolicies/ReadMicrosoft.RecoveryServices/Vaults/backupPolicies/read Restituisce tutti i criteri di protezioneReturns all Protection Policies
Microsoft. RecoveryServices/Vaults/backupPolicies/WriteMicrosoft.RecoveryServices/Vaults/backupPolicies/write Crea i criteri di protezioneCreates Protection Policy
Microsoft. RecoveryServices/Vaults/ReadMicrosoft.RecoveryServices/Vaults/read L'operazione Ottieni insieme di credenziali ottiene un oggetto che rappresenta la risorsa di Azure di tipo 'vault'The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft. RecoveryServices/Vaults/usages/ReadMicrosoft.RecoveryServices/Vaults/usages/read Restituisce i dettagli di utilizzo di un insieme di credenziali di Servizi di ripristino.Returns usage details for a Recovery Services Vault.
Microsoft. RecoveryServices/Vaults/WriteMicrosoft.RecoveryServices/Vaults/write L'operazione Crea insieme di credenziali crea una risorsa di Azure di tipo 'vault'Create Vault operation creates an Azure resource of type 'vault'
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. SqlVirtualMachine/*Microsoft.SqlVirtualMachine/*
Microsoft. storage/storageAccounts/listKeys/ActionMicrosoft.Storage/storageAccounts/listKeys/action Restituisce le chiavi di accesso per l'account di archiviazione specificato.Returns the access keys for the specified storage account.
Microsoft. storage/storageAccounts/ReadMicrosoft.Storage/storageAccounts/read Restituisce l'elenco di account di archiviazione o ottiene le proprietà per l’account di archiviazione specificato.Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c",
  "name": "9980e02c-c2be-4d73-94e8-173b1dc7cf3c",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Compute/availabilitySets/*",
        "Microsoft.Compute/locations/*",
        "Microsoft.Compute/virtualMachines/*",
        "Microsoft.Compute/virtualMachineScaleSets/*",
        "Microsoft.Compute/disks/write",
        "Microsoft.Compute/disks/read",
        "Microsoft.Compute/disks/delete",
        "Microsoft.DevTestLab/schedules/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Network/applicationGateways/backendAddressPools/join/action",
        "Microsoft.Network/loadBalancers/backendAddressPools/join/action",
        "Microsoft.Network/loadBalancers/inboundNatPools/join/action",
        "Microsoft.Network/loadBalancers/inboundNatRules/join/action",
        "Microsoft.Network/loadBalancers/probes/join/action",
        "Microsoft.Network/loadBalancers/read",
        "Microsoft.Network/locations/*",
        "Microsoft.Network/networkInterfaces/*",
        "Microsoft.Network/networkSecurityGroups/join/action",
        "Microsoft.Network/networkSecurityGroups/read",
        "Microsoft.Network/publicIPAddresses/join/action",
        "Microsoft.Network/publicIPAddresses/read",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.Network/virtualNetworks/subnets/join/action",
        "Microsoft.RecoveryServices/locations/*",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/read",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/write",
        "Microsoft.RecoveryServices/Vaults/read",
        "Microsoft.RecoveryServices/Vaults/usages/read",
        "Microsoft.RecoveryServices/Vaults/write",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.SqlVirtualMachine/*",
        "Microsoft.Storage/storageAccounts/listKeys/action",
        "Microsoft.Storage/storageAccounts/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Virtual Machine Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Virtual Machine User Login (Accesso utente macchina virtuale)Virtual Machine User Login

Consente di visualizzare le macchine virtuali nel portale e di accedere come utente normale.View Virtual Machines in the portal and login as a regular user. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Network/publicIPAddresses/ReadMicrosoft.Network/publicIPAddresses/read Ottiene una definizione dell’indirizzo IP pubblico.Gets a public ip address definition.
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. Network/loadBalancers/ReadMicrosoft.Network/loadBalancers/read Ottiene una definizione del servizio di bilanciamento del caricoGets a load balancer definition
Microsoft. Network/networkInterfaces/ReadMicrosoft.Network/networkInterfaces/read Ottiene una definizione dell’interfaccia di rete.Gets a network interface definition.
Microsoft. Compute/virtualMachines/*/ReadMicrosoft.Compute/virtualMachines/*/read
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. Compute/virtualMachines/login/ActionMicrosoft.Compute/virtualMachines/login/action Consente di accedere a una macchina virtuale come utente normaleLog in to a virtual machine as a regular user
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "View Virtual Machines in the portal and login as a regular user.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/fb879df8-f326-4884-b1cf-06f3ad86be52",
  "name": "fb879df8-f326-4884-b1cf-06f3ad86be52",
  "permissions": [
    {
      "actions": [
        "Microsoft.Network/publicIPAddresses/read",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.Network/loadBalancers/read",
        "Microsoft.Network/networkInterfaces/read",
        "Microsoft.Compute/virtualMachines/*/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Compute/virtualMachines/login/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Virtual Machine User Login",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

ReteNetworking

Collaboratore endpoint rete CDNCDN Endpoint Contributor

Può gestire gli endpoint della rete CDN, ma non può concedere l'accesso ad altri utenti.Can manage CDN endpoints, but can't grant access to other users.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. CDN/edgenodes/ReadMicrosoft.Cdn/edgenodes/read
Microsoft. CDN/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft. CDN/Profiles/Endpoints/*Microsoft.Cdn/profiles/endpoints/*
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can manage CDN endpoints, but can't grant access to other users.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/426e0c7f-0c7e-4658-b36f-ff54d6c29b45",
  "name": "426e0c7f-0c7e-4658-b36f-ff54d6c29b45",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Cdn/edgenodes/read",
        "Microsoft.Cdn/operationresults/*",
        "Microsoft.Cdn/profiles/endpoints/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "CDN Endpoint Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore endpoint rete CDNCDN Endpoint Reader

Può visualizzare gli endpoint della rete CDN, ma non può apportare modifiche.Can view CDN endpoints, but can't make changes.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. CDN/edgenodes/ReadMicrosoft.Cdn/edgenodes/read
Microsoft. CDN/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft. CDN/Profiles/Endpoints/*/ReadMicrosoft.Cdn/profiles/endpoints/*/read
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can view CDN endpoints, but can't make changes.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/871e35f6-b5c1-49cc-a043-bde969a0f2cd",
  "name": "871e35f6-b5c1-49cc-a043-bde969a0f2cd",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Cdn/edgenodes/read",
        "Microsoft.Cdn/operationresults/*",
        "Microsoft.Cdn/profiles/endpoints/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "CDN Endpoint Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore profilo rete CDNCDN Profile Contributor

Può gestire i profili e i rispettivi endpoint della rete CDN, ma non può concedere l'accesso ad altri utenti.Can manage CDN profiles and their endpoints, but can't grant access to other users. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. CDN/edgenodes/ReadMicrosoft.Cdn/edgenodes/read
Microsoft. CDN/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft. CDN/Profiles/*Microsoft.Cdn/profiles/*
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can manage CDN profiles and their endpoints, but can't grant access to other users.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/ec156ff8-a8d1-4d15-830c-5b80698ca432",
  "name": "ec156ff8-a8d1-4d15-830c-5b80698ca432",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Cdn/edgenodes/read",
        "Microsoft.Cdn/operationresults/*",
        "Microsoft.Cdn/profiles/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "CDN Profile Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore profilo rete CDNCDN Profile Reader

Può visualizzare i profili e i rispettivi endpoint della rete CDN, ma non può apportare modifiche.Can view CDN profiles and their endpoints, but can't make changes.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. CDN/edgenodes/ReadMicrosoft.Cdn/edgenodes/read
Microsoft. CDN/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft. CDN/Profiles/*/ReadMicrosoft.Cdn/profiles/*/read
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can view CDN profiles and their endpoints, but can't make changes.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/8f96442b-4075-438f-813d-ad51ab4019af",
  "name": "8f96442b-4075-438f-813d-ad51ab4019af",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Cdn/edgenodes/read",
        "Microsoft.Cdn/operationresults/*",
        "Microsoft.Cdn/profiles/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "CDN Profile Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore reti virtuali classicheClassic Network Contributor

Consente di gestire le reti classiche, ma non di accedervi.Lets you manage classic networks, but not access to them. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. ClassicNetwork/*Microsoft.ClassicNetwork/* Creare e gestire reti classicheCreate and manage classic networks
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage classic networks, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/b34d265f-36f7-4a0d-a4d4-e158ca92e90f",
  "name": "b34d265f-36f7-4a0d-a4d4-e158ca92e90f",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.ClassicNetwork/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Classic Network Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore zona DNSDNS Zone Contributor

Consente di gestire le zone DNS e i set di record in DNS di Azure, ma non di controllare chi è autorizzato ad accedervi.Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Network/dnsZones/*Microsoft.Network/dnsZones/* Creazione e gestione di zone e record DNSCreate and manage DNS zones and records
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/befefa01-2a29-4197-83a8-272ff33ce314",
  "name": "befefa01-2a29-4197-83a8-272ff33ce314",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Network/dnsZones/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "DNS Zone Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore di reteNetwork Contributor

Consente di gestire le reti, ma non di accedervi.Lets you manage networks, but not access to them.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Network/*Microsoft.Network/* Creare e gestire retiCreate and manage networks
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage networks, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7",
  "name": "4d97b98b-1d4f-4787-a291-c67834d212e7",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Network/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Network Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore zona DNS privatoPrivate DNS Zone Contributor

Consente di gestire le risorse della zona DNS privata, ma non le reti virtuali a cui sono collegate.Lets you manage private DNS zone resources, but not the virtual networks they are linked to. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Network/privateDnsZones/*Microsoft.Network/privateDnsZones/*
Microsoft. Network/privateDnsOperationResults/*Microsoft.Network/privateDnsOperationResults/*
Microsoft. Network/privateDnsOperationStatuses/*Microsoft.Network/privateDnsOperationStatuses/*
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. Network/virtualNetworks/join/ActionMicrosoft.Network/virtualNetworks/join/action Aggiunge una rete virtuale.Joins a virtual network. Senza avvisi.Not Alertable.
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage private DNS zone resources, but not the virtual networks they are linked to.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/b12aa53e-6015-4669-85d0-8515ebb3ae7f",
  "name": "b12aa53e-6015-4669-85d0-8515ebb3ae7f",
  "permissions": [
    {
      "actions": [
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.Network/privateDnsZones/*",
        "Microsoft.Network/privateDnsOperationResults/*",
        "Microsoft.Network/privateDnsOperationStatuses/*",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.Network/virtualNetworks/join/action",
        "Microsoft.Authorization/*/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Private DNS Zone Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore Gestione trafficoTraffic Manager Contributor

Consente di gestire i profili di Gestione traffico, ma non di controllare chi è autorizzato ad accedervi.Lets you manage Traffic Manager profiles, but does not let you control who has access to them.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Network/trafficManagerProfiles/*Microsoft.Network/trafficManagerProfiles/*
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage Traffic Manager profiles, but does not let you control who has access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/a4b10055-b0c7-44c2-b00f-c7b5b3550cf7",
  "name": "a4b10055-b0c7-44c2-b00f-c7b5b3550cf7",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Network/trafficManagerProfiles/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Traffic Manager Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

ArchiviazioneStorage

Collaboratore per AvereAvere Contributor

Può creare e gestire un cluster Avere vFXT.Can create and manage an Avere vFXT cluster. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Compute/*/ReadMicrosoft.Compute/*/read
Microsoft. Compute/availabilitySets/*Microsoft.Compute/availabilitySets/*
Microsoft. Compute/proximityPlacementGroups/*Microsoft.Compute/proximityPlacementGroups/*
Microsoft. Compute/virtualMachines/*Microsoft.Compute/virtualMachines/*
Microsoft. Compute/Disks/*Microsoft.Compute/disks/*
Microsoft. Network/*/ReadMicrosoft.Network/*/read
Microsoft. Network/networkInterfaces/*Microsoft.Network/networkInterfaces/*
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. Network/virtualNetworks/Subnets/ReadMicrosoft.Network/virtualNetworks/subnets/read Ottiene una definizione di subnet della rete virtualeGets a virtual network subnet definition
Microsoft. Network/virtualNetworks/Subnets/join/ActionMicrosoft.Network/virtualNetworks/subnets/join/action Aggiunge una rete virtuale.Joins a virtual network. Senza avvisi.Not Alertable.
Microsoft. Network/virtualNetworks/Subnets/joinViaServiceEndpoint/ActionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action Aggiunge una risorsa come un account di archiviazione o un database SQL a una subnet.Joins resource such as storage account or SQL database to a subnet. Senza avvisi.Not alertable.
Microsoft. Network/networkSecurityGroups/join/ActionMicrosoft.Network/networkSecurityGroups/join/action Aggiunge un gruppo di sicurezza di rete.Joins a network security group. Senza avvisi.Not Alertable.
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. storage/*/ReadMicrosoft.Storage/*/read
Microsoft. storage/storageAccounts/*Microsoft.Storage/storageAccounts/* Creare e gestire account di archiviazioneCreate and manage storage accounts
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. resources/subscriptions/resourceGroups/Resources/ReadMicrosoft.Resources/subscriptions/resourceGroups/resources/read Ottiene le risorse del gruppo di risorse.Gets the resources for the resource group.
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/DeleteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/delete Restituisce il risultato dell'eliminazione di un BLOBReturns the result of deleting a blob
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/ReadMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read Restituisce un BLOB o un elenco di BLOBReturns a blob or a list of blobs
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/WriteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/write Restituisce il risultato della scrittura su un BLOBReturns the result of writing a blob
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can create and manage an Avere vFXT cluster.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/4f8fab4f-1852-4a58-a46a-8eaf358af14a",
  "name": "4f8fab4f-1852-4a58-a46a-8eaf358af14a",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Compute/*/read",
        "Microsoft.Compute/availabilitySets/*",
        "Microsoft.Compute/proximityPlacementGroups/*",
        "Microsoft.Compute/virtualMachines/*",
        "Microsoft.Compute/disks/*",
        "Microsoft.Network/*/read",
        "Microsoft.Network/networkInterfaces/*",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.Network/virtualNetworks/subnets/read",
        "Microsoft.Network/virtualNetworks/subnets/join/action",
        "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action",
        "Microsoft.Network/networkSecurityGroups/join/action",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Storage/*/read",
        "Microsoft.Storage/storageAccounts/*",
        "Microsoft.Support/*",
        "Microsoft.Resources/subscriptions/resourceGroups/resources/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Avere Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Operatore di AvereAvere Operator

Usato dal cluster vFXT per gestire il cluster ulteriori informazioniUsed by the Avere vFXT cluster to manage the cluster Learn more

AzioniActions DescrizioneDescription
Microsoft. Compute/virtualMachines/ReadMicrosoft.Compute/virtualMachines/read Ottiene le proprietà di una macchina virtualeGet the properties of a virtual machine
Microsoft. Network/networkInterfaces/ReadMicrosoft.Network/networkInterfaces/read Ottiene una definizione dell’interfaccia di rete.Gets a network interface definition.
Microsoft. Network/networkInterfaces/WriteMicrosoft.Network/networkInterfaces/write Crea un'interfaccia di rete o ne aggiorna una esistente.Creates a network interface or updates an existing network interface.
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. Network/virtualNetworks/Subnets/ReadMicrosoft.Network/virtualNetworks/subnets/read Ottiene una definizione di subnet della rete virtualeGets a virtual network subnet definition
Microsoft. Network/virtualNetworks/Subnets/join/ActionMicrosoft.Network/virtualNetworks/subnets/join/action Aggiunge una rete virtuale.Joins a virtual network. Senza avvisi.Not Alertable.
Microsoft. Network/networkSecurityGroups/join/ActionMicrosoft.Network/networkSecurityGroups/join/action Aggiunge un gruppo di sicurezza di rete.Joins a network security group. Senza avvisi.Not Alertable.
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. storage/storageAccounts/blobServices/Containers/DeleteMicrosoft.Storage/storageAccounts/blobServices/containers/delete Restituisce il risultato dell'eliminazione di un contenitoreReturns the result of deleting a container
Microsoft. storage/storageAccounts/blobServices/Containers/ReadMicrosoft.Storage/storageAccounts/blobServices/containers/read Restituisce l'elenco dei contenitoriReturns list of containers
Microsoft. storage/storageAccounts/blobServices/Containers/WriteMicrosoft.Storage/storageAccounts/blobServices/containers/write Restituisce il risultato dell'operazione PUT sul contenitore BLOBReturns the result of put blob container
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/DeleteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/delete Restituisce il risultato dell'eliminazione di un BLOBReturns the result of deleting a blob
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/ReadMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read Restituisce un BLOB o un elenco di BLOBReturns a blob or a list of blobs
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/WriteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/write Restituisce il risultato della scrittura su un BLOBReturns the result of writing a blob
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Used by the Avere vFXT cluster to manage the cluster",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/c025889f-8102-4ebf-b32c-fc0c6f0c6bd9",
  "name": "c025889f-8102-4ebf-b32c-fc0c6f0c6bd9",
  "permissions": [
    {
      "actions": [
        "Microsoft.Compute/virtualMachines/read",
        "Microsoft.Network/networkInterfaces/read",
        "Microsoft.Network/networkInterfaces/write",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.Network/virtualNetworks/subnets/read",
        "Microsoft.Network/virtualNetworks/subnets/join/action",
        "Microsoft.Network/networkSecurityGroups/join/action",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Storage/storageAccounts/blobServices/containers/delete",
        "Microsoft.Storage/storageAccounts/blobServices/containers/read",
        "Microsoft.Storage/storageAccounts/blobServices/containers/write"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Avere Operator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore di backupBackup Contributor

Consente di gestire il servizio di backup, ma non di creare insiemi di credenziali e concedere l'accesso ad altri utenti altre informazioniLets you manage backup service, but can't create vaults and give access to others Learn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. RecoveryServices/locations/*Microsoft.RecoveryServices/locations/*
Microsoft. RecoveryServices/Vaults/backupFabrics/operationResults/*Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/* Consente di gestire i risultati dell'operazione sulla gestione del backupManage results of operation on backup management
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/*Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/* Consente di creare e gestire i contenitori di backup all'interno delle infrastrutture di backup dell'insieme di credenziali dei Servizi di ripristinoCreate and manage backup containers inside backup fabrics of Recovery Services vault
Microsoft. RecoveryServices/Vaults/backupFabrics/refreshContainers/ActionMicrosoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action Aggiorna l'elenco di contenitoriRefreshes the container list
Microsoft. RecoveryServices/Vaults/backupJobs/*Microsoft.RecoveryServices/Vaults/backupJobs/* Consente di creare e gestire i processi di backupCreate and manage backup jobs
Microsoft. RecoveryServices/Vaults/backupJobsExport/ActionMicrosoft.RecoveryServices/Vaults/backupJobsExport/action Esporta processiExport Jobs
Microsoft. RecoveryServices/Vaults/backupOperationResults/*Microsoft.RecoveryServices/Vaults/backupOperationResults/* Consente di creare e gestire i risultati delle operazioni di gestione di backupCreate and manage Results of backup management operations
Microsoft. RecoveryServices/Vaults/backupPolicies/*Microsoft.RecoveryServices/Vaults/backupPolicies/* Consente di creare e gestire i criteri di backupCreate and manage backup policies
Microsoft. RecoveryServices/Vaults/backupProtectableItems/*Microsoft.RecoveryServices/Vaults/backupProtectableItems/* Consente di creare e gestire gli elementi su cui è possibile eseguire il backupCreate and manage items which can be backed up
Microsoft. RecoveryServices/Vaults/backupProtectedItems/*Microsoft.RecoveryServices/Vaults/backupProtectedItems/* Consente di creare e gestire gli elementi su cui è stato eseguito il backupCreate and manage backed up items
Microsoft. RecoveryServices/Vaults/backupProtectionContainers/*Microsoft.RecoveryServices/Vaults/backupProtectionContainers/* Consente di creare e gestire i contenitori che contengono gli elementi di backupCreate and manage containers holding backup items
Microsoft. RecoveryServices/Vaults/backupSecurityPIN/*Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*
Microsoft. RecoveryServices/Vaults/backupUsageSummaries/ReadMicrosoft.RecoveryServices/Vaults/backupUsageSummaries/read Restituisce i riepiloghi per gli elementi protetti e i server protetti di un'istanza di Servizi di ripristino.Returns summaries for Protected Items and Protected Servers for a Recovery Services .
Microsoft. RecoveryServices/Vaults/Certificates/*Microsoft.RecoveryServices/Vaults/certificates/* Consente di creare e gestire i certificati relativi al backup nell'insieme di credenziali dei Servizi di ripristinoCreate and manage certificates related to backup in Recovery Services vault
Microsoft. RecoveryServices/Vaults/extendedInformation/*Microsoft.RecoveryServices/Vaults/extendedInformation/* Consente di creare e gestire informazioni estese relative all'insieme di credenzialiCreate and manage extended info related to vault
Microsoft. RecoveryServices/Vaults/monitoringAlerts/ReadMicrosoft.RecoveryServices/Vaults/monitoringAlerts/read Ottiene gli avvisi per l'insieme di credenziali dei servizi di ripristino.Gets the alerts for the Recovery services vault.
Microsoft. RecoveryServices/Vaults/monitoringConfigurations/*Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*
Microsoft. RecoveryServices/Vaults/ReadMicrosoft.RecoveryServices/Vaults/read L'operazione Ottieni insieme di credenziali ottiene un oggetto che rappresenta la risorsa di Azure di tipo 'vault'The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft. RecoveryServices/Vaults/registeredIdentities/*Microsoft.RecoveryServices/Vaults/registeredIdentities/* Consente di creare e gestire le identità registrateCreate and manage registered identities
Microsoft. RecoveryServices/Vaults/usages/*Microsoft.RecoveryServices/Vaults/usages/* Consente di creare e gestire l'uso dell'insieme di credenziali dei Servizi di ripristinoCreate and manage usage of Recovery Services vault
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. storage/storageAccounts/ReadMicrosoft.Storage/storageAccounts/read Restituisce l'elenco di account di archiviazione o ottiene le proprietà per l’account di archiviazione specificato.Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft. RecoveryServices/Vaults/backupstorageconfig/*Microsoft.RecoveryServices/Vaults/backupstorageconfig/*
Microsoft. RecoveryServices/Vaults/backupConfig/*Microsoft.RecoveryServices/Vaults/backupconfig/*
Microsoft. RecoveryServices/Vaults/backupValidateOperation/ActionMicrosoft.RecoveryServices/Vaults/backupValidateOperation/action Convalida l'operazione sull'elemento protettoValidate Operation on Protected Item
Microsoft. RecoveryServices/Vaults/WriteMicrosoft.RecoveryServices/Vaults/write L'operazione Crea insieme di credenziali crea una risorsa di Azure di tipo 'vault'Create Vault operation creates an Azure resource of type 'vault'
Microsoft. RecoveryServices/Vaults/backupOperations/ReadMicrosoft.RecoveryServices/Vaults/backupOperations/read Restituisce lo stato dell'operazione di backup dell'insieme di credenziali di Servizi di ripristino.Returns Backup Operation Status for Recovery Services Vault.
Microsoft. RecoveryServices/Vaults/backupEngines/ReadMicrosoft.RecoveryServices/Vaults/backupEngines/read Restituisce tutti i server di gestione di backup registrati nell'insieme di credenziali.Returns all the backup management servers registered with vault.
Microsoft. RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*
Microsoft. RecoveryServices/Vaults/backupFabrics/protectableContainers/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read Ottiene tutti i contenitori che si possono proteggereGet all protectable containers
Microsoft. RecoveryServices/locations/backupStatus/ActionMicrosoft.RecoveryServices/locations/backupStatus/action Controlla lo stato del backup dell'insieme di credenziali di Servizi di ripristinoCheck Backup Status for Recovery Services Vaults
Microsoft. RecoveryServices/locations/backupPreValidateProtection/ActionMicrosoft.RecoveryServices/locations/backupPreValidateProtection/action
Microsoft. RecoveryServices/locations/backupValidateFeatures/ActionMicrosoft.RecoveryServices/locations/backupValidateFeatures/action Convalida le funzioniValidate Features
Microsoft. RecoveryServices/Vaults/monitoringAlerts/WriteMicrosoft.RecoveryServices/Vaults/monitoringAlerts/write Risolve l'avviso.Resolves the alert.
Microsoft. RecoveryServices/Operations/ReadMicrosoft.RecoveryServices/operations/read L'operazione restituisce l'elenco delle operazioni per un provider di risorseOperation returns the list of Operations for a Resource Provider
Microsoft. RecoveryServices/locations/OperationStatus/ReadMicrosoft.RecoveryServices/locations/operationStatus/read Ottiene lo stato dell'operazione per una determinata operazioneGets Operation Status for a given Operation
Microsoft. RecoveryServices/Vaults/backupProtectionIntents/ReadMicrosoft.RecoveryServices/Vaults/backupProtectionIntents/read Elenca tutte le finalità di protezione del backupList all backup Protection Intents
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage backup service,but can't create vaults and give access to others",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/5e467623-bb1f-42f4-a55d-6e525e11384b",
  "name": "5e467623-bb1f-42f4-a55d-6e525e11384b",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.RecoveryServices/locations/*",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action",
        "Microsoft.RecoveryServices/Vaults/backupJobs/*",
        "Microsoft.RecoveryServices/Vaults/backupJobsExport/action",
        "Microsoft.RecoveryServices/Vaults/backupOperationResults/*",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/*",
        "Microsoft.RecoveryServices/Vaults/backupProtectableItems/*",
        "Microsoft.RecoveryServices/Vaults/backupProtectedItems/*",
        "Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*",
        "Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*",
        "Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read",
        "Microsoft.RecoveryServices/Vaults/certificates/*",
        "Microsoft.RecoveryServices/Vaults/extendedInformation/*",
        "Microsoft.RecoveryServices/Vaults/monitoringAlerts/read",
        "Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*",
        "Microsoft.RecoveryServices/Vaults/read",
        "Microsoft.RecoveryServices/Vaults/registeredIdentities/*",
        "Microsoft.RecoveryServices/Vaults/usages/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Storage/storageAccounts/read",
        "Microsoft.RecoveryServices/Vaults/backupstorageconfig/*",
        "Microsoft.RecoveryServices/Vaults/backupconfig/*",
        "Microsoft.RecoveryServices/Vaults/backupValidateOperation/action",
        "Microsoft.RecoveryServices/Vaults/write",
        "Microsoft.RecoveryServices/Vaults/backupOperations/read",
        "Microsoft.RecoveryServices/Vaults/backupEngines/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read",
        "Microsoft.RecoveryServices/locations/backupStatus/action",
        "Microsoft.RecoveryServices/locations/backupPreValidateProtection/action",
        "Microsoft.RecoveryServices/locations/backupValidateFeatures/action",
        "Microsoft.RecoveryServices/Vaults/monitoringAlerts/write",
        "Microsoft.RecoveryServices/operations/read",
        "Microsoft.RecoveryServices/locations/operationStatus/read",
        "Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Backup Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Operatore di backupBackup Operator

Consente di gestire i servizi di backup, eccetto la rimozione del backup, la creazione dell'insieme di credenziali e l'accesso ad altri utenti altre informazioniLets you manage backup services, except removal of backup, vault creation and giving access to others Learn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Network/virtualNetworks/ReadMicrosoft.Network/virtualNetworks/read Ottiene la definizione della rete virtualeGet the virtual network definition
Microsoft. RecoveryServices/Vaults/backupFabrics/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/operationResults/read Restituisce lo stato dell'operazioneReturns status of the operation
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read Ottiene il risultato dell'operazione eseguita sul contenitore di protezione.Gets result of Operation performed on Protection Container.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/ActionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action Esegue il backup dell'elemento protetto.Performs Backup for Protected Item.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read Ottiene il risultato dell'operazione eseguita sugli elementi protetti.Gets Result of Operation Performed on Protected Items.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read Restituisce lo stato dell'operazione eseguita sugli elementi protetti.Returns the status of Operation performed on Protected Items.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read Restituisce i dettagli dell'oggetto dell'elemento protettoReturns object details of the Protected Item
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/ActionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action Effettua il provisioning del ripristino elementi immediato per l'elemento protettoProvision Instant Item Recovery for Protected Item
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read Ottiene i punti di ripristino degli elementi protetti.Get Recovery Points for Protected Items.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/Restore/ActionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action Ripristina i punti di ripristino degli elementi protetti.Restore Recovery Points for Protected Items.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/ActionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action Revoca il ripristino elementi immediato per l'elemento protettoRevoke Instant Item Recovery for Protected Item
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/WriteMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write Crea un elemento protetto di backupCreate a backup Protected Item
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read Restituisce tutti i contenitori registratiReturns all registered containers
Microsoft. RecoveryServices/Vaults/backupFabrics/refreshContainers/ActionMicrosoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action Aggiorna l'elenco di contenitoriRefreshes the container list
Microsoft. RecoveryServices/Vaults/backupJobs/*Microsoft.RecoveryServices/Vaults/backupJobs/* Consente di creare e gestire i processi di backupCreate and manage backup jobs
Microsoft. RecoveryServices/Vaults/backupJobsExport/ActionMicrosoft.RecoveryServices/Vaults/backupJobsExport/action Esporta processiExport Jobs
Microsoft. RecoveryServices/Vaults/backupOperationResults/*Microsoft.RecoveryServices/Vaults/backupOperationResults/* Consente di creare e gestire i risultati delle operazioni di gestione di backupCreate and manage Results of backup management operations
Microsoft. RecoveryServices/Vaults/backupPolicies/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupPolicies/operationResults/read Ottiene i risultati dell'operazione sui criteri.Get Results of Policy Operation.
Microsoft. RecoveryServices/Vaults/backupPolicies/ReadMicrosoft.RecoveryServices/Vaults/backupPolicies/read Restituisce tutti i criteri di protezioneReturns all Protection Policies
Microsoft. RecoveryServices/Vaults/backupProtectableItems/*Microsoft.RecoveryServices/Vaults/backupProtectableItems/* Consente di creare e gestire gli elementi su cui è possibile eseguire il backupCreate and manage items which can be backed up
Microsoft. RecoveryServices/Vaults/backupProtectedItems/ReadMicrosoft.RecoveryServices/Vaults/backupProtectedItems/read Restituisce l'elenco di tutti gli elementi protetti.Returns the list of all Protected Items.
Microsoft. RecoveryServices/Vaults/backupProtectionContainers/ReadMicrosoft.RecoveryServices/Vaults/backupProtectionContainers/read Restituisce tutti i contenitori che appartengono alla sottoscrizioneReturns all containers belonging to the subscription
Microsoft. RecoveryServices/Vaults/backupUsageSummaries/ReadMicrosoft.RecoveryServices/Vaults/backupUsageSummaries/read Restituisce i riepiloghi per gli elementi protetti e i server protetti di un'istanza di Servizi di ripristino.Returns summaries for Protected Items and Protected Servers for a Recovery Services .
Microsoft. RecoveryServices/Vaults/Certificates/WriteMicrosoft.RecoveryServices/Vaults/certificates/write L'operazione Aggiorna certificato risorsa aggiorna il certificato delle credenziali della risorsa o dell'insieme di credenziali.The Update Resource Certificate operation updates the resource/vault credential certificate.
Microsoft. RecoveryServices/Vaults/extendedInformation/ReadMicrosoft.RecoveryServices/Vaults/extendedInformation/read L'operazione Ottieni informazioni estese ottiene le informazioni estese di un oggetto che rappresenta la risorsa di Azure di tipo ?vault?The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft. RecoveryServices/Vaults/extendedInformation/WriteMicrosoft.RecoveryServices/Vaults/extendedInformation/write L'operazione Ottieni informazioni estese ottiene le informazioni estese di un oggetto che rappresenta la risorsa di Azure di tipo ?vault?The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft. RecoveryServices/Vaults/monitoringAlerts/ReadMicrosoft.RecoveryServices/Vaults/monitoringAlerts/read Ottiene gli avvisi per l'insieme di credenziali dei servizi di ripristino.Gets the alerts for the Recovery services vault.
Microsoft. RecoveryServices/Vaults/monitoringConfigurations/*Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*
Microsoft. RecoveryServices/Vaults/ReadMicrosoft.RecoveryServices/Vaults/read L'operazione Ottieni insieme di credenziali ottiene un oggetto che rappresenta la risorsa di Azure di tipo 'vault'The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft. RecoveryServices/Vaults/registeredIdentities/operationResults/ReadMicrosoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read L'operazione Ottieni risultati dell'operazione può essere usata per ottenere lo stato e il risultato dell'operazione inviata in modo asincronoThe Get Operation Results operation can be used get the operation status and result for the asynchronously submitted operation
Microsoft. RecoveryServices/Vaults/registeredIdentities/ReadMicrosoft.RecoveryServices/Vaults/registeredIdentities/read L'operazione Ottieni contenitori può essere usata per ottenere i contenitori registrati per una risorsa.The Get Containers operation can be used get the containers registered for a resource.
Microsoft. RecoveryServices/Vaults/registeredIdentities/WriteMicrosoft.RecoveryServices/Vaults/registeredIdentities/write L'operazione Registra contenitore di servizi può essere usata per registrare un contenitore con il servizio di ripristino.The Register Service Container operation can be used to register a container with Recovery Service.
Microsoft. RecoveryServices/Vaults/usages/ReadMicrosoft.RecoveryServices/Vaults/usages/read Restituisce i dettagli di utilizzo di un insieme di credenziali di Servizi di ripristino.Returns usage details for a Recovery Services Vault.
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. storage/storageAccounts/ReadMicrosoft.Storage/storageAccounts/read Restituisce l'elenco di account di archiviazione o ottiene le proprietà per l’account di archiviazione specificato.Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft. RecoveryServices/Vaults/backupstorageconfig/*Microsoft.RecoveryServices/Vaults/backupstorageconfig/*
Microsoft. RecoveryServices/Vaults/backupValidateOperation/ActionMicrosoft.RecoveryServices/Vaults/backupValidateOperation/action Convalida l'operazione sull'elemento protettoValidate Operation on Protected Item
Microsoft. RecoveryServices/Vaults/backupOperations/ReadMicrosoft.RecoveryServices/Vaults/backupOperations/read Restituisce lo stato dell'operazione di backup dell'insieme di credenziali di Servizi di ripristino.Returns Backup Operation Status for Recovery Services Vault.
Microsoft. RecoveryServices/Vaults/backupPolicies/Operations/ReadMicrosoft.RecoveryServices/Vaults/backupPolicies/operations/read Ottiene lo stato dell'operazione sui criteri.Get Status of Policy Operation.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/WriteMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write Crea un contenitore registratoCreates a registered container
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/ActionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action Esegue operazioni di richiesta di informazioni per i carichi di lavoro all'interno di un contenitoreDo inquiry for workloads within a container
Microsoft. RecoveryServices/Vaults/backupEngines/ReadMicrosoft.RecoveryServices/Vaults/backupEngines/read Restituisce tutti i server di gestione di backup registrati nell'insieme di credenziali.Returns all the backup management servers registered with vault.
Microsoft. RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/WriteMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write Crea un programma di protezione del backupCreate a backup Protection Intent
Microsoft. RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read Ottiene una finalità di protezione del backupGet a backup Protection Intent
Microsoft. RecoveryServices/Vaults/backupFabrics/protectableContainers/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read Ottiene tutti i contenitori che si possono proteggereGet all protectable containers
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/Items/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read Ottiene tutti gli elementi in un contenitoreGet all items in a container
Microsoft. RecoveryServices/locations/backupStatus/ActionMicrosoft.RecoveryServices/locations/backupStatus/action Controlla lo stato del backup dell'insieme di credenziali di Servizi di ripristinoCheck Backup Status for Recovery Services Vaults
Microsoft. RecoveryServices/locations/backupPreValidateProtection/ActionMicrosoft.RecoveryServices/locations/backupPreValidateProtection/action
Microsoft. RecoveryServices/locations/backupValidateFeatures/ActionMicrosoft.RecoveryServices/locations/backupValidateFeatures/action Convalida le funzioniValidate Features
Microsoft. RecoveryServices/Vaults/monitoringAlerts/WriteMicrosoft.RecoveryServices/Vaults/monitoringAlerts/write Risolve l'avviso.Resolves the alert.
Microsoft. RecoveryServices/Operations/ReadMicrosoft.RecoveryServices/operations/read L'operazione restituisce l'elenco delle operazioni per un provider di risorseOperation returns the list of Operations for a Resource Provider
Microsoft. RecoveryServices/locations/OperationStatus/ReadMicrosoft.RecoveryServices/locations/operationStatus/read Ottiene lo stato dell'operazione per una determinata operazioneGets Operation Status for a given Operation
Microsoft. RecoveryServices/Vaults/backupProtectionIntents/ReadMicrosoft.RecoveryServices/Vaults/backupProtectionIntents/read Elenca tutte le finalità di protezione del backupList all backup Protection Intents
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage backup services, except removal of backup, vault creation and giving access to others",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/00c29273-979b-4161-815c-10b084fb9324",
  "name": "00c29273-979b-4161-815c-10b084fb9324",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action",
        "Microsoft.RecoveryServices/Vaults/backupJobs/*",
        "Microsoft.RecoveryServices/Vaults/backupJobsExport/action",
        "Microsoft.RecoveryServices/Vaults/backupOperationResults/*",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/read",
        "Microsoft.RecoveryServices/Vaults/backupProtectableItems/*",
        "Microsoft.RecoveryServices/Vaults/backupProtectedItems/read",
        "Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read",
        "Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read",
        "Microsoft.RecoveryServices/Vaults/certificates/write",
        "Microsoft.RecoveryServices/Vaults/extendedInformation/read",
        "Microsoft.RecoveryServices/Vaults/extendedInformation/write",
        "Microsoft.RecoveryServices/Vaults/monitoringAlerts/read",
        "Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*",
        "Microsoft.RecoveryServices/Vaults/read",
        "Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/registeredIdentities/read",
        "Microsoft.RecoveryServices/Vaults/registeredIdentities/write",
        "Microsoft.RecoveryServices/Vaults/usages/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Storage/storageAccounts/read",
        "Microsoft.RecoveryServices/Vaults/backupstorageconfig/*",
        "Microsoft.RecoveryServices/Vaults/backupValidateOperation/action",
        "Microsoft.RecoveryServices/Vaults/backupOperations/read",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action",
        "Microsoft.RecoveryServices/Vaults/backupEngines/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read",
        "Microsoft.RecoveryServices/locations/backupStatus/action",
        "Microsoft.RecoveryServices/locations/backupPreValidateProtection/action",
        "Microsoft.RecoveryServices/locations/backupValidateFeatures/action",
        "Microsoft.RecoveryServices/Vaults/monitoringAlerts/write",
        "Microsoft.RecoveryServices/operations/read",
        "Microsoft.RecoveryServices/locations/operationStatus/read",
        "Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Backup Operator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore di backupBackup Reader

Consente di visualizzare i servizi di backup, ma non di apportare ulteriori modificheCan view backup services, but can't make changes Learn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. RecoveryServices/locations/allocatedStamp/ReadMicrosoft.RecoveryServices/locations/allocatedStamp/read GetAllocatedStamp è un'operazione interna usata dal servizioGetAllocatedStamp is internal operation used by service
Microsoft. RecoveryServices/Vaults/backupFabrics/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/operationResults/read Restituisce lo stato dell'operazioneReturns status of the operation
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read Ottiene il risultato dell'operazione eseguita sul contenitore di protezione.Gets result of Operation performed on Protection Container.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read Ottiene il risultato dell'operazione eseguita sugli elementi protetti.Gets Result of Operation Performed on Protected Items.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read Restituisce lo stato dell'operazione eseguita sugli elementi protetti.Returns the status of Operation performed on Protected Items.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read Restituisce i dettagli dell'oggetto dell'elemento protettoReturns object details of the Protected Item
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read Ottiene i punti di ripristino degli elementi protetti.Get Recovery Points for Protected Items.
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read Restituisce tutti i contenitori registratiReturns all registered containers
Microsoft. RecoveryServices/Vaults/backupJobs/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupJobs/operationResults/read Restituisce il risultato dell'operazione di processo.Returns the Result of Job Operation.
Microsoft. RecoveryServices/Vaults/backupJobs/ReadMicrosoft.RecoveryServices/Vaults/backupJobs/read Restituisce tutti gli oggetti processoReturns all Job Objects
Microsoft. RecoveryServices/Vaults/backupJobsExport/ActionMicrosoft.RecoveryServices/Vaults/backupJobsExport/action Esporta processiExport Jobs
Microsoft. RecoveryServices/Vaults/backupOperationResults/ReadMicrosoft.RecoveryServices/Vaults/backupOperationResults/read Restituisce il risultato dell'operazione di backup di un insieme di credenziali di Servizi di ripristino.Returns Backup Operation Result for Recovery Services Vault.
Microsoft. RecoveryServices/Vaults/backupPolicies/operationResults/ReadMicrosoft.RecoveryServices/Vaults/backupPolicies/operationResults/read Ottiene i risultati dell'operazione sui criteri.Get Results of Policy Operation.
Microsoft. RecoveryServices/Vaults/backupPolicies/ReadMicrosoft.RecoveryServices/Vaults/backupPolicies/read Restituisce tutti i criteri di protezioneReturns all Protection Policies
Microsoft. RecoveryServices/Vaults/backupProtectedItems/ReadMicrosoft.RecoveryServices/Vaults/backupProtectedItems/read Restituisce l'elenco di tutti gli elementi protetti.Returns the list of all Protected Items.
Microsoft. RecoveryServices/Vaults/backupProtectionContainers/ReadMicrosoft.RecoveryServices/Vaults/backupProtectionContainers/read Restituisce tutti i contenitori che appartengono alla sottoscrizioneReturns all containers belonging to the subscription
Microsoft. RecoveryServices/Vaults/backupUsageSummaries/ReadMicrosoft.RecoveryServices/Vaults/backupUsageSummaries/read Restituisce i riepiloghi per gli elementi protetti e i server protetti di un'istanza di Servizi di ripristino.Returns summaries for Protected Items and Protected Servers for a Recovery Services .
Microsoft. RecoveryServices/Vaults/extendedInformation/ReadMicrosoft.RecoveryServices/Vaults/extendedInformation/read L'operazione Ottieni informazioni estese ottiene le informazioni estese di un oggetto che rappresenta la risorsa di Azure di tipo ?vault?The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft. RecoveryServices/Vaults/monitoringAlerts/ReadMicrosoft.RecoveryServices/Vaults/monitoringAlerts/read Ottiene gli avvisi per l'insieme di credenziali dei servizi di ripristino.Gets the alerts for the Recovery services vault.
Microsoft. RecoveryServices/Vaults/ReadMicrosoft.RecoveryServices/Vaults/read L'operazione Ottieni insieme di credenziali ottiene un oggetto che rappresenta la risorsa di Azure di tipo 'vault'The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft. RecoveryServices/Vaults/registeredIdentities/operationResults/ReadMicrosoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read L'operazione Ottieni risultati dell'operazione può essere usata per ottenere lo stato e il risultato dell'operazione inviata in modo asincronoThe Get Operation Results operation can be used get the operation status and result for the asynchronously submitted operation
Microsoft. RecoveryServices/Vaults/registeredIdentities/ReadMicrosoft.RecoveryServices/Vaults/registeredIdentities/read L'operazione Ottieni contenitori può essere usata per ottenere i contenitori registrati per una risorsa.The Get Containers operation can be used get the containers registered for a resource.
Microsoft. RecoveryServices/Vaults/backupstorageconfig/ReadMicrosoft.RecoveryServices/Vaults/backupstorageconfig/read Restituisce la configurazione di archiviazione dell'insieme di credenziali di Servizi di ripristino.Returns Storage Configuration for Recovery Services Vault.
Microsoft. RecoveryServices/Vaults/backupConfig/ReadMicrosoft.RecoveryServices/Vaults/backupconfig/read Restituisce la configurazione dell'insieme di credenziali di Servizi di ripristino.Returns Configuration for Recovery Services Vault.
Microsoft. RecoveryServices/Vaults/backupOperations/ReadMicrosoft.RecoveryServices/Vaults/backupOperations/read Restituisce lo stato dell'operazione di backup dell'insieme di credenziali di Servizi di ripristino.Returns Backup Operation Status for Recovery Services Vault.
Microsoft. RecoveryServices/Vaults/backupPolicies/Operations/ReadMicrosoft.RecoveryServices/Vaults/backupPolicies/operations/read Ottiene lo stato dell'operazione sui criteri.Get Status of Policy Operation.
Microsoft. RecoveryServices/Vaults/backupEngines/ReadMicrosoft.RecoveryServices/Vaults/backupEngines/read Restituisce tutti i server di gestione di backup registrati nell'insieme di credenziali.Returns all the backup management servers registered with vault.
Microsoft. RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read Ottiene una finalità di protezione del backupGet a backup Protection Intent
Microsoft. RecoveryServices/Vaults/backupFabrics/protectionContainers/Items/ReadMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read Ottiene tutti gli elementi in un contenitoreGet all items in a container
Microsoft. RecoveryServices/locations/backupStatus/ActionMicrosoft.RecoveryServices/locations/backupStatus/action Controlla lo stato del backup dell'insieme di credenziali di Servizi di ripristinoCheck Backup Status for Recovery Services Vaults
Microsoft. RecoveryServices/Vaults/monitoringConfigurations/*Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*
Microsoft. RecoveryServices/Vaults/monitoringAlerts/WriteMicrosoft.RecoveryServices/Vaults/monitoringAlerts/write Risolve l'avviso.Resolves the alert.
Microsoft. RecoveryServices/Operations/ReadMicrosoft.RecoveryServices/operations/read L'operazione restituisce l'elenco delle operazioni per un provider di risorseOperation returns the list of Operations for a Resource Provider
Microsoft. RecoveryServices/locations/OperationStatus/ReadMicrosoft.RecoveryServices/locations/operationStatus/read Ottiene lo stato dell'operazione per una determinata operazioneGets Operation Status for a given Operation
Microsoft. RecoveryServices/Vaults/backupProtectionIntents/ReadMicrosoft.RecoveryServices/Vaults/backupProtectionIntents/read Elenca tutte le finalità di protezione del backupList all backup Protection Intents
Microsoft. RecoveryServices/Vaults/usages/ReadMicrosoft.RecoveryServices/Vaults/usages/read Restituisce i dettagli di utilizzo di un insieme di credenziali di Servizi di ripristino.Returns usage details for a Recovery Services Vault.
Microsoft. RecoveryServices/locations/backupValidateFeatures/ActionMicrosoft.RecoveryServices/locations/backupValidateFeatures/action Convalida le funzioniValidate Features
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can view backup services, but can't make changes",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/a795c7a0-d4a2-40c1-ae25-d81f01202912",
  "name": "a795c7a0-d4a2-40c1-ae25-d81f01202912",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.RecoveryServices/locations/allocatedStamp/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read",
        "Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupJobs/read",
        "Microsoft.RecoveryServices/Vaults/backupJobsExport/action",
        "Microsoft.RecoveryServices/Vaults/backupOperationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/read",
        "Microsoft.RecoveryServices/Vaults/backupProtectedItems/read",
        "Microsoft.RecoveryServices/Vaults/backupProtectionContainers/read",
        "Microsoft.RecoveryServices/Vaults/backupUsageSummaries/read",
        "Microsoft.RecoveryServices/Vaults/extendedInformation/read",
        "Microsoft.RecoveryServices/Vaults/monitoringAlerts/read",
        "Microsoft.RecoveryServices/Vaults/read",
        "Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read",
        "Microsoft.RecoveryServices/Vaults/registeredIdentities/read",
        "Microsoft.RecoveryServices/Vaults/backupstorageconfig/read",
        "Microsoft.RecoveryServices/Vaults/backupconfig/read",
        "Microsoft.RecoveryServices/Vaults/backupOperations/read",
        "Microsoft.RecoveryServices/Vaults/backupPolicies/operations/read",
        "Microsoft.RecoveryServices/Vaults/backupEngines/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read",
        "Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read",
        "Microsoft.RecoveryServices/locations/backupStatus/action",
        "Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*",
        "Microsoft.RecoveryServices/Vaults/monitoringAlerts/write",
        "Microsoft.RecoveryServices/operations/read",
        "Microsoft.RecoveryServices/locations/operationStatus/read",
        "Microsoft.RecoveryServices/Vaults/backupProtectionIntents/read",
        "Microsoft.RecoveryServices/Vaults/usages/read",
        "Microsoft.RecoveryServices/locations/backupValidateFeatures/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Backup Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore account di archiviazione classicoClassic Storage Account Contributor

Consente di gestire gli account di archiviazione classici, ma non di accedervi.Lets you manage classic storage accounts, but not access to them.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. ClassicStorage/storageAccounts/*Microsoft.ClassicStorage/storageAccounts/* Creare e gestire account di archiviazioneCreate and manage storage accounts
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage classic storage accounts, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/86e8f5dc-a6e9-4c67-9d15-de283e8eac25",
  "name": "86e8f5dc-a6e9-4c67-9d15-de283e8eac25",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.ClassicStorage/storageAccounts/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Classic Storage Account Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo del servizio dell'operatore della chiave dell'account di archiviazione classicoClassic Storage Account Key Operator Service Role

Gli operatori di chiave dell'account di archiviazione classico sono autorizzati a elencare e rigenerare le chiavi negli account di archiviazione classici altre informazioniClassic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts Learn more

AzioniActions DescrizioneDescription
Microsoft. ClassicStorage/storageAccounts/listkeys/ActionMicrosoft.ClassicStorage/storageAccounts/listkeys/action Elenca le chiavi di accesso per gli account di archiviazione.Lists the access keys for the storage accounts.
Microsoft. ClassicStorage/storageAccounts/RegenerateKey/ActionMicrosoft.ClassicStorage/storageAccounts/regeneratekey/action Rigenera le chiavi di accesso esistenti per l'account di archiviazione.Regenerates the existing access keys for the storage account.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/985d6b00-f706-48f5-a6fe-d0ca12fb668d",
  "name": "985d6b00-f706-48f5-a6fe-d0ca12fb668d",
  "permissions": [
    {
      "actions": [
        "Microsoft.ClassicStorage/storageAccounts/listkeys/action",
        "Microsoft.ClassicStorage/storageAccounts/regeneratekey/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Classic Storage Account Key Operator Service Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore Data BoxData Box Contributor

Consente di gestire tutto il servizio Data Box, ad eccezione della concessione dell'accesso ad altri utenti.Lets you manage everything under Data Box Service except giving access to others. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. databox/*Microsoft.Databox/*
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage everything under Data Box Service except giving access to others.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/add466c9-e687-43fc-8d98-dfcf8d720be5",
  "name": "add466c9-e687-43fc-8d98-dfcf8d720be5",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.Databox/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Data Box Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore Data BoxData Box Reader

Consente di gestire il servizio Data Box, ad eccezione della creazione di ordini, della modifica dei dettagli dell'ordine e della concessione dell'accesso ad altri utenti.Lets you manage Data Box Service except creating order or editing order details and giving access to others. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. databox/*/ReadMicrosoft.Databox/*/read
Microsoft. databox/Jobs/listsecrets/ActionMicrosoft.Databox/jobs/listsecrets/action
Microsoft. databox/Jobs/listCredentials/ActionMicrosoft.Databox/jobs/listcredentials/action Elenca le credenziali non crittografate correlate all'ordine.Lists the unencrypted credentials related to the order.
Microsoft. databox/locations/availableSkus/ActionMicrosoft.Databox/locations/availableSkus/action Restituisce l'elenco degli SKU disponibili.This method returns the list of available skus.
Microsoft. databox/locations/validateInputs/ActionMicrosoft.Databox/locations/validateInputs/action Questo metodo esegue tutti i tipi di convalida.This method does all type of validations.
Microsoft. databox/locations/regionConfiguration/ActionMicrosoft.Databox/locations/regionConfiguration/action Questo metodo restituisce le configurazioni per l'area.This method returns the configurations for the region.
Microsoft. databox/locations/validateAddress/ActionMicrosoft.Databox/locations/validateAddress/action Convalida l'indirizzo di spedizione e fornisce indirizzi alternativi, se disponibili.Validates the shipping address and provides alternate addresses if any.
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage Data Box Service except creating order or editing order details and giving access to others.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027",
  "name": "028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Databox/*/read",
        "Microsoft.Databox/jobs/listsecrets/action",
        "Microsoft.Databox/jobs/listcredentials/action",
        "Microsoft.Databox/locations/availableSkus/action",
        "Microsoft.Databox/locations/validateInputs/action",
        "Microsoft.Databox/locations/regionConfiguration/action",
        "Microsoft.Databox/locations/validateAddress/action",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Data Box Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Sviluppatore di Data Lake AnalyticsData Lake Analytics Developer

Consente di inviare, monitorare e gestire i propri processi, ma non di creare o eliminare account Data Lake Analytics.Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft.BigAnalytics/accounts/*Microsoft.BigAnalytics/accounts/*
Microsoft. analisi data Lake/accounts/*Microsoft.DataLakeAnalytics/accounts/*
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
Microsoft.BigAnalytics/accounts/DeleteMicrosoft.BigAnalytics/accounts/Delete
Microsoft.BigAnalytics/accounts/TakeOwnership/actionMicrosoft.BigAnalytics/accounts/TakeOwnership/action
Microsoft.BigAnalytics/accounts/WriteMicrosoft.BigAnalytics/accounts/Write
Microsoft. analisi data Lake/accounts/DeleteMicrosoft.DataLakeAnalytics/accounts/Delete Elimina un account Analisi Data Lake.Delete a DataLakeAnalytics account.
Microsoft. analisi data Lake/accounts/TakeOwnership/ActionMicrosoft.DataLakeAnalytics/accounts/TakeOwnership/action Concede le autorizzazioni per annullare i processi inviati da altri utenti.Grant permissions to cancel jobs submitted by other users.
Microsoft. analisi data Lake/accounts/WriteMicrosoft.DataLakeAnalytics/accounts/Write Crea o aggiorna un account Analisi Data Lake.Create or update a DataLakeAnalytics account.
Microsoft. analisi data Lake/accounts/dataLakeStoreAccounts/WriteMicrosoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write Crea o aggiorna un account Archivio Data Lake collegato a un account Analisi Data Lake.Create or update a linked DataLakeStore account of a DataLakeAnalytics account.
Microsoft. analisi data Lake/accounts/dataLakeStoreAccounts/DeleteMicrosoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete Scollega un account Archivio Data Lake da un account Analisi Data Lake.Unlink a DataLakeStore account from a DataLakeAnalytics account.
Microsoft. analisi data Lake/accounts/storageAccounts/WriteMicrosoft.DataLakeAnalytics/accounts/storageAccounts/Write Crea o aggiorna un account di archiviazione collegato a un account Analisi Data Lake.Create or update a linked Storage account of a DataLakeAnalytics account.
Microsoft. analisi data Lake/accounts/storageAccounts/DeleteMicrosoft.DataLakeAnalytics/accounts/storageAccounts/Delete Scollega un account di archiviazione da un account Analisi Data Lake.Unlink a Storage account from a DataLakeAnalytics account.
Microsoft. analisi data Lake/accounts/firewallRules/WriteMicrosoft.DataLakeAnalytics/accounts/firewallRules/Write Crea o aggiorna una regola del firewall.Create or update a firewall rule.
Microsoft. analisi data Lake/accounts/firewallRules/DeleteMicrosoft.DataLakeAnalytics/accounts/firewallRules/Delete Elimina una regola del firewall.Delete a firewall rule.
Microsoft. analisi data Lake/accounts/computePolicies/WriteMicrosoft.DataLakeAnalytics/accounts/computePolicies/Write Crea o aggiorna i criteri di calcolo.Create or update a compute policy.
Microsoft. analisi data Lake/accounts/computePolicies/DeleteMicrosoft.DataLakeAnalytics/accounts/computePolicies/Delete Elimina criteri di calcolo.Delete a compute policy.
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/47b7735b-770e-4598-a7da-8b91488b4c88",
  "name": "47b7735b-770e-4598-a7da-8b91488b4c88",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.BigAnalytics/accounts/*",
        "Microsoft.DataLakeAnalytics/accounts/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [
        "Microsoft.BigAnalytics/accounts/Delete",
        "Microsoft.BigAnalytics/accounts/TakeOwnership/action",
        "Microsoft.BigAnalytics/accounts/Write",
        "Microsoft.DataLakeAnalytics/accounts/Delete",
        "Microsoft.DataLakeAnalytics/accounts/TakeOwnership/action",
        "Microsoft.DataLakeAnalytics/accounts/Write",
        "Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write",
        "Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete",
        "Microsoft.DataLakeAnalytics/accounts/storageAccounts/Write",
        "Microsoft.DataLakeAnalytics/accounts/storageAccounts/Delete",
        "Microsoft.DataLakeAnalytics/accounts/firewallRules/Write",
        "Microsoft.DataLakeAnalytics/accounts/firewallRules/Delete",
        "Microsoft.DataLakeAnalytics/accounts/computePolicies/Write",
        "Microsoft.DataLakeAnalytics/accounts/computePolicies/Delete"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Data Lake Analytics Developer",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore e accesso ai datiReader and Data Access

Consente di visualizzare tutti gli elementi ma non consente di eliminare o creare un account di archiviazione o una risorsa contenuta.Lets you view everything but will not let you delete or create a storage account or contained resource. Consente anche l'accesso in lettura/scrittura a tutti i dati contenuti in un account di archiviazione tramite l'accesso alle chiavi dell'account di archiviazione.It will also allow read/write access to all data contained in a storage account via access to storage account keys.

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/listKeys/ActionMicrosoft.Storage/storageAccounts/listKeys/action Restituisce le chiavi di accesso per l'account di archiviazione specificato.Returns the access keys for the specified storage account.
Microsoft. storage/storageAccounts/ListAccountSas/ActionMicrosoft.Storage/storageAccounts/ListAccountSas/action Restituisce il token SAS dell’account per l’account di archiviazione specificato.Returns the Account SAS token for the specified storage account.
Microsoft. storage/storageAccounts/ReadMicrosoft.Storage/storageAccounts/read Restituisce l'elenco di account di archiviazione o ottiene le proprietà per l’account di archiviazione specificato.Returns the list of storage accounts or gets the properties for the specified storage account.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/c12c1c16-33a1-487b-954d-41c89c60f349",
  "name": "c12c1c16-33a1-487b-954d-41c89c60f349",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/listKeys/action",
        "Microsoft.Storage/storageAccounts/ListAccountSas/action",
        "Microsoft.Storage/storageAccounts/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Reader and Data Access",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore account di archiviazioneStorage Account Contributor

Consente di gestire gli account di archiviazione.Permits management of storage accounts. Consente di accedere alla chiave dell'account, che può essere usata per accedere ai dati usando l'autorizzazione con chiave condivisa.Provides access to the account key, which can be used to access data via Shared Key authorization. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* Crea, aggiorna o legge l'impostazione di diagnostica per Analysis ServerCreates, updates, or reads the diagnostic setting for Analysis Server
Microsoft. Network/virtualNetworks/Subnets/joinViaServiceEndpoint/ActionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action Aggiunge una risorsa come un account di archiviazione o un database SQL a una subnet.Joins resource such as storage account or SQL database to a subnet. Senza avvisi.Not alertable.
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. storage/storageAccounts/*Microsoft.Storage/storageAccounts/* Creare e gestire account di archiviazioneCreate and manage storage accounts
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage storage accounts, including accessing storage account keys which provide full access to storage account data.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab",
  "name": "17d1049b-9a84-46fb-8f53-869881c3d3ab",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Insights/diagnosticSettings/*",
        "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Storage/storageAccounts/*",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Account Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo del servizio dell'operatore della chiave dell'account di archiviazioneStorage Account Key Operator Service Role

Consente di elencare e rigenerare le chiavi di accesso dell'account di archiviazione.Permits listing and regenerating storage account access keys. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/listkeys/ActionMicrosoft.Storage/storageAccounts/listkeys/action Restituisce le chiavi di accesso per l'account di archiviazione specificato.Returns the access keys for the specified storage account.
Microsoft. storage/storageAccounts/RegenerateKey/ActionMicrosoft.Storage/storageAccounts/regeneratekey/action Rigenera le chiavi di accesso per l'account di archiviazione specificato.Regenerates the access keys for the specified storage account.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Storage Account Key Operators are allowed to list and regenerate keys on Storage Accounts",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/81a9662b-bebf-436f-a333-f67b29880f12",
  "name": "81a9662b-bebf-436f-a333-f67b29880f12",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/listkeys/action",
        "Microsoft.Storage/storageAccounts/regeneratekey/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Account Key Operator Service Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore ai dati del BLOB di archiviazioneStorage Blob Data Contributor

Consente di leggere, scrivere ed eliminare i contenitori e i BLOB di archiviazione di Azure.Read, write, and delete Azure Storage containers and blobs. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/blobServices/Containers/DeleteMicrosoft.Storage/storageAccounts/blobServices/containers/delete Elimina un contenitore.Delete a container.
Microsoft. storage/storageAccounts/blobServices/Containers/ReadMicrosoft.Storage/storageAccounts/blobServices/containers/read Restituisce un contenitore o un elenco di contenitori.Return a container or a list of containers.
Microsoft. storage/storageAccounts/blobServices/Containers/WriteMicrosoft.Storage/storageAccounts/blobServices/containers/write Modifica i metadati o le proprietà di un contenitore.Modify a container's metadata or properties.
Microsoft. storage/storageAccounts/blobServices/generateUserDelegationKey/ActionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action Restituisce una chiave di delega utente per il servizio BLOB.Returns a user delegation key for the Blob service.
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/DeleteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/delete Eliminare un BLOB.Delete a blob.
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/ReadMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read Restituisce un BLOB o un elenco di BLOB.Return a blob or a list of blobs.
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/Move/ActionMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/move/action Sposta il BLOB da un percorso a un altroMoves the blob from one path to another
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/WriteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/write Consente di scrivere in un BLOB.Write to a blob.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for read, write and delete access to Azure Storage blob containers and data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe",
  "name": "ba92f5b4-2d11-453d-a403-e96b0029c9fe",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/delete",
        "Microsoft.Storage/storageAccounts/blobServices/containers/read",
        "Microsoft.Storage/storageAccounts/blobServices/containers/write",
        "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action",
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Blob Data Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Proprietario dei dati del BLOB di archiviazioneStorage Blob Data Owner

Concede l'accesso completo ai contenitori e ai dati dei BLOB di Archiviazione di Azure, inclusa l'assegnazione del controllo di accesso POSIX.Provides full access to Azure Storage blob containers and data, including assigning POSIX access control. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/blobServices/Containers/*Microsoft.Storage/storageAccounts/blobServices/containers/* Autorizzazioni complete per i contenitori.Full permissions on containers.
Microsoft. storage/storageAccounts/blobServices/generateUserDelegationKey/ActionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action Restituisce una chiave di delega utente per il servizio BLOB.Returns a user delegation key for the Blob service.
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/*Microsoft.Storage/storageAccounts/blobServices/containers/blobs/* Autorizzazioni complete per i BLOB.Full permissions on blobs.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for full access to Azure Storage blob containers and data, including assigning POSIX access control.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b",
  "name": "b7e6dc6d-f1e8-4753-8033-0f276bb0955b",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/*",
        "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Blob Data Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore dei dati del BLOB di archiviazioneStorage Blob Data Reader

Consente di leggere ed elencare i contenitori e i BLOB di archiviazione di Azure.Read and list Azure Storage containers and blobs. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/blobServices/Containers/ReadMicrosoft.Storage/storageAccounts/blobServices/containers/read Restituisce un contenitore o un elenco di contenitori.Return a container or a list of containers.
Microsoft. storage/storageAccounts/blobServices/generateUserDelegationKey/ActionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action Restituisce una chiave di delega utente per il servizio BLOB.Returns a user delegation key for the Blob service.
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/blobServices/Containers/Blobs/ReadMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read Restituisce un BLOB o un elenco di BLOB.Return a blob or a list of blobs.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for read access to Azure Storage blob containers and data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/2a2b9908-6ea1-4ae2-8e65-a410df84e7d1",
  "name": "2a2b9908-6ea1-4ae2-8e65-a410df84e7d1",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/read",
        "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Blob Data Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Delegante di BLOB di archiviazioneStorage Blob Delegator

Ottiene una chiave di delega utente, che può quindi essere usata per creare una firma di accesso condiviso per un contenitore o un BLOB firmato con credenziali di Azure AD.Get a user delegation key, which can then be used to create a shared access signature for a container or blob that is signed with Azure AD credentials. Per altre informazioni, vedere Creare una firma di accesso condiviso di delega utente.For more information, see Create a user delegation SAS. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/blobServices/generateUserDelegationKey/ActionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action Restituisce una chiave di delega utente per il servizio BLOB.Returns a user delegation key for the Blob service.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for generation of a user delegation key which can be used to sign SAS tokens",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/db58b8e5-c6ad-4a2a-8342-4190687cbf4a",
  "name": "db58b8e5-c6ad-4a2a-8342-4190687cbf4a",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Blob Delegator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore per la condivisione SMB di dati per file di archiviazioneStorage File Data SMB Share Contributor

Consente l'accesso in lettura, scrittura ed eliminazione a file e directory nelle condivisioni file di Azure.Allows for read, write, and delete access on files/directories in Azure file shares. Questo ruolo non ha un equivalente predefinito nei file server Windows.This role has no built-in equivalent on Windows file servers. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/fileServices/fileshares/files/ReadMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/read Restituisce un file, una cartella o un elenco di file/cartelle.Returns a file/folder or a list of files/folders.
Microsoft. storage/storageAccounts/fileServices/fileshares/Files/WriteMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/write Restituisce il risultato della scrittura di un file o della creazione di una cartella.Returns the result of writing a file or creating a folder.
Microsoft. storage/storageAccounts/fileServices/fileshares/files/DeleteMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/delete Restituisce il risultato dell'eliminazione di un file o una cartella.Returns the result of deleting a file/folder.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for read, write, and delete access in Azure Storage file shares over SMB",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb",
  "name": "0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read",
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write",
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage File Data SMB Share Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore con privilegi elevati per la condivisione SMB di dati per file di archiviazioneStorage File Data SMB Share Elevated Contributor

Consente la lettura, scrittura, eliminazione e modifica degli ACL nei file e nelle directory delle condivisioni file di Azure.Allows for read, write, delete, and modify ACLs on files/directories in Azure file shares. Questo ruolo è equivalente a un ACL di modifica della condivisione file nei file server Windows.This role is equivalent to a file share ACL of change on Windows file servers. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/fileServices/fileshares/files/ReadMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/read Restituisce un file, una cartella o un elenco di file/cartelle.Returns a file/folder or a list of files/folders.
Microsoft. storage/storageAccounts/fileServices/fileshares/Files/WriteMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/write Restituisce il risultato della scrittura di un file o della creazione di una cartella.Returns the result of writing a file or creating a folder.
Microsoft. storage/storageAccounts/fileServices/fileshares/files/DeleteMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/delete Restituisce il risultato dell'eliminazione di un file o una cartella.Returns the result of deleting a file/folder.
Microsoft. storage/storageAccounts/fileServices/fileshares/files/ModifyPermissions/ActionMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action Restituisce il risultato della modifica delle autorizzazioni per un file o una cartella.Returns the result of modifying permission on a file/folder.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/a7264617-510b-434b-a828-9731dc254ea7",
  "name": "a7264617-510b-434b-a828-9731dc254ea7",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read",
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write",
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete",
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage File Data SMB Share Elevated Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo con autorizzazioni di lettura per la condivisione SMB di dati per file di archiviazioneStorage File Data SMB Share Reader

Consente l'accesso in lettura a file e directory nelle condivisioni file di Azure.Allows for read access on files/directories in Azure file shares. Questo ruolo è equivalente a un ACL di lettura della condivisione file nei file server Windows.This role is equivalent to a file share ACL of read on Windows file servers. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/fileServices/fileshares/files/ReadMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/read Restituisce un file, una cartella o un elenco di file/cartelle.Returns a file/folder or a list of files/folders.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for read access to Azure File Share over SMB",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/aba4ae5f-2193-4029-9191-0cb91df5e314",
  "name": "aba4ae5f-2193-4029-9191-0cb91df5e314",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage File Data SMB Share Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore ai dati della coda di archiviazioneStorage Queue Data Contributor

Lettura, scrittura ed eliminazione delle code e dei messaggi delle code di Azure.Read, write, and delete Azure Storage queues and queue messages. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/queueServices/Queues/DeleteMicrosoft.Storage/storageAccounts/queueServices/queues/delete Elimina una coda.Delete a queue.
Microsoft. storage/storageAccounts/queueServices/Queues/ReadMicrosoft.Storage/storageAccounts/queueServices/queues/read Restituisce una coda o un elenco di code.Return a queue or a list of queues.
Microsoft. storage/storageAccounts/queueServices/Queues/WriteMicrosoft.Storage/storageAccounts/queueServices/queues/write Modifica le proprietà o i metadati della coda.Modify queue metadata or properties.
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/queueServices/Queues/messages/DeleteMicrosoft.Storage/storageAccounts/queueServices/queues/messages/delete Elimina uno o più messaggi da una coda.Delete one or more messages from a queue.
Microsoft. storage/storageAccounts/queueServices/Queues/messages/ReadMicrosoft.Storage/storageAccounts/queueServices/queues/messages/read Visualizza in anteprima o recupera uno o più messaggi da una coda.Peek or retrieve one or more messages from a queue.
Microsoft. storage/storageAccounts/queueServices/Queues/messages/WriteMicrosoft.Storage/storageAccounts/queueServices/queues/messages/write Aggiunge un messaggio a una coda.Add a message to a queue.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for read, write, and delete access to Azure Storage queues and queue messages",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/974c5e8b-45b9-4653-ba55-5f855dd0fb88",
  "name": "974c5e8b-45b9-4653-ba55-5f855dd0fb88",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/queueServices/queues/delete",
        "Microsoft.Storage/storageAccounts/queueServices/queues/read",
        "Microsoft.Storage/storageAccounts/queueServices/queues/write"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/queueServices/queues/messages/delete",
        "Microsoft.Storage/storageAccounts/queueServices/queues/messages/read",
        "Microsoft.Storage/storageAccounts/queueServices/queues/messages/write"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Queue Data Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo con autorizzazioni di elaborazione per i messaggi sui dati della coda di archiviazioneStorage Queue Data Message Processor

Visualizzazione in anteprima, recupero ed eliminazione di un messaggio da una coda di Archiviazione di Azure.Peek, retrieve, and delete a message from an Azure Storage queue. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/queueServices/Queues/messages/ReadMicrosoft.Storage/storageAccounts/queueServices/queues/messages/read Visualizza in anteprima un messaggio.Peek a message.
Microsoft. storage/storageAccounts/queueServices/Queues/messages/Process/ActionMicrosoft.Storage/storageAccounts/queueServices/queues/messages/process/action Recupera ed elimina un messaggio.Retrieve and delete a message.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for peek, receive, and delete access to Azure Storage queue messages",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/8a0f0c08-91a1-4084-bc3d-661d67233fed",
  "name": "8a0f0c08-91a1-4084-bc3d-661d67233fed",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/queueServices/queues/messages/read",
        "Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Queue Data Message Processor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Mittente dei messaggi sui dati della coda di archiviazioneStorage Queue Data Message Sender

Consente di aggiungere messaggi a una coda di Archiviazione di Azure.Add messages to an Azure Storage queue. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/queueServices/Queues/messages/Add/ActionMicrosoft.Storage/storageAccounts/queueServices/queues/messages/add/action Aggiunge un messaggio a una coda.Add a message to a queue.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for sending of Azure Storage queue messages",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/c6a89b2d-59bc-44d0-9896-0f6e12d7b80a",
  "name": "c6a89b2d-59bc-44d0-9896-0f6e12d7b80a",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Queue Data Message Sender",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo con autorizzazioni di lettura per i dati della coda di archiviazioneStorage Queue Data Reader

Consente di leggere ed elencare le code e i messaggi delle code di Azure.Read and list Azure Storage queues and queue messages. Per informazioni sulle azioni necessarie per una determinata operazione sui dati, vedere le autorizzazioni per la chiamata di operazioni sui dati BLOB e della coda.To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. storage/storageAccounts/queueServices/Queues/ReadMicrosoft.Storage/storageAccounts/queueServices/queues/read Restituisce una coda o un elenco di code.Returns a queue or a list of queues.
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. storage/storageAccounts/queueServices/Queues/messages/ReadMicrosoft.Storage/storageAccounts/queueServices/queues/messages/read Visualizza in anteprima o recupera uno o più messaggi da una coda.Peek or retrieve one or more messages from a queue.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for read access to Azure Storage queues and queue messages",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/19e7f393-937e-4f77-808e-94535e297925",
  "name": "19e7f393-937e-4f77-808e-94535e297925",
  "permissions": [
    {
      "actions": [
        "Microsoft.Storage/storageAccounts/queueServices/queues/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Storage/storageAccounts/queueServices/queues/messages/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Storage Queue Data Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

WebWeb

Lettore di dati per Mappe di AzureAzure Maps Data Reader

Concede l'accesso per la lettura dei dati correlati alle mappe da un account Mappe di Azure.Grants access to read map related data from an Azure maps account.

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. Maps/Accounts/*/ReadMicrosoft.Maps/accounts/*/read
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Grants access to read map related data from an Azure maps account.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa",
  "name": "423170ca-a8f6-4b0f-8487-9e4eb8f49bfa",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.Maps/accounts/*/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Maps Data Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore servizi di ricercaSearch Service Contributor

Consente di gestire i servizi di Ricerca, ma non di accedervi.Lets you manage Search services, but not access to them. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. search/searchServices/*Microsoft.Search/searchServices/* È in grado di creare e gestire servizi di ricercaCreate and manage search services
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage Search services, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0",
  "name": "7ca78c08-252a-4471-8644-bb5ff32d4ba0",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Search/searchServices/*",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Search Service Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore piani WebWeb Plan Contributor

Consente di gestire i piani Web per i siti Web, ma non di accedervi.Lets you manage the web plans for websites, but not access to them.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Web/serverFarms/*Microsoft.Web/serverFarms/* Creare e gestire server farmCreate and manage server farms
Microsoft. Web/hostingEnvironments/join/ActionMicrosoft.Web/hostingEnvironments/Join/Action Aggiunge un ambiente del servizio appJoins an App Service Environment
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage the web plans for websites, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b",
  "name": "2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.Web/serverFarms/*",
        "Microsoft.Web/hostingEnvironments/Join/Action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Web Plan Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore siti WebWebsite Contributor

Consente di gestire i siti Web (non i piani Web), ma non di accedervi.Lets you manage websites (not web plans), but not access to them.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Insights/Components/*Microsoft.Insights/components/* È in grado di creare e gestire i componenti di InsightsCreate and manage Insights components
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Web/Certificates/*Microsoft.Web/certificates/* Creare e gestire certificati dei siti WebCreate and manage website certificates
Microsoft. Web/listSitesAssignedToHostName/ReadMicrosoft.Web/listSitesAssignedToHostName/read Ottiene i nomi dei siti assegnati al nome host.Get names of sites assigned to hostname.
Microsoft. Web/serverFarms/join/ActionMicrosoft.Web/serverFarms/join/action Aggiunge un piano di servizio appJoins an App Service Plan
Microsoft. Web/serverFarms/ReadMicrosoft.Web/serverFarms/read Ottiene le proprietà per un piano di servizio appGet the properties on an App Service Plan
Microsoft. Web/sites/*Microsoft.Web/sites/* Creare e gestire siti Web. Per creare un sito sono anche necessarie le autorizzazione di scrittura associate al piano di servizio appCreate and manage websites (site creation also requires write permissions to the associated App Service Plan)
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage websites (not web plans), but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772",
  "name": "de139f84-1756-47ae-9be6-808fbbe84772",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Insights/components/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.Web/certificates/*",
        "Microsoft.Web/listSitesAssignedToHostName/read",
        "Microsoft.Web/serverFarms/join/action",
        "Microsoft.Web/serverFarms/read",
        "Microsoft.Web/sites/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Website Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

ContenitoriContainers

AcrDeleteAcrDelete

eliminazione di ACR ulteriori informazioniacr delete Learn more

AzioniActions DescrizioneDescription
Microsoft. ContainerRegistry/Registries/Artifacts/DeleteMicrosoft.ContainerRegistry/registries/artifacts/delete Elimina l'artefatto in un registro contenitori.Delete artifact in a container registry.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "acr delete",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11",
  "name": "c2f4ef07-c644-48eb-af81-4b1b4947fb11",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerRegistry/registries/artifacts/delete"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "AcrDelete",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

AcrImageSignerAcrImageSigner

firmatario dell'immagine ACR altre informazioniacr image signer Learn more

AzioniActions DescrizioneDescription
Microsoft. ContainerRegistry/Registries/Sign/WriteMicrosoft.ContainerRegistry/registries/sign/write Eseguire il push/pull di metadati considerati attendibili per un registro contenitori.Push/Pull content trust metadata for a container registry.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "acr image signer",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/6cef56e8-d556-48e5-a04f-b8e64114680f",
  "name": "6cef56e8-d556-48e5-a04f-b8e64114680f",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerRegistry/registries/sign/write"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "AcrImageSigner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

AcrPullAcrPull

Pull ACR- altre informazioniacr pull Learn more

AzioniActions DescrizioneDescription
Microsoft. ContainerRegistry/Registries/pull/ReadMicrosoft.ContainerRegistry/registries/pull/read Eseguire il pull o ottenere immagini da un registro contenitori.Pull or Get images from a container registry.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "acr pull",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d",
  "name": "7f951dda-4ed3-4680-a7ca-43fe172d538d",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerRegistry/registries/pull/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "AcrPull",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

AcrPushAcrPush

push ACR ulteriori informazioniacr push Learn more

AzioniActions DescrizioneDescription
Microsoft. ContainerRegistry/Registries/pull/ReadMicrosoft.ContainerRegistry/registries/pull/read Eseguire il pull o ottenere immagini da un registro contenitori.Pull or Get images from a container registry.
Microsoft. ContainerRegistry/Registries/push/WriteMicrosoft.ContainerRegistry/registries/push/write Eseguire il push o scrivere immagini in un registro contenitori.Push or Write images to a container registry.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "acr push",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec",
  "name": "8311e382-0749-4cb8-b61a-304f252e45ec",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerRegistry/registries/pull/read",
        "Microsoft.ContainerRegistry/registries/push/write"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "AcrPush",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

AcrQuarantineReaderAcrQuarantineReader

lettore di dati di quarantena acracr quarantine data reader

AzioniActions DescrizioneDescription
Microsoft. ContainerRegistry/Registries/Quarantine/ReadMicrosoft.ContainerRegistry/registries/quarantine/read Eseguire il pull o ottenere immagini in quarantena da un registro contenitoriPull or Get quarantined images from container registry
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "acr quarantine data reader",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/cdda3590-29a3-44f6-95f2-9f980659eb04",
  "name": "cdda3590-29a3-44f6-95f2-9f980659eb04",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerRegistry/registries/quarantine/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "AcrQuarantineReader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

AcrQuarantineWriterAcrQuarantineWriter

writer di dati di quarantena acracr quarantine data writer

AzioniActions DescrizioneDescription
Microsoft. ContainerRegistry/Registries/Quarantine/ReadMicrosoft.ContainerRegistry/registries/quarantine/read Eseguire il pull o ottenere immagini in quarantena da un registro contenitoriPull or Get quarantined images from container registry
Microsoft. ContainerRegistry/Registries/Quarantine/WriteMicrosoft.ContainerRegistry/registries/quarantine/write Scrivere/modificare lo stato di quarantena di immagini in quarantenaWrite/Modify quarantine state of quarantined images
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "acr quarantine data writer",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
  "name": "c8d4ff99-41c3-41a8-9f60-21dfdad59608",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerRegistry/registries/quarantine/read",
        "Microsoft.ContainerRegistry/registries/quarantine/write"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "AcrQuarantineWriter",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo di amministratore del cluster del servizio Azure KubernetesAzure Kubernetes Service Cluster Admin Role

Elencare l'azione delle credenziali di amministratore del cluster.List cluster admin credential action. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. servizio contenitore/managedClusters/listClusterAdminCredential/ActionMicrosoft.ContainerService/managedClusters/listClusterAdminCredential/action Elenca la credenziale clusterAdmin di un cluster gestitoList the clusterAdmin credential of a managed cluster
Microsoft. servizio contenitore/managedClusters/accessProfiles/listCredential/ActionMicrosoft.ContainerService/managedClusters/accessProfiles/listCredential/action Recupera il profilo di accesso per un cluster gestito in base al nome del ruolo con un'operazione di elenco delle credenzialiGet a managed cluster access profile by role name using list credential
Microsoft. servizio contenitore/managedClusters/ReadMicrosoft.ContainerService/managedClusters/read Recupera un cluster gestitoGet a managed cluster
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "List cluster admin credential action.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8",
  "name": "0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action",
        "Microsoft.ContainerService/managedClusters/accessProfiles/listCredential/action",
        "Microsoft.ContainerService/managedClusters/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Kubernetes Service Cluster Admin Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo di utente del cluster del servizio Azure KubernetesAzure Kubernetes Service Cluster User Role

Elencare l'azione delle credenziali di utente del cluster.List cluster user credential action. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. servizio contenitore/managedClusters/listClusterUserCredential/ActionMicrosoft.ContainerService/managedClusters/listClusterUserCredential/action Elenca la credenziale clusterUser di un cluster gestitoList the clusterUser credential of a managed cluster
Microsoft. servizio contenitore/managedClusters/ReadMicrosoft.ContainerService/managedClusters/read Recupera un cluster gestitoGet a managed cluster
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "List cluster user credential action.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/4abbcc35-e782-43d8-92c5-2d3f1bd2253f",
  "name": "4abbcc35-e782-43d8-92c5-2d3f1bd2253f",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerService/managedClusters/listClusterUserCredential/action",
        "Microsoft.ContainerService/managedClusters/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Kubernetes Service Cluster User Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo Collaboratore servizio di Azure KubernetesAzure Kubernetes Service Contributor Role

Concessione dell'accesso per la lettura e la scrittura di cluster di servizi Kubernetes di Azure altre informazioniGrants access to read and write Azure Kubernetes Service clusters Learn more

AzioniActions DescrizioneDescription
Microsoft. servizio contenitore/managedClusters/ReadMicrosoft.ContainerService/managedClusters/read Recupera un cluster gestitoGet a managed cluster
Microsoft. servizio contenitore/managedClusters/WriteMicrosoft.ContainerService/managedClusters/write Crea un nuovo cluster gestito o ne aggiorna uno esistenteCreates a new managed cluster or updates an existing one
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Grants access to read and write Azure Kubernetes Service clusters",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8",
  "name": "ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8",
  "permissions": [
    {
      "actions": [
        "Microsoft.ContainerService/managedClusters/read",
        "Microsoft.ContainerService/managedClusters/write",
        "Microsoft.Resources/deployments/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Kubernetes Service Contributor Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Amministratore RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Admin

Consente di gestire tutte le risorse in cluster/spazio dei nomi, ad eccezione di Aggiorna o Elimina le quote e gli spazi dei nomi delle risorse.Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/WriteMicrosoft.Resources/deployments/write Crea o aggiorna una distribuzione.Creates or updates an deployment.
Microsoft. resources/subscriptions/operationresults/ReadMicrosoft.Resources/subscriptions/operationresults/read Ottiene i risultati dell'operazione di sottoscrizione.Get the subscription operation results.
Microsoft. resources/subscriptions/ReadMicrosoft.Resources/subscriptions/read Ottiene l'elenco delle sottoscrizioni.Gets the list of subscriptions.
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. servizio contenitore/managedClusters/listClusterUserCredential/ActionMicrosoft.ContainerService/managedClusters/listClusterUserCredential/action Elenca la credenziale clusterUser di un cluster gestitoList the clusterUser credential of a managed cluster
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. servizio contenitore/managedClusters/*Microsoft.ContainerService/managedClusters/*
NotDataActionsNotDataActions
Microsoft. servizio contenitore/managedClusters/resourcequotas/WriteMicrosoft.ContainerService/managedClusters/resourcequotas/write Scrive resourcequotasWrites resourcequotas
Microsoft. servizio contenitore/managedClusters/resourcequotas/DeleteMicrosoft.ContainerService/managedClusters/resourcequotas/delete Elimina resourcequotasDeletes resourcequotas
Microsoft. servizio contenitore/managedClusters/Namespaces/WriteMicrosoft.ContainerService/managedClusters/namespaces/write Scrive gli spazi dei nomiWrites namespaces
Microsoft. servizio contenitore/managedClusters/Namespaces/DeleteMicrosoft.ContainerService/managedClusters/namespaces/delete Elimina gli spazi dei nomiDeletes namespaces
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/3498e952-d568-435e-9b2c-8d77e338d7f7",
  "name": "3498e952-d568-435e-9b2c-8d77e338d7f7",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/write",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Resources/subscriptions/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.ContainerService/managedClusters/listClusterUserCredential/action"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.ContainerService/managedClusters/*"
      ],
      "notDataActions": [
        "Microsoft.ContainerService/managedClusters/resourcequotas/write",
        "Microsoft.ContainerService/managedClusters/resourcequotas/delete",
        "Microsoft.ContainerService/managedClusters/namespaces/write",
        "Microsoft.ContainerService/managedClusters/namespaces/delete"
      ]
    }
  ],
  "roleName": "Azure Kubernetes Service RBAC Admin",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Amministrazione del cluster RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Cluster Admin

Consente di gestire tutte le risorse del cluster.Lets you manage all resources in the cluster. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/WriteMicrosoft.Resources/deployments/write Crea o aggiorna una distribuzione.Creates or updates an deployment.
Microsoft. resources/subscriptions/operationresults/ReadMicrosoft.Resources/subscriptions/operationresults/read Ottiene i risultati dell'operazione di sottoscrizione.Get the subscription operation results.
Microsoft. resources/subscriptions/ReadMicrosoft.Resources/subscriptions/read Ottiene l'elenco delle sottoscrizioni.Gets the list of subscriptions.
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. servizio contenitore/managedClusters/listClusterUserCredential/ActionMicrosoft.ContainerService/managedClusters/listClusterUserCredential/action Elenca la credenziale clusterUser di un cluster gestitoList the clusterUser credential of a managed cluster
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. servizio contenitore/managedClusters/*Microsoft.ContainerService/managedClusters/*
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage all resources in the cluster.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b",
  "name": "b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/write",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Resources/subscriptions/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.ContainerService/managedClusters/listClusterUserCredential/action"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.ContainerService/managedClusters/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Kubernetes Service RBAC Cluster Admin",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Reader

Consente di visualizzare tutte le risorse in cluster/spazio dei nomi, eccetto i segreti.Lets you view all resources in cluster/namespace, except secrets. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/WriteMicrosoft.Resources/deployments/write Crea o aggiorna una distribuzione.Creates or updates an deployment.
Microsoft. resources/subscriptions/operationresults/ReadMicrosoft.Resources/subscriptions/operationresults/read Ottiene i risultati dell'operazione di sottoscrizione.Get the subscription operation results.
Microsoft. resources/subscriptions/ReadMicrosoft.Resources/subscriptions/read Ottiene l'elenco delle sottoscrizioni.Gets the list of subscriptions.
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. servizio contenitore/managedClusters/listClusterUserCredential/ActionMicrosoft.ContainerService/managedClusters/listClusterUserCredential/action Elenca la credenziale clusterUser di un cluster gestitoList the clusterUser credential of a managed cluster
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. servizio contenitore/managedClusters/*/ReadMicrosoft.ContainerService/managedClusters/*/read
NotDataActionsNotDataActions
Microsoft. servizio contenitore/managedClusters/RBAC.Authorization.K8S.io/*/ReadMicrosoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/read
Microsoft. servizio contenitore/managedClusters/RBAC.Authorization.K8S.io/*/WriteMicrosoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/write
Microsoft. servizio contenitore/managedClusters/Secrets/*Microsoft.ContainerService/managedClusters/secrets/*
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you view all resources in cluster/namespace, except secrets.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/7f6c6a51-bcf8-42ba-9220-52d62157d7db",
  "name": "7f6c6a51-bcf8-42ba-9220-52d62157d7db",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/write",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Resources/subscriptions/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.ContainerService/managedClusters/listClusterUserCredential/action"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.ContainerService/managedClusters/*/read"
      ],
      "notDataActions": [
        "Microsoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/read",
        "Microsoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/write",
        "Microsoft.ContainerService/managedClusters/secrets/*"
      ]
    }
  ],
  "roleName": "Azure Kubernetes Service RBAC Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Writer RBAC del servizio Kubernetes di AzureAzure Kubernetes Service RBAC Writer

Consente di aggiornare tutti gli elementi in cluster/spazio dei nomi, eccetto le quote di risorse, gli spazi dei nomi, i criteri di sicurezza Pod, le richieste di firma dei certificati, i ruoli (cluster) e le associazioni di ruolo (cluster).Lets you update everything in cluster/namespace, except resource quotas, namespaces, pod security policies, certificate signing requests, (cluster)roles and (cluster)role bindings. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/WriteMicrosoft.Resources/deployments/write Crea o aggiorna una distribuzione.Creates or updates an deployment.
Microsoft. resources/subscriptions/operationresults/ReadMicrosoft.Resources/subscriptions/operationresults/read Ottiene i risultati dell'operazione di sottoscrizione.Get the subscription operation results.
Microsoft. resources/subscriptions/ReadMicrosoft.Resources/subscriptions/read Ottiene l'elenco delle sottoscrizioni.Gets the list of subscriptions.
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. servizio contenitore/managedClusters/listClusterUserCredential/ActionMicrosoft.ContainerService/managedClusters/listClusterUserCredential/action Elenca la credenziale clusterUser di un cluster gestitoList the clusterUser credential of a managed cluster
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. servizio contenitore/managedClusters/*/ReadMicrosoft.ContainerService/managedClusters/*/read
Microsoft. servizio contenitore/managedClusters/*/WriteMicrosoft.ContainerService/managedClusters/*/write
NotDataActionsNotDataActions
Microsoft. servizio contenitore/managedClusters/RBAC.Authorization.K8S.io/*/ReadMicrosoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/read
Microsoft. servizio contenitore/managedClusters/RBAC.Authorization.K8S.io/*/WriteMicrosoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/write
Microsoft. servizio contenitore/managedClusters/Namespaces/WriteMicrosoft.ContainerService/managedClusters/namespaces/write Scrive gli spazi dei nomiWrites namespaces
Microsoft. servizio contenitore/managedClusters/resourcequotas/WriteMicrosoft.ContainerService/managedClusters/resourcequotas/write Scrive resourcequotasWrites resourcequotas
Microsoft. servizio contenitore/managedClusters/Certificates.K8S.io/certificatesigningrequests/WriteMicrosoft.ContainerService/managedClusters/certificates.k8s.io/certificatesigningrequests/write Scrive certificatesigningrequestsWrites certificatesigningrequests
Microsoft. servizio contenitore/managedClusters/Policy/podsecuritypolicies/WriteMicrosoft.ContainerService/managedClusters/policy/podsecuritypolicies/write Scrive podsecuritypoliciesWrites podsecuritypolicies
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you update everything in cluster/namespace, except resource quotas, namespaces, pod security policies, certificate signing requests, (cluster)roles and (cluster)role bindings.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb",
  "name": "a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/write",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Resources/subscriptions/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.ContainerService/managedClusters/listClusterUserCredential/action"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.ContainerService/managedClusters/*/read",
        "Microsoft.ContainerService/managedClusters/*/write"
      ],
      "notDataActions": [
        "Microsoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/read",
        "Microsoft.ContainerService/managedClusters/rbac.authorization.k8s.io/*/write",
        "Microsoft.ContainerService/managedClusters/namespaces/write",
        "Microsoft.ContainerService/managedClusters/resourcequotas/write",
        "Microsoft.ContainerService/managedClusters/certificates.k8s.io/certificatesigningrequests/write",
        "Microsoft.ContainerService/managedClusters/policy/podsecuritypolicies/write"
      ]
    }
  ],
  "roleName": "Azure Kubernetes Service RBAC Writer",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

DatabaseDatabases

Ruolo Lettore dell'account Cosmos DBCosmos DB Account Reader Role

Può leggere i dati degli account Azure Cosmos DB.Can read Azure Cosmos DB account data. Vedere Collaboratore account DocumentDB per la gestione degli account Azure Cosmos DB.See DocumentDB Account Contributor for managing Azure Cosmos DB accounts. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft.DocumentDB/*/ReadMicrosoft.DocumentDB/*/read Leggere tutte le raccolteRead any collection
Microsoft.DocumentDB/databaseAccounts/readonlykeys/ActionMicrosoft.DocumentDB/databaseAccounts/readonlykeys/action Legge le chiavi di sola lettura degli account di database.Reads the database account readonly keys.
Microsoft. Insights/MetricDefinitions/ReadMicrosoft.Insights/MetricDefinitions/read Consente di leggere le definizioni della metricaRead metric definitions
Microsoft. Insights/Metrics/ReadMicrosoft.Insights/Metrics/read Esegue la lettura delle metricheRead metrics
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can read Azure Cosmos DB Accounts data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/fbdf93bf-df7d-467e-a4d2-9458aa1360c8",
  "name": "fbdf93bf-df7d-467e-a4d2-9458aa1360c8",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.DocumentDB/*/read",
        "Microsoft.DocumentDB/databaseAccounts/readonlykeys/action",
        "Microsoft.Insights/MetricDefinitions/read",
        "Microsoft.Insights/Metrics/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Cosmos DB Account Reader Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Operatore di Cosmos DBCosmos DB Operator

Consente di gestire gli account Azure Cosmos DB, ma non di accedere ai dati contenuti negli stessi.Lets you manage Azure Cosmos DB accounts, but not access data in them. Impedisce l'accesso a chiavi dell'account e stringhe di connessione.Prevents access to account keys and connection strings. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft.DocumentDb/databaseAccounts/*Microsoft.DocumentDb/databaseAccounts/*
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Network/virtualNetworks/Subnets/joinViaServiceEndpoint/ActionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action Aggiunge una risorsa come un account di archiviazione o un database SQL a una subnet.Joins resource such as storage account or SQL database to a subnet. Senza avvisi.Not alertable.
NotActionsNotActions
Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*
Microsoft.DocumentDB/databaseAccounts/regenerateKey/*Microsoft.DocumentDB/databaseAccounts/regenerateKey/*
Microsoft.DocumentDB/databaseAccounts/listKeys/*Microsoft.DocumentDB/databaseAccounts/listKeys/*
Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/230815da-be43-4aae-9cb4-875f7bd000aa",
  "name": "230815da-be43-4aae-9cb4-875f7bd000aa",
  "permissions": [
    {
      "actions": [
        "Microsoft.DocumentDb/databaseAccounts/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Authorization/*/read",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action"
      ],
      "notActions": [
        "Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*",
        "Microsoft.DocumentDB/databaseAccounts/regenerateKey/*",
        "Microsoft.DocumentDB/databaseAccounts/listKeys/*",
        "Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Cosmos DB Operator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

CosmosBackupOperatorCosmosBackupOperator

È possibile inviare una richiesta di ripristino per un database Cosmos DB o un contenitore per un account ulteriori informazioniCan submit restore request for a Cosmos DB database or a container for an account Learn more

AzioniActions DescrizioneDescription
Microsoft.DocumentDB/databaseAccounts/backup/ActionMicrosoft.DocumentDB/databaseAccounts/backup/action Invia una richiesta per configurare il backupSubmit a request to configure backup
Microsoft.DocumentDB/databaseAccounts/Restore/ActionMicrosoft.DocumentDB/databaseAccounts/restore/action Invia una richiesta di ripristinoSubmit a restore request
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can submit restore request for a Cosmos DB database or a container for an account",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/db7b14f2-5adf-42da-9f96-f2ee17bab5cb",
  "name": "db7b14f2-5adf-42da-9f96-f2ee17bab5cb",
  "permissions": [
    {
      "actions": [
        "Microsoft.DocumentDB/databaseAccounts/backup/action",
        "Microsoft.DocumentDB/databaseAccounts/restore/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "CosmosBackupOperator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore account DocumentDBDocumentDB Account Contributor

È in grado di gestire account Azure Cosmos DB.Can manage Azure Cosmos DB accounts. Azure Cosmos DB era precedentemente noto come DocumentDB.Azure Cosmos DB is formerly known as DocumentDB. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft.DocumentDb/databaseAccounts/*Microsoft.DocumentDb/databaseAccounts/* Creare e gestire account Azure Cosmos DBCreate and manage Azure Cosmos DB accounts
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Network/virtualNetworks/Subnets/joinViaServiceEndpoint/ActionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action Aggiunge una risorsa come un account di archiviazione o un database SQL a una subnet.Joins resource such as storage account or SQL database to a subnet. Senza avvisi.Not alertable.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage DocumentDB accounts, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/5bd9cd88-fe45-4216-938b-f97437e15450",
  "name": "5bd9cd88-fe45-4216-938b-f97437e15450",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.DocumentDb/databaseAccounts/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "DocumentDB Account Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore cache RedisRedis Cache Contributor

Consente di gestire le cache Redis, ma non di accedervi.Lets you manage Redis caches, but not access to them.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. cache/Register/ActionMicrosoft.Cache/register/action Registra il provider di risorse 'Microsoft.Cache' con una sottoscrizioneRegisters the 'Microsoft.Cache' resource provider with a subscription
Microsoft. cache/Redis/*Microsoft.Cache/redis/* Creare e gestire cache RedisCreate and manage Redis caches
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage Redis caches, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17",
  "name": "e0f68234-74aa-48ed-b826-c38b57376e17",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Cache/register/action",
        "Microsoft.Cache/redis/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Redis Cache Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore database SQLSQL DB Contributor

Consente di gestire i database SQL, ma non di accederviLets you manage SQL databases, but not access to them. né di gestirne i criteri relativi alla sicurezza o i rispettivi server SQL padre.Also, you can't manage their security-related policies or their parent SQL servers. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. SQL/locations/*/ReadMicrosoft.Sql/locations/*/read
Microsoft. SQL/Servers/databases/*Microsoft.Sql/servers/databases/* Creare e gestire database SQLCreate and manage SQL databases
Microsoft. SQL/Servers/ReadMicrosoft.Sql/servers/read Restituisce l'elenco di server o ottiene le proprietà per il server specificatoReturn the list of servers or gets the properties for the specified server.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Insights/Metrics/ReadMicrosoft.Insights/metrics/read Esegue la lettura delle metricheRead metrics
Microsoft. Insights/metricDefinitions/ReadMicrosoft.Insights/metricDefinitions/read Consente di leggere le definizioni della metricaRead metric definitions
NotActionsNotActions
Microsoft. SQL/managedInstances/databases/currentSensitivityLabels/*Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*
Microsoft. SQL/managedInstances/databases/recommendedSensitivityLabels/*Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*
Microsoft. SQL/managedInstances/databases/schemas/Tables/Columns/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft. SQL/managedInstances/databases/securityAlertPolicies/*Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*
Microsoft. SQL/managedInstances/databases/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/sensitivityLabels/*
Microsoft. SQL/managedInstances/databases/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*
Microsoft. SQL/managedInstances/securityAlertPolicies/*Microsoft.Sql/managedInstances/securityAlertPolicies/*
Microsoft. SQL/managedInstances/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/vulnerabilityAssessments/*
Microsoft. SQL/Servers/databases/auditingPolicies/*Microsoft.Sql/servers/databases/auditingPolicies/* Modificare i criteri di controlloEdit audit policies
Microsoft. SQL/Servers/databases/auditingSettings/*Microsoft.Sql/servers/databases/auditingSettings/* Modificare le impostazioni di controlloEdit audit settings
Microsoft. SQL/Servers/databases/auditRecords/ReadMicrosoft.Sql/servers/databases/auditRecords/read Recupera i record di controllo BLOB del databaseRetrieve the database blob audit records
Microsoft. SQL/Servers/databases/connectionPolicies/*Microsoft.Sql/servers/databases/connectionPolicies/* Modificare i criteri di connessioneEdit connection policies
Microsoft. SQL/Servers/databases/currentSensitivityLabels/*Microsoft.Sql/servers/databases/currentSensitivityLabels/*
Microsoft. SQL/Servers/databases/dataMaskingPolicies/*Microsoft.Sql/servers/databases/dataMaskingPolicies/* Modificare i criteri di mascheratura dei datiEdit data masking policies
Microsoft. SQL/Servers/databases/extendedAuditingSettings/*Microsoft.Sql/servers/databases/extendedAuditingSettings/*
Microsoft. SQL/Servers/databases/recommendedSensitivityLabels/*Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*
Microsoft. SQL/Servers/databases/schemas/Tables/Columns/sensitivityLabels/*Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft. SQL/Servers/databases/securityAlertPolicies/*Microsoft.Sql/servers/databases/securityAlertPolicies/* Modificare i criteri di avviso di sicurezzaEdit security alert policies
Microsoft. SQL/Servers/databases/securityMetrics/*Microsoft.Sql/servers/databases/securityMetrics/* Modificare i criteri di protezioneEdit security metrics
Microsoft. SQL/Servers/databases/sensitivityLabels/*Microsoft.Sql/servers/databases/sensitivityLabels/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessments/*Microsoft.Sql/servers/databases/vulnerabilityAssessments/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessmentScans/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessmentSettings/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*
Microsoft. SQL/Servers/vulnerabilityAssessments/*Microsoft.Sql/servers/vulnerabilityAssessments/*
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/9b7fa17d-e63e-47b0-bb0a-15c516ac86ec",
  "name": "9b7fa17d-e63e-47b0-bb0a-15c516ac86ec",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Sql/locations/*/read",
        "Microsoft.Sql/servers/databases/*",
        "Microsoft.Sql/servers/read",
        "Microsoft.Support/*",
        "Microsoft.Insights/metrics/read",
        "Microsoft.Insights/metricDefinitions/read"
      ],
      "notActions": [
        "Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*",
        "Microsoft.Sql/managedInstances/databases/sensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*",
        "Microsoft.Sql/managedInstances/securityAlertPolicies/*",
        "Microsoft.Sql/managedInstances/vulnerabilityAssessments/*",
        "Microsoft.Sql/servers/databases/auditingPolicies/*",
        "Microsoft.Sql/servers/databases/auditingSettings/*",
        "Microsoft.Sql/servers/databases/auditRecords/read",
        "Microsoft.Sql/servers/databases/connectionPolicies/*",
        "Microsoft.Sql/servers/databases/currentSensitivityLabels/*",
        "Microsoft.Sql/servers/databases/dataMaskingPolicies/*",
        "Microsoft.Sql/servers/databases/extendedAuditingSettings/*",
        "Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*",
        "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*",
        "Microsoft.Sql/servers/databases/securityAlertPolicies/*",
        "Microsoft.Sql/servers/databases/securityMetrics/*",
        "Microsoft.Sql/servers/databases/sensitivityLabels/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessments/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*",
        "Microsoft.Sql/servers/vulnerabilityAssessments/*"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "SQL DB Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore per Istanza gestita di SQLSQL Managed Instance Contributor

Consente di gestire le istanze gestite di SQL e la configurazione di rete necessaria, ma non consente l'accesso ad altri utenti.Lets you manage SQL Managed Instances and required network configuration, but can't give access to others.

AzioniActions DescrizioneDescription
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. Network/networkSecurityGroups/*Microsoft.Network/networkSecurityGroups/*
Microsoft. Network/routeTables/*Microsoft.Network/routeTables/*
Microsoft. SQL/locations/*/ReadMicrosoft.Sql/locations/*/read
Microsoft. SQL/locations/instanceFailoverGroups/*Microsoft.Sql/locations/instanceFailoverGroups/*
Microsoft. SQL/managedInstances/*Microsoft.Sql/managedInstances/*
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Network/virtualNetworks/Subnets/*Microsoft.Network/virtualNetworks/subnets/*
Microsoft. Network/virtualNetworks/*Microsoft.Network/virtualNetworks/*
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Insights/Metrics/ReadMicrosoft.Insights/metrics/read Esegue la lettura delle metricheRead metrics
Microsoft. Insights/metricDefinitions/ReadMicrosoft.Insights/metricDefinitions/read Consente di leggere le definizioni della metricaRead metric definitions
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage SQL Managed Instances and required network configuration, but can't give access to others.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/4939a1f6-9ae0-4e48-a1e0-f2cbe897382d",
  "name": "4939a1f6-9ae0-4e48-a1e0-f2cbe897382d",
  "permissions": [
    {
      "actions": [
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Network/networkSecurityGroups/*",
        "Microsoft.Network/routeTables/*",
        "Microsoft.Sql/locations/*/read",
        "Microsoft.Sql/locations/instanceFailoverGroups/*",
        "Microsoft.Sql/managedInstances/*",
        "Microsoft.Support/*",
        "Microsoft.Network/virtualNetworks/subnets/*",
        "Microsoft.Network/virtualNetworks/*",
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Insights/metrics/read",
        "Microsoft.Insights/metricDefinitions/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "SQL Managed Instance Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Gestione della sicurezza SQLSQL Security Manager

Consente di gestire i criteri relativi alla sicurezza di server e database SQL, ma non di accedervi.Lets you manage the security-related policies of SQL servers and databases, but not access to them. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Network/virtualNetworks/Subnets/joinViaServiceEndpoint/ActionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action Aggiunge una risorsa come un account di archiviazione o un database SQL a una subnet.Joins resource such as storage account or SQL database to a subnet. Senza avvisi.Not alertable.
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. SQL/managedInstances/databases/currentSensitivityLabels/*Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*
Microsoft. SQL/managedInstances/databases/recommendedSensitivityLabels/*Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*
Microsoft. SQL/managedInstances/databases/schemas/Tables/Columns/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft. SQL/managedInstances/databases/securityAlertPolicies/*Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*
Microsoft. SQL/managedInstances/databases/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/sensitivityLabels/*
Microsoft. SQL/managedInstances/databases/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*
Microsoft. SQL/managedInstances/securityAlertPolicies/*Microsoft.Sql/managedInstances/securityAlertPolicies/*
Microsoft. SQL/managedInstances/databases/transparentDataEncryption/*Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*
Microsoft. SQL/managedInstances/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/vulnerabilityAssessments/*
Microsoft. SQL/Servers/auditingPolicies/*Microsoft.Sql/servers/auditingPolicies/* Creare e gestire criteri di controllo di server SQLCreate and manage SQL server auditing policies
Microsoft. SQL/Servers/auditingSettings/*Microsoft.Sql/servers/auditingSettings/* Creare e gestire le impostazioni di controllo di SQL ServerCreate and manage SQL server auditing setting
Microsoft. SQL/Servers/extendedAuditingSettings/ReadMicrosoft.Sql/servers/extendedAuditingSettings/read Recupera i dettagli dei criteri di controllo BLOB del server esteso configurati in uno specifico serverRetrieve details of the extended server blob auditing policy configured on a given server
Microsoft. SQL/Servers/databases/auditingPolicies/*Microsoft.Sql/servers/databases/auditingPolicies/* Creare e gestire i criteri di controllo dei database SQLCreate and manage SQL server database auditing policies
Microsoft. SQL/Servers/databases/auditingSettings/*Microsoft.Sql/servers/databases/auditingSettings/* Creare e gestire le impostazioni di controllo dei database di SQL ServerCreate and manage SQL server database auditing settings
Microsoft. SQL/Servers/databases/auditRecords/ReadMicrosoft.Sql/servers/databases/auditRecords/read Recupera i record di controllo BLOB del databaseRetrieve the database blob audit records
Microsoft. SQL/Servers/databases/connectionPolicies/*Microsoft.Sql/servers/databases/connectionPolicies/* Creare e gestire i criteri di connessione dei database dei server SQLCreate and manage SQL server database connection policies
Microsoft. SQL/Servers/databases/currentSensitivityLabels/*Microsoft.Sql/servers/databases/currentSensitivityLabels/*
Microsoft. SQL/Servers/databases/dataMaskingPolicies/*Microsoft.Sql/servers/databases/dataMaskingPolicies/* Creare e gestire i criteri della maschera dei dati dei database dei server SQLCreate and manage SQL server database data masking policies
Microsoft. SQL/Servers/databases/extendedAuditingSettings/ReadMicrosoft.Sql/servers/databases/extendedAuditingSettings/read Recupera i dettagli dei criteri di controllo BLOB esteso configurati in uno specifico databaseRetrieve details of the extended blob auditing policy configured on a given database
Microsoft. SQL/Servers/databases/ReadMicrosoft.Sql/servers/databases/read Restituisce l'elenco dei database o ottiene le proprietà per il database specificatoReturn the list of databases or gets the properties for the specified database.
Microsoft. SQL/Servers/databases/recommendedSensitivityLabels/*Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*
Microsoft. SQL/Servers/databases/schemas/ReadMicrosoft.Sql/servers/databases/schemas/read Recupera uno schema del database.Get a database schema.
Microsoft. SQL/Servers/databases/schemas/Tables/Columns/ReadMicrosoft.Sql/servers/databases/schemas/tables/columns/read Recupera una colonna del database.Get a database column.
Microsoft. SQL/Servers/databases/schemas/Tables/Columns/sensitivityLabels/*Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft. SQL/Servers/databases/schemas/Tables/ReadMicrosoft.Sql/servers/databases/schemas/tables/read Recupera una tabella del database.Get a database table.
Microsoft. SQL/Servers/databases/securityAlertPolicies/*Microsoft.Sql/servers/databases/securityAlertPolicies/* Creare e gestire i criteri degli avvisi di sicurezza dei database di SQL ServerCreate and manage SQL server database security alert policies
Microsoft. SQL/Servers/databases/securityMetrics/*Microsoft.Sql/servers/databases/securityMetrics/* Creare e gestire le metriche di sicurezza dei database di server SQLCreate and manage SQL server database security metrics
Microsoft. SQL/Servers/databases/sensitivityLabels/*Microsoft.Sql/servers/databases/sensitivityLabels/*
Microsoft. SQL/Servers/databases/transparentDataEncryption/*Microsoft.Sql/servers/databases/transparentDataEncryption/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessments/*Microsoft.Sql/servers/databases/vulnerabilityAssessments/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessmentScans/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessmentSettings/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*
Microsoft. SQL/Servers/firewallRules/*Microsoft.Sql/servers/firewallRules/*
Microsoft. SQL/Servers/ReadMicrosoft.Sql/servers/read Restituisce l'elenco di server o ottiene le proprietà per il server specificatoReturn the list of servers or gets the properties for the specified server.
Microsoft. SQL/Servers/securityAlertPolicies/*Microsoft.Sql/servers/securityAlertPolicies/* Creare e gestire i criteri degli avvisi di sicurezza di SQL ServerCreate and manage SQL server security alert policies
Microsoft. SQL/Servers/vulnerabilityAssessments/*Microsoft.Sql/servers/vulnerabilityAssessments/*
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage the security-related policies of SQL servers and databases, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3",
  "name": "056cd41c-7e88-42e1-933e-88ba6a50c9c3",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*",
        "Microsoft.Sql/managedInstances/databases/sensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*",
        "Microsoft.Sql/managedInstances/securityAlertPolicies/*",
        "Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*",
        "Microsoft.Sql/managedInstances/vulnerabilityAssessments/*",
        "Microsoft.Sql/servers/auditingPolicies/*",
        "Microsoft.Sql/servers/auditingSettings/*",
        "Microsoft.Sql/servers/extendedAuditingSettings/read",
        "Microsoft.Sql/servers/databases/auditingPolicies/*",
        "Microsoft.Sql/servers/databases/auditingSettings/*",
        "Microsoft.Sql/servers/databases/auditRecords/read",
        "Microsoft.Sql/servers/databases/connectionPolicies/*",
        "Microsoft.Sql/servers/databases/currentSensitivityLabels/*",
        "Microsoft.Sql/servers/databases/dataMaskingPolicies/*",
        "Microsoft.Sql/servers/databases/extendedAuditingSettings/read",
        "Microsoft.Sql/servers/databases/read",
        "Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*",
        "Microsoft.Sql/servers/databases/schemas/read",
        "Microsoft.Sql/servers/databases/schemas/tables/columns/read",
        "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*",
        "Microsoft.Sql/servers/databases/schemas/tables/read",
        "Microsoft.Sql/servers/databases/securityAlertPolicies/*",
        "Microsoft.Sql/servers/databases/securityMetrics/*",
        "Microsoft.Sql/servers/databases/sensitivityLabels/*",
        "Microsoft.Sql/servers/databases/transparentDataEncryption/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessments/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*",
        "Microsoft.Sql/servers/firewallRules/*",
        "Microsoft.Sql/servers/read",
        "Microsoft.Sql/servers/securityAlertPolicies/*",
        "Microsoft.Sql/servers/vulnerabilityAssessments/*",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "SQL Security Manager",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore SQL ServerSQL Server Contributor

Consente di gestire i server e i database SQL, ma non di accedervi né di gestirne i criteri relativi alla sicurezza.Lets you manage SQL servers and databases, but not access to them, and not their security-related policies. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. SQL/locations/*/ReadMicrosoft.Sql/locations/*/read
Microsoft. SQL/Servers/*Microsoft.Sql/servers/* Creare e gestire server SQLCreate and manage SQL servers
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Insights/Metrics/ReadMicrosoft.Insights/metrics/read Esegue la lettura delle metricheRead metrics
Microsoft. Insights/metricDefinitions/ReadMicrosoft.Insights/metricDefinitions/read Consente di leggere le definizioni della metricaRead metric definitions
NotActionsNotActions
Microsoft. SQL/managedInstances/databases/currentSensitivityLabels/*Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*
Microsoft. SQL/managedInstances/databases/recommendedSensitivityLabels/*Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*
Microsoft. SQL/managedInstances/databases/schemas/Tables/Columns/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft. SQL/managedInstances/databases/securityAlertPolicies/*Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*
Microsoft. SQL/managedInstances/databases/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/sensitivityLabels/*
Microsoft. SQL/managedInstances/databases/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*
Microsoft. SQL/managedInstances/securityAlertPolicies/*Microsoft.Sql/managedInstances/securityAlertPolicies/*
Microsoft. SQL/managedInstances/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/vulnerabilityAssessments/*
Microsoft. SQL/Servers/auditingPolicies/*Microsoft.Sql/servers/auditingPolicies/* Modificare i criteri di controllo di SQL ServerEdit SQL server auditing policies
Microsoft. SQL/Servers/auditingSettings/*Microsoft.Sql/servers/auditingSettings/* Modificare le impostazioni di controllo di SQL ServerEdit SQL server auditing settings
Microsoft. SQL/Servers/databases/auditingPolicies/*Microsoft.Sql/servers/databases/auditingPolicies/* Modificare i criteri di controllo dei database di SQL ServerEdit SQL server database auditing policies
Microsoft. SQL/Servers/databases/auditingSettings/*Microsoft.Sql/servers/databases/auditingSettings/* Modificare le impostazioni di controllo dei database di SQL ServerEdit SQL server database auditing settings
Microsoft. SQL/Servers/databases/auditRecords/ReadMicrosoft.Sql/servers/databases/auditRecords/read Recupera i record di controllo BLOB del databaseRetrieve the database blob audit records
Microsoft. SQL/Servers/databases/connectionPolicies/*Microsoft.Sql/servers/databases/connectionPolicies/* Modificare i criteri di connessione dei database di SQL ServerEdit SQL server database connection policies
Microsoft. SQL/Servers/databases/currentSensitivityLabels/*Microsoft.Sql/servers/databases/currentSensitivityLabels/*
Microsoft. SQL/Servers/databases/dataMaskingPolicies/*Microsoft.Sql/servers/databases/dataMaskingPolicies/* Modificare i criteri di mascheratura dei dati dei database di SQL serverEdit SQL server database data masking policies
Microsoft. SQL/Servers/databases/extendedAuditingSettings/*Microsoft.Sql/servers/databases/extendedAuditingSettings/*
Microsoft. SQL/Servers/databases/recommendedSensitivityLabels/*Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*
Microsoft. SQL/Servers/databases/schemas/Tables/Columns/sensitivityLabels/*Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft. SQL/Servers/databases/securityAlertPolicies/*Microsoft.Sql/servers/databases/securityAlertPolicies/* Modificare i criteri degli avvisi di sicurezza dei database di SQL ServerEdit SQL server database security alert policies
Microsoft. SQL/Servers/databases/securityMetrics/*Microsoft.Sql/servers/databases/securityMetrics/* Modificare le metriche di protezione dei database di SQL ServerEdit SQL server database security metrics
Microsoft. SQL/Servers/databases/sensitivityLabels/*Microsoft.Sql/servers/databases/sensitivityLabels/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessments/*Microsoft.Sql/servers/databases/vulnerabilityAssessments/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessmentScans/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*
Microsoft. SQL/Servers/databases/vulnerabilityAssessmentSettings/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*
Microsoft. SQL/Servers/extendedAuditingSettings/*Microsoft.Sql/servers/extendedAuditingSettings/*
Microsoft. SQL/Servers/securityAlertPolicies/*Microsoft.Sql/servers/securityAlertPolicies/* Modificare i criteri degli avvisi di sicurezza di SQL ServerEdit SQL server security alert policies
Microsoft. SQL/Servers/vulnerabilityAssessments/*Microsoft.Sql/servers/vulnerabilityAssessments/*
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437",
  "name": "6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Sql/locations/*/read",
        "Microsoft.Sql/servers/*",
        "Microsoft.Support/*",
        "Microsoft.Insights/metrics/read",
        "Microsoft.Insights/metricDefinitions/read"
      ],
      "notActions": [
        "Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*",
        "Microsoft.Sql/managedInstances/databases/sensitivityLabels/*",
        "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*",
        "Microsoft.Sql/managedInstances/securityAlertPolicies/*",
        "Microsoft.Sql/managedInstances/vulnerabilityAssessments/*",
        "Microsoft.Sql/servers/auditingPolicies/*",
        "Microsoft.Sql/servers/auditingSettings/*",
        "Microsoft.Sql/servers/databases/auditingPolicies/*",
        "Microsoft.Sql/servers/databases/auditingSettings/*",
        "Microsoft.Sql/servers/databases/auditRecords/read",
        "Microsoft.Sql/servers/databases/connectionPolicies/*",
        "Microsoft.Sql/servers/databases/currentSensitivityLabels/*",
        "Microsoft.Sql/servers/databases/dataMaskingPolicies/*",
        "Microsoft.Sql/servers/databases/extendedAuditingSettings/*",
        "Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*",
        "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*",
        "Microsoft.Sql/servers/databases/securityAlertPolicies/*",
        "Microsoft.Sql/servers/databases/securityMetrics/*",
        "Microsoft.Sql/servers/databases/sensitivityLabels/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessments/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*",
        "Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*",
        "Microsoft.Sql/servers/extendedAuditingSettings/*",
        "Microsoft.Sql/servers/securityAlertPolicies/*",
        "Microsoft.Sql/servers/vulnerabilityAssessments/*"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "SQL Server Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

AnalyticsAnalytics

Proprietario dei dati di Hub eventi di AzureAzure Event Hubs Data Owner

Consente l'accesso completo alle risorse di Hub eventi di Azure.Allows for full access to Azure Event Hubs resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. EventHub/*Microsoft.EventHub/*
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. EventHub/*Microsoft.EventHub/*
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for full access to Azure Event Hubs resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec",
  "name": "f526a384-b230-433a-b45c-95f59c4a2dec",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/*"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Event Hubs Data Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ricevitore dei dati di Hub eventi di AzureAzure Event Hubs Data Receiver

Consente l'accesso per la ricezione alle risorse dell'Hub eventi di Azure.Allows receive access to Azure Event Hubs resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. EventHub/*/Eventhubs/consumergroups/ReadMicrosoft.EventHub/*/eventhubs/consumergroups/read
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. EventHub/*/Receive/ActionMicrosoft.EventHub/*/receive/action
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows receive access to Azure Event Hubs resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/a638d3c7-ab3a-418d-83e6-5f17a39d4fde",
  "name": "a638d3c7-ab3a-418d-83e6-5f17a39d4fde",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/*/eventhubs/consumergroups/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/*/receive/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Event Hubs Data Receiver",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Mittente dei dati di Hub eventi di AzureAzure Event Hubs Data Sender

Consente l'accesso per l'invio alle risorse dell'Hub eventi di Azure.Allows send access to Azure Event Hubs resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. EventHub/*/Eventhubs/ReadMicrosoft.EventHub/*/eventhubs/read
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. EventHub/*/Send/ActionMicrosoft.EventHub/*/send/action
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows send access to Azure Event Hubs resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/2b629674-e913-4c01-ae53-ef4638d8f975",
  "name": "2b629674-e913-4c01-ae53-ef4638d8f975",
  "permissions": [
    {
      "actions": [
        "Microsoft.EventHub/*/eventhubs/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.EventHub/*/send/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Event Hubs Data Sender",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore Data FactoryData Factory Contributor

Consente di creare e gestire data factory, oltre alle risorse figlio in esse contenute.Create and manage data factories, as well as child resources within them. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. DataFactory/dataFactories/*Microsoft.DataFactory/dataFactories/* Creare e gestire data factory e le relative risorse figlio.Create and manage data factories, and child resources within them.
Microsoft. DataFactory/factories/*Microsoft.DataFactory/factories/* Creare e gestire data factory e le relative risorse figlio.Create and manage data factories, and child resources within them.
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. EventGrid/eventSubscriptions/WriteMicrosoft.EventGrid/eventSubscriptions/write Creare o aggiornare un oggetto eventSubscriptionCreate or update an eventSubscription
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Create and manage data factories, as well as child resources within them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/673868aa-7521-48a0-acc6-0f60742d39f5",
  "name": "673868aa-7521-48a0-acc6-0f60742d39f5",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.DataFactory/dataFactories/*",
        "Microsoft.DataFactory/factories/*",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*",
        "Microsoft.EventGrid/eventSubscriptions/write"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Data Factory Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Pulizia datiData Purger

È possibile ripulire i dati di analisi altre informazioniCan purge analytics data Learn more

AzioniActions DescrizioneDescription
Microsoft. Insights/Components/*/ReadMicrosoft.Insights/components/*/read
Microsoft. Insights/Components/Purge/ActionMicrosoft.Insights/components/purge/action Ripulitura dei dati da Application InsightsPurging data from Application Insights
Microsoft. OperationalInsights/Workspaces/*/ReadMicrosoft.OperationalInsights/workspaces/*/read Visualizzare i dati di analisi dei logView log analytics data
Microsoft. OperationalInsights/Workspaces/Purge/ActionMicrosoft.OperationalInsights/workspaces/purge/action Elimina i dati specificati dall'area di lavoroDelete specified data from workspace
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can purge analytics data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/150f5e0c-0603-4f03-8c7f-cf70034c4e90",
  "name": "150f5e0c-0603-4f03-8c7f-cf70034c4e90",
  "permissions": [
    {
      "actions": [
        "Microsoft.Insights/components/*/read",
        "Microsoft.Insights/components/purge/action",
        "Microsoft.OperationalInsights/workspaces/*/read",
        "Microsoft.OperationalInsights/workspaces/purge/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Data Purger",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Operatore di cluster HDInsightHDInsight Cluster Operator

Consente di leggere e modificare le configurazioni dei cluster HDInsight.Lets you read and modify HDInsight cluster configurations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. HDInsight/*/ReadMicrosoft.HDInsight/*/read
Microsoft. HDInsight/Clusters/getGatewaySettings/ActionMicrosoft.HDInsight/clusters/getGatewaySettings/action Recuperare le impostazioni del gateway per il cluster HDInsightGet gateway settings for HDInsight Cluster
Microsoft. HDInsight/Clusters/updateGatewaySettings/ActionMicrosoft.HDInsight/clusters/updateGatewaySettings/action Aggiornare le impostazioni del gateway per il cluster HDInsightUpdate gateway settings for HDInsight Cluster
Microsoft. HDInsight/Clusters/Configurations/*Microsoft.HDInsight/clusters/configurations/*
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. resources/Deployments/Operations/ReadMicrosoft.Resources/deployments/operations/read Ottiene o elenca le operazioni di distribuzione.Gets or lists deployment operations.
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you read and modify HDInsight cluster configurations.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/61ed4efc-fab3-44fd-b111-e24485cc132a",
  "name": "61ed4efc-fab3-44fd-b111-e24485cc132a",
  "permissions": [
    {
      "actions": [
        "Microsoft.HDInsight/*/read",
        "Microsoft.HDInsight/clusters/getGatewaySettings/action",
        "Microsoft.HDInsight/clusters/updateGatewaySettings/action",
        "Microsoft.HDInsight/clusters/configurations/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Resources/deployments/operations/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Authorization/*/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "HDInsight Cluster Operator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore Servizi di dominio HDInsightHDInsight Domain Services Contributor

Consente di leggere, creare, modificare ed eliminare le operazioni relative ai servizi di dominio necessarie per HDInsight Enterprise Security Package altre informazioniCan Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package Learn more

AzioniActions DescrizioneDescription
Microsoft. AAD/*/ReadMicrosoft.AAD/*/read
Microsoft. AAD/domainServices/*/ReadMicrosoft.AAD/domainServices/*/read
Microsoft. AAD/domainServices/oucontainer/*Microsoft.AAD/domainServices/oucontainer/*
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/8d8d5a11-05d3-4bda-a417-a08778121c7c",
  "name": "8d8d5a11-05d3-4bda-a417-a08778121c7c",
  "permissions": [
    {
      "actions": [
        "Microsoft.AAD/*/read",
        "Microsoft.AAD/domainServices/*/read",
        "Microsoft.AAD/domainServices/oucontainer/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "HDInsight Domain Services Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore di Log AnalyticsLog Analytics Contributor

Il ruolo Collaboratore di Log Analytics può leggere tutti i dati di monitoraggio e modificare le impostazioni di monitoraggio.Log Analytics Contributor can read all monitoring data and edit monitoring settings. La modifica delle impostazioni di monitoraggio include l'aggiunta di estensioni delle VM alle VM, la lettura delle chiavi dell'account di archiviazione per potere configurare la raccolta di log dall'Archiviazione di Azure, la creazione e la configurazione degli account di Automazione, l'aggiunta di soluzioni e la configurazione di Diagnostica di Azure in tutte le risorse di Azure.Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
*/lettura*/read Legge risorse di tutti i tipi, eccetto i segreti.Read resources of all types, except secrets.
Microsoft. Automation/automationAccounts/*Microsoft.Automation/automationAccounts/*
Microsoft. ClassicCompute/virtualMachines/Extensions/*Microsoft.ClassicCompute/virtualMachines/extensions/*
Microsoft. ClassicStorage/storageAccounts/listKeys/ActionMicrosoft.ClassicStorage/storageAccounts/listKeys/action Elenca le chiavi di accesso per gli account di archiviazione.Lists the access keys for the storage accounts.
Microsoft. Compute/virtualMachines/Extensions/*Microsoft.Compute/virtualMachines/extensions/*
Microsoft. HybridCompute/machines/Extensions/WriteMicrosoft.HybridCompute/machines/extensions/write Installa o aggiorna le estensioni di Azure ArcInstalls or Updates an Azure Arc extensions
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* Crea, aggiorna o legge l'impostazione di diagnostica per Analysis ServerCreates, updates, or reads the diagnostic setting for Analysis Server
Microsoft. OperationalInsights/*Microsoft.OperationalInsights/*
Microsoft. OperationsManagement/*Microsoft.OperationsManagement/*
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/ResourceGroups/Deployments/*Microsoft.Resources/subscriptions/resourcegroups/deployments/*
Microsoft. storage/storageAccounts/listKeys/ActionMicrosoft.Storage/storageAccounts/listKeys/action Restituisce le chiavi di accesso per l'account di archiviazione specificato.Returns the access keys for the specified storage account.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293",
  "name": "92aaf0da-9dab-42b6-94a3-d43ce8d16293",
  "permissions": [
    {
      "actions": [
        "*/read",
        "Microsoft.Automation/automationAccounts/*",
        "Microsoft.ClassicCompute/virtualMachines/extensions/*",
        "Microsoft.ClassicStorage/storageAccounts/listKeys/action",
        "Microsoft.Compute/virtualMachines/extensions/*",
        "Microsoft.HybridCompute/machines/extensions/write",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Insights/diagnosticSettings/*",
        "Microsoft.OperationalInsights/*",
        "Microsoft.OperationsManagement/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
        "Microsoft.Storage/storageAccounts/listKeys/action",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Log Analytics Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore di Log AnalyticsLog Analytics Reader

Il ruolo Lettore di Log Analytics può visualizzare ed eseguire ricerche in tutti i dati di monitoraggio e può visualizzare le impostazioni di monitoraggio, inclusa la visualizzazione della configurazione di Diagnostica di Azure in tutte le risorse di Azure.Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
*/lettura*/read Legge risorse di tutti i tipi, eccetto i segreti.Read resources of all types, except secrets.
Microsoft. OperationalInsights/Workspaces/Analytics/query/ActionMicrosoft.OperationalInsights/workspaces/analytics/query/action Esegue la ricerca usando il nuovo motore.Search using new engine.
Microsoft. OperationalInsights/Workspaces/Search/ActionMicrosoft.OperationalInsights/workspaces/search/action Esegue una query di ricercaExecutes a search query
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
Microsoft. OperationalInsights/Workspaces/sharedKeys/ReadMicrosoft.OperationalInsights/workspaces/sharedKeys/read Recupera le chiavi condivise per l'area di lavoro.Retrieves the shared keys for the workspace. Queste chiavi servono per collegare gli agenti di Microsoft Operational Insights all’area di lavoro.These keys are used to connect Microsoft Operational Insights agents to the workspace.
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/73c42c96-874c-492b-b04d-ab87d138a893",
  "name": "73c42c96-874c-492b-b04d-ab87d138a893",
  "permissions": [
    {
      "actions": [
        "*/read",
        "Microsoft.OperationalInsights/workspaces/analytics/query/action",
        "Microsoft.OperationalInsights/workspaces/search/action",
        "Microsoft.Support/*"
      ],
      "notActions": [
        "Microsoft.OperationalInsights/workspaces/sharedKeys/read"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Log Analytics Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

BlockchainBlockchain

Accesso ai nodi di tipo membro della blockchain (anteprima)Blockchain Member Node Access (Preview)

Consente di accedere ai nodi membro blockchain altre informazioniAllows for access to Blockchain Member nodes Learn more

AzioniActions DescrizioneDescription
Microsoft. blockchain/blockchainMembers/transactionNodes/ReadMicrosoft.Blockchain/blockchainMembers/transactionNodes/read Recupera o elenca i nodi della transazione di tipo membro della blockchain esistenti.Gets or Lists existing Blockchain Member Transaction Node(s).
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. blockchain/blockchainMembers/transactionNodes/Connect/ActionMicrosoft.Blockchain/blockchainMembers/transactionNodes/connect/action Stabilisce la connessione a un nodo della transazione di tipo membro della blockchain.Connects to a Blockchain Member Transaction Node.
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for access to Blockchain Member nodes",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/31a002a1-acaf-453e-8a5b-297c9ca1ea24",
  "name": "31a002a1-acaf-453e-8a5b-297c9ca1ea24",
  "permissions": [
    {
      "actions": [
        "Microsoft.Blockchain/blockchainMembers/transactionNodes/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.Blockchain/blockchainMembers/transactionNodes/connect/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Blockchain Member Node Access (Preview)",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Intelligenza artificiale e Machine LearningAI + machine learning

Collaboratore Servizi cognitiviCognitive Services Contributor

Consente di creare, leggere, aggiornare, eliminare e gestire le chiavi di Servizi cognitivi.Lets you create, read, update, delete and manage keys of Cognitive Services. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. CognitiveServices/*Microsoft.CognitiveServices/*
Microsoft. Features/features/ReadMicrosoft.Features/features/read Ottiene le funzionalità di una sottoscrizione.Gets the features of a subscription.
Microsoft. Features/Providers/features/ReadMicrosoft.Features/providers/features/read Ottiene la funzionalità di una sottoscrizione in un provider di risorse specificato.Gets the feature of a subscription in a given resource provider.
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* Crea, aggiorna o legge l'impostazione di diagnostica per Analysis ServerCreates, updates, or reads the diagnostic setting for Analysis Server
Microsoft. Insights/logDefinitions/ReadMicrosoft.Insights/logDefinitions/read Consente di leggere le definizioni del logRead log definitions
Microsoft. Insights/MetricDefinitions/ReadMicrosoft.Insights/metricdefinitions/read Consente di leggere le definizioni della metricaRead metric definitions
Microsoft. Insights/Metrics/ReadMicrosoft.Insights/metrics/read Esegue la lettura delle metricheRead metrics
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/Deployments/Operations/ReadMicrosoft.Resources/deployments/operations/read Ottiene o elenca le operazioni di distribuzione.Gets or lists deployment operations.
Microsoft. resources/subscriptions/operationresults/ReadMicrosoft.Resources/subscriptions/operationresults/read Ottiene i risultati dell'operazione di sottoscrizione.Get the subscription operation results.
Microsoft. resources/subscriptions/ReadMicrosoft.Resources/subscriptions/read Ottiene l'elenco delle sottoscrizioni.Gets the list of subscriptions.
Microsoft. resources/subscriptions/ResourceGroups/Deployments/*Microsoft.Resources/subscriptions/resourcegroups/deployments/*
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you create, read, update, delete and manage keys of Cognitive Services.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68",
  "name": "25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.CognitiveServices/*",
        "Microsoft.Features/features/read",
        "Microsoft.Features/providers/features/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Insights/diagnosticSettings/*",
        "Microsoft.Insights/logDefinitions/read",
        "Microsoft.Insights/metricdefinitions/read",
        "Microsoft.Insights/metrics/read",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/deployments/operations/read",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Resources/subscriptions/read",
        "Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Cognitive Services Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo con autorizzazioni di lettura per i dati di Servizi cognitivi (anteprima)Cognitive Services Data Reader (Preview)

Consente di leggere i dati di Servizi cognitivi.Lets you read Cognitive Services data.

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. CognitiveServices/*/ReadMicrosoft.CognitiveServices/*/read
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you read Cognitive Services data.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c",
  "name": "b59867f0-fa02-499b-be73-45a86b5b3e1c",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.CognitiveServices/*/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Cognitive Services Data Reader (Preview)",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Utente Servizi cognitiviCognitive Services User

Consente di leggere ed elencare le chiavi di Servizi cognitivi.Lets you read and list keys of Cognitive Services. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. CognitiveServices/*/ReadMicrosoft.CognitiveServices/*/read
Microsoft. CognitiveServices/accounts/listkeys/ActionMicrosoft.CognitiveServices/accounts/listkeys/action Elenco delle chiaviList Keys
Microsoft. Insights/alertRules/ReadMicrosoft.Insights/alertRules/read Legge un avviso della metrica (versione classica)Read a classic metric alert
Microsoft. Insights/diagnosticSettings/ReadMicrosoft.Insights/diagnosticSettings/read Legge un'impostazione di diagnostica della risorsaRead a resource diagnostic setting
Microsoft. Insights/logDefinitions/ReadMicrosoft.Insights/logDefinitions/read Consente di leggere le definizioni del logRead log definitions
Microsoft. Insights/MetricDefinitions/ReadMicrosoft.Insights/metricdefinitions/read Consente di leggere le definizioni della metricaRead metric definitions
Microsoft. Insights/Metrics/ReadMicrosoft.Insights/metrics/read Esegue la lettura delle metricheRead metrics
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/Operations/ReadMicrosoft.Resources/deployments/operations/read Ottiene o elenca le operazioni di distribuzione.Gets or lists deployment operations.
Microsoft. resources/subscriptions/operationresults/ReadMicrosoft.Resources/subscriptions/operationresults/read Ottiene i risultati dell'operazione di sottoscrizione.Get the subscription operation results.
Microsoft. resources/subscriptions/ReadMicrosoft.Resources/subscriptions/read Ottiene l'elenco delle sottoscrizioni.Gets the list of subscriptions.
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. CognitiveServices/*Microsoft.CognitiveServices/*
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you read and list keys of Cognitive Services.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908",
  "name": "a97b65f3-24c7-4388-baec-2e87135dc908",
  "permissions": [
    {
      "actions": [
        "Microsoft.CognitiveServices/*/read",
        "Microsoft.CognitiveServices/accounts/listkeys/action",
        "Microsoft.Insights/alertRules/read",
        "Microsoft.Insights/diagnosticSettings/read",
        "Microsoft.Insights/logDefinitions/read",
        "Microsoft.Insights/metricdefinitions/read",
        "Microsoft.Insights/metrics/read",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/operations/read",
        "Microsoft.Resources/subscriptions/operationresults/read",
        "Microsoft.Resources/subscriptions/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.CognitiveServices/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Cognitive Services User",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Realtà mistaMixed reality

Amministratore per il rendering remotoRemote Rendering Administrator

Fornisce agli utenti le funzionalità di conversione, gestione sessione, rendering e diagnostica per il rendering remoto di Azure altre informazioniProvides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. MixedReality/RemoteRenderingAccounts/Convert/ActionMicrosoft.MixedReality/RemoteRenderingAccounts/convert/action Avviare la conversione assetStart asset conversion
Microsoft. MixedReality/RemoteRenderingAccounts/Convert/ReadMicrosoft.MixedReality/RemoteRenderingAccounts/convert/read Ottenere le proprietà di conversione delle risorseGet asset conversion properties
Microsoft. MixedReality/RemoteRenderingAccounts/Convert/DeleteMicrosoft.MixedReality/RemoteRenderingAccounts/convert/delete Arresta conversione assetStop asset conversion
Microsoft. MixedReality/RemoteRenderingAccounts/managesessions/ReadMicrosoft.MixedReality/RemoteRenderingAccounts/managesessions/read Ottenere le proprietà della sessioneGet session properties
Microsoft. MixedReality/RemoteRenderingAccounts/managesessions/ActionMicrosoft.MixedReality/RemoteRenderingAccounts/managesessions/action Avvia sessioniStart sessions
Microsoft. MixedReality/RemoteRenderingAccounts/managesessions/DeleteMicrosoft.MixedReality/RemoteRenderingAccounts/managesessions/delete Arresta sessioniStop sessions
Microsoft. MixedReality/RemoteRenderingAccounts/render/ReadMicrosoft.MixedReality/RemoteRenderingAccounts/render/read Connettersi a una sessioneConnect to a session
Microsoft. MixedReality/RemoteRenderingAccounts/Diagnostic/ReadMicrosoft.MixedReality/RemoteRenderingAccounts/diagnostic/read Connettersi al controllo di rendering remotoConnect to the Remote Rendering inspector
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/3df8b902-2a6f-47c7-8cc5-360e9b272a7e",
  "name": "3df8b902-2a6f-47c7-8cc5-360e9b272a7e",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.MixedReality/RemoteRenderingAccounts/convert/action",
        "Microsoft.MixedReality/RemoteRenderingAccounts/convert/read",
        "Microsoft.MixedReality/RemoteRenderingAccounts/convert/delete",
        "Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read",
        "Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action",
        "Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete",
        "Microsoft.MixedReality/RemoteRenderingAccounts/render/read",
        "Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Remote Rendering Administrator",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Client di rendering remotoRemote Rendering Client

Consente agli utenti di gestire le funzionalità di sessione, rendering e diagnostica per il rendering remoto di Azure.Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. MixedReality/RemoteRenderingAccounts/managesessions/ReadMicrosoft.MixedReality/RemoteRenderingAccounts/managesessions/read Ottenere le proprietà della sessioneGet session properties
Microsoft. MixedReality/RemoteRenderingAccounts/managesessions/ActionMicrosoft.MixedReality/RemoteRenderingAccounts/managesessions/action Avvia sessioniStart sessions
Microsoft. MixedReality/RemoteRenderingAccounts/managesessions/DeleteMicrosoft.MixedReality/RemoteRenderingAccounts/managesessions/delete Arresta sessioniStop sessions
Microsoft. MixedReality/RemoteRenderingAccounts/render/ReadMicrosoft.MixedReality/RemoteRenderingAccounts/render/read Connettersi a una sessioneConnect to a session
Microsoft. MixedReality/RemoteRenderingAccounts/Diagnostic/ReadMicrosoft.MixedReality/RemoteRenderingAccounts/diagnostic/read Connettersi al controllo di rendering remotoConnect to the Remote Rendering inspector
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/d39065c4-c120-43c9-ab0a-63eed9795f0a",
  "name": "d39065c4-c120-43c9-ab0a-63eed9795f0a",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/read",
        "Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/action",
        "Microsoft.MixedReality/RemoteRenderingAccounts/managesessions/delete",
        "Microsoft.MixedReality/RemoteRenderingAccounts/render/read",
        "Microsoft.MixedReality/RemoteRenderingAccounts/diagnostic/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Remote Rendering Client",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore per l'account per gli ancoraggi spazialiSpatial Anchors Account Contributor

Consente di gestire gli ancoraggi spaziali nell'account, ma non di eliminarli per saperne di piùLets you manage spatial anchors in your account, but not delete them Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. MixedReality/SpatialAnchorsAccounts/create/ActionMicrosoft.MixedReality/SpatialAnchorsAccounts/create/action Creare ancoraggi nello spazioCreate spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/Discovery/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/discovery/read Individuare gli ancoraggi nello spazio viciniDiscover nearby spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/Properties/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/properties/read Recuperare le proprietà degli ancoraggi nello spazioGet properties of spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/query/readMicrosoft.MixedReality/SpatialAnchorsAccounts/query/read Individuare gli ancoraggi nello spazioLocate spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/submitdiag/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read Inviare i dati di diagnostica per contribuire a migliorare la qualità del servizio di ancoraggi nello spazio di AzureSubmit diagnostics data to help improve the quality of the Azure Spatial Anchors service
Microsoft. MixedReality/SpatialAnchorsAccounts/WriteMicrosoft.MixedReality/SpatialAnchorsAccounts/write Aggiornare le proprietà degli ancoraggi nello spazioUpdate spatial anchors properties
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage spatial anchors in your account, but not delete them",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827",
  "name": "8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.MixedReality/SpatialAnchorsAccounts/create/action",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/query/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/write"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Spatial Anchors Account Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Proprietario dell'account per gli ancoraggi spazialiSpatial Anchors Account Owner

Consente di gestire gli ancoraggi spaziali nell'account, inclusa l'eliminazione di altre informazioniLets you manage spatial anchors in your account, including deleting them Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. MixedReality/SpatialAnchorsAccounts/create/ActionMicrosoft.MixedReality/SpatialAnchorsAccounts/create/action Creare ancoraggi nello spazioCreate spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/DeleteMicrosoft.MixedReality/SpatialAnchorsAccounts/delete Eliminare gli ancoraggi nello spazioDelete spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/Discovery/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/discovery/read Individuare gli ancoraggi nello spazio viciniDiscover nearby spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/Properties/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/properties/read Recuperare le proprietà degli ancoraggi nello spazioGet properties of spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/query/readMicrosoft.MixedReality/SpatialAnchorsAccounts/query/read Individuare gli ancoraggi nello spazioLocate spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/submitdiag/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read Inviare i dati di diagnostica per contribuire a migliorare la qualità del servizio di ancoraggi nello spazio di AzureSubmit diagnostics data to help improve the quality of the Azure Spatial Anchors service
Microsoft. MixedReality/SpatialAnchorsAccounts/WriteMicrosoft.MixedReality/SpatialAnchorsAccounts/write Aggiornare le proprietà degli ancoraggi nello spazioUpdate spatial anchors properties
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage spatial anchors in your account, including deleting them",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/70bbe301-9835-447d-afdd-19eb3167307c",
  "name": "70bbe301-9835-447d-afdd-19eb3167307c",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.MixedReality/SpatialAnchorsAccounts/create/action",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/delete",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/query/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/write"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Spatial Anchors Account Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo Lettore dell'account per gli ancoraggi spazialiSpatial Anchors Account Reader

Consente di individuare e leggere le proprietà degli ancoraggi spaziali nell'account ulteriori informazioniLets you locate and read properties of spatial anchors in your account Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. MixedReality/SpatialAnchorsAccounts/Discovery/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/discovery/read Individuare gli ancoraggi nello spazio viciniDiscover nearby spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/Properties/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/properties/read Recuperare le proprietà degli ancoraggi nello spazioGet properties of spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/query/readMicrosoft.MixedReality/SpatialAnchorsAccounts/query/read Individuare gli ancoraggi nello spazioLocate spatial anchors
Microsoft. MixedReality/SpatialAnchorsAccounts/submitdiag/ReadMicrosoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read Inviare i dati di diagnostica per contribuire a migliorare la qualità del servizio di ancoraggi nello spazio di AzureSubmit diagnostics data to help improve the quality of the Azure Spatial Anchors service
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you locate and read properties of spatial anchors in your account",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/5d51204f-eb77-4b1c-b86a-2ec626c49413",
  "name": "5d51204f-eb77-4b1c-b86a-2ec626c49413",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/properties/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/query/read",
        "Microsoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Spatial Anchors Account Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

IntegrazioneIntegration

Collaboratore servizio Gestione APIAPI Management Service Contributor

È possibile gestire il servizio e le API altre informazioniCan manage service and the APIs Learn more

AzioniActions DescrizioneDescription
Microsoft. ApiManagement/Service/*Microsoft.ApiManagement/service/* È in grado di creare e gestire il servizio Gestione APICreate and manage API Management service
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can manage service and the APIs",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c",
  "name": "312a565d-c81f-4fd8-895a-4e21e48d571c",
  "permissions": [
    {
      "actions": [
        "Microsoft.ApiManagement/service/*",
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "API Management Service Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo operatore del servizio Gestione APIAPI Management Service Operator Role

Può gestire il servizio ma non le API altre informazioniCan manage service but not the APIs Learn more

AzioniActions DescrizioneDescription
Microsoft. ApiManagement/Service/*/ReadMicrosoft.ApiManagement/service/*/read Leggere le istanze del servizio Gestione APIRead API Management Service instances
Microsoft. ApiManagement/Service/backup/ActionMicrosoft.ApiManagement/service/backup/action Esegue il backup del servizio Gestione API nel contenitore specificato in un account di archiviazione fornito dall’utenteBackup API Management Service to the specified container in a user provided storage account
Microsoft. ApiManagement/Service/DeleteMicrosoft.ApiManagement/service/delete Elimina l’istanza del servizio Gestione APIDelete API Management Service instance
Microsoft. ApiManagement/Service/managedeployments/ActionMicrosoft.ApiManagement/service/managedeployments/action Modifica SKU/unità, aggiunge/rimuove distribuzioni regionali del servizio Gestione APIChange SKU/units, add/remove regional deployments of API Management Service
Microsoft. ApiManagement/Service/ReadMicrosoft.ApiManagement/service/read Leggere i metadati per un'istanza del servizio Gestione APIRead metadata for an API Management Service instance
Microsoft. ApiManagement/Service/Restore/ActionMicrosoft.ApiManagement/service/restore/action Ripristinare il servizio Gestione API dal contenitore specificato in un account di archiviazione fornito dall'utenteRestore API Management Service from the specified container in a user provided storage account
Microsoft. ApiManagement/Service/updatecertificate/ActionMicrosoft.ApiManagement/service/updatecertificate/action Carica il certificato TLS/SSL per un servizio Gestione API.Upload TLS/SSL certificate for an API Management Service
Microsoft. ApiManagement/Service/updatehostname/ActionMicrosoft.ApiManagement/service/updatehostname/action Configura, aggiorna o rimuove i nomi di dominio personalizzati per un servizio Gestione API.Setup, update or remove custom domain names for an API Management Service
Microsoft. ApiManagement/Service/WriteMicrosoft.ApiManagement/service/write Creare o aggiornare un'istanza del servizio Gestione API di AzureCreate or Update API Management Service instance
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
Microsoft. ApiManagement/Service/Users/Keys/ReadMicrosoft.ApiManagement/service/users/keys/read Recuperare le chiavi associate all'utenteGet keys associated with user
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Can manage service but not the APIs",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61",
  "name": "e022efe7-f5ba-4159-bbe4-b44f577e9b61",
  "permissions": [
    {
      "actions": [
        "Microsoft.ApiManagement/service/*/read",
        "Microsoft.ApiManagement/service/backup/action",
        "Microsoft.ApiManagement/service/delete",
        "Microsoft.ApiManagement/service/managedeployments/action",
        "Microsoft.ApiManagement/service/read",
        "Microsoft.ApiManagement/service/restore/action",
        "Microsoft.ApiManagement/service/updatecertificate/action",
        "Microsoft.ApiManagement/service/updatehostname/action",
        "Microsoft.ApiManagement/service/write",
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [
        "Microsoft.ApiManagement/service/users/keys/read"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "API Management Service Operator Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo lettura del servizio Gestione APIAPI Management Service Reader Role

Accesso in sola lettura al servizio e alle API altre informazioniRead-only access to service and APIs Learn more

AzioniActions DescrizioneDescription
Microsoft. ApiManagement/Service/*/ReadMicrosoft.ApiManagement/service/*/read Leggere le istanze del servizio Gestione APIRead API Management Service instances
Microsoft. ApiManagement/Service/ReadMicrosoft.ApiManagement/service/read Leggere i metadati per un'istanza del servizio Gestione APIRead metadata for an API Management Service instance
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
Microsoft. ApiManagement/Service/Users/Keys/ReadMicrosoft.ApiManagement/service/users/keys/read Recuperare le chiavi associate all'utenteGet keys associated with user
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Read-only access to service and APIs",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d",
  "name": "71522526-b88f-4d52-b57f-d31fc3546d0d",
  "permissions": [
    {
      "actions": [
        "Microsoft.ApiManagement/service/*/read",
        "Microsoft.ApiManagement/service/read",
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [
        "Microsoft.ApiManagement/service/users/keys/read"
      ],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "API Management Service Reader Role",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Proprietario dei dati di Configurazione dell'appApp Configuration Data Owner

Consente l'accesso completo ai dati di Configurazione dell'app.Allows full access to App Configuration data. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. AppConfiguration/configurationStores/*/ReadMicrosoft.AppConfiguration/configurationStores/*/read
Microsoft. AppConfiguration/configurationStores/*/WriteMicrosoft.AppConfiguration/configurationStores/*/write
Microsoft. AppConfiguration/configurationStores/*/DeleteMicrosoft.AppConfiguration/configurationStores/*/delete
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows full access to App Configuration data.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
  "name": "5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.AppConfiguration/configurationStores/*/read",
        "Microsoft.AppConfiguration/configurationStores/*/write",
        "Microsoft.AppConfiguration/configurationStores/*/delete"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "App Configuration Data Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo con autorizzazioni di lettura per i dati di Configurazione dell'appApp Configuration Data Reader

Consente l'accesso in lettura ai dati di Configurazione dell'app.Allows read access to App Configuration data. Altre informazioniLearn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. AppConfiguration/configurationStores/*/ReadMicrosoft.AppConfiguration/configurationStores/*/read
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows read access to App Configuration data.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071",
  "name": "516239f1-63e1-4d78-a4de-a74fb236a071",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.AppConfiguration/configurationStores/*/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "App Configuration Data Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Proprietario dei dati del bus di servizio di AzureAzure Service Bus Data Owner

Consente l'accesso completo alle risorse del bus di servizio di Azure.Allows for full access to Azure Service Bus resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. ServiceBus/*Microsoft.ServiceBus/*
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. ServiceBus/*Microsoft.ServiceBus/*
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for full access to Azure Service Bus resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419",
  "name": "090c5cfd-751d-490a-894a-3ce6f1109419",
  "permissions": [
    {
      "actions": [
        "Microsoft.ServiceBus/*"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.ServiceBus/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Service Bus Data Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ricevitore dei dati del bus di servizio di AzureAzure Service Bus Data Receiver

Consente l'accesso per la ricezione alle risorse del bus di servizio di Azure.Allows for receive access to Azure Service Bus resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. ServiceBus/*/Queues/ReadMicrosoft.ServiceBus/*/queues/read
Microsoft. ServiceBus/*/topics/ReadMicrosoft.ServiceBus/*/topics/read
Microsoft. ServiceBus/*/topics/subscriptions/ReadMicrosoft.ServiceBus/*/topics/subscriptions/read
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. ServiceBus/*/Receive/ActionMicrosoft.ServiceBus/*/receive/action
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for receive access to Azure Service Bus resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
  "name": "4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
  "permissions": [
    {
      "actions": [
        "Microsoft.ServiceBus/*/queues/read",
        "Microsoft.ServiceBus/*/topics/read",
        "Microsoft.ServiceBus/*/topics/subscriptions/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.ServiceBus/*/receive/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Service Bus Data Receiver",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Mittente dei dati del bus di servizio di AzureAzure Service Bus Data Sender

Consente l'accesso per l'invio alle risorse del bus di servizio di Azure.Allows for send access to Azure Service Bus resources. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. ServiceBus/*/Queues/ReadMicrosoft.ServiceBus/*/queues/read
Microsoft. ServiceBus/*/topics/ReadMicrosoft.ServiceBus/*/topics/read
Microsoft. ServiceBus/*/topics/subscriptions/ReadMicrosoft.ServiceBus/*/topics/subscriptions/read
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. ServiceBus/*/Send/ActionMicrosoft.ServiceBus/*/send/action
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows for send access to Azure Service Bus resources.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
  "name": "69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
  "permissions": [
    {
      "actions": [
        "Microsoft.ServiceBus/*/queues/read",
        "Microsoft.ServiceBus/*/topics/read",
        "Microsoft.ServiceBus/*/topics/subscriptions/read"
      ],
      "notActions": [],
      "dataActions": [
        "Microsoft.ServiceBus/*/send/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Service Bus Data Sender",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Proprietario della registrazione di Azure StackAzure Stack Registration Owner

Consente di gestire le registrazioni di Azure Stack.Lets you manage Azure Stack registrations.

AzioniActions DescrizioneDescription
Microsoft. AzureStack/edgeSubscriptions/ReadMicrosoft.AzureStack/edgeSubscriptions/read Ottenere le proprietà di una sottoscrizione di Azure Stack EdgeGet the properties of an Azure Stack Edge Subscription
Microsoft. AzureStack/registrations/Products/*/ActionMicrosoft.AzureStack/registrations/products/*/action
Microsoft. AzureStack/registrations/Products/ReadMicrosoft.AzureStack/registrations/products/read Ottiene le proprietà di un prodotto del marketplace Azure StackGets the properties of an Azure Stack Marketplace product
Microsoft. AzureStack/registrations/ReadMicrosoft.AzureStack/registrations/read Ottiene le proprietà di una registrazione di Azure StackGets the properties of an Azure Stack registration
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage Azure Stack registrations.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/6f12a6df-dd06-4f3e-bcb1-ce8be600526a",
  "name": "6f12a6df-dd06-4f3e-bcb1-ce8be600526a",
  "permissions": [
    {
      "actions": [
        "Microsoft.AzureStack/edgeSubscriptions/read",
        "Microsoft.AzureStack/registrations/products/*/action",
        "Microsoft.AzureStack/registrations/products/read",
        "Microsoft.AzureStack/registrations/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Azure Stack Registration Owner",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore per sottoscrizioni di eventi di Griglia di eventiEventGrid EventSubscription Contributor

Consente di gestire le operazioni di sottoscrizione di eventi EventGrid.Lets you manage EventGrid event subscription operations. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. EventGrid/eventSubscriptions/*Microsoft.EventGrid/eventSubscriptions/*
Microsoft. EventGrid/topicTypes/eventSubscriptions/ReadMicrosoft.EventGrid/topicTypes/eventSubscriptions/read Elenca le sottoscrizioni di eventi globali per tipo di argomentoList global event subscriptions by topic type
Microsoft. EventGrid/locations/eventSubscriptions/ReadMicrosoft.EventGrid/locations/eventSubscriptions/read Elenca sottoscrizioni di eventi per areaList regional event subscriptions
Microsoft. EventGrid/locations/topicTypes/eventSubscriptions/ReadMicrosoft.EventGrid/locations/topicTypes/eventSubscriptions/read Elenca sottoscrizioni di eventi per area per tipo di argomentoList regional event subscriptions by topictype
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage EventGrid event subscription operations.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
  "name": "428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.EventGrid/eventSubscriptions/*",
        "Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
        "Microsoft.EventGrid/locations/eventSubscriptions/read",
        "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "EventGrid EventSubscription Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Ruolo con autorizzazioni di lettura per sottoscrizioni di eventi di Griglia di eventiEventGrid EventSubscription Reader

Consente di leggere le sottoscrizioni di eventi EventGrid.Lets you read EventGrid event subscriptions. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. EventGrid/eventSubscriptions/ReadMicrosoft.EventGrid/eventSubscriptions/read Leggere un oggetto eventSubscriptionRead an eventSubscription
Microsoft. EventGrid/topicTypes/eventSubscriptions/ReadMicrosoft.EventGrid/topicTypes/eventSubscriptions/read Elenca le sottoscrizioni di eventi globali per tipo di argomentoList global event subscriptions by topic type
Microsoft. EventGrid/locations/eventSubscriptions/ReadMicrosoft.EventGrid/locations/eventSubscriptions/read Elenca sottoscrizioni di eventi per areaList regional event subscriptions
Microsoft. EventGrid/locations/topicTypes/eventSubscriptions/ReadMicrosoft.EventGrid/locations/topicTypes/eventSubscriptions/read Elenca sottoscrizioni di eventi per area per tipo di argomentoList regional event subscriptions by topictype
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you read EventGrid event subscriptions.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405",
  "name": "2414bbcf-6497-4faf-8c65-045460748405",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.EventGrid/eventSubscriptions/read",
        "Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
        "Microsoft.EventGrid/locations/eventSubscriptions/read",
        "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
        "Microsoft.Resources/subscriptions/resourceGroups/read"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "EventGrid EventSubscription Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore dati FHIRFHIR Data Contributor

Il ruolo consente all'utente o all'entità di accesso completo ai dati di FHIR altre informazioniRole allows user or principal full access to FHIR Data Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. HealthcareApis/Services/Fhir/Resources/*Microsoft.HealthcareApis/services/fhir/resources/*
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Role allows user or principal full access to FHIR Data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd",
  "name": "5a1fc7df-4bf1-4951-a576-89034ee01acd",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.HealthcareApis/services/fhir/resources/*"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "FHIR Data Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Esportatore dati FHIRFHIR Data Exporter

Il ruolo consente all'utente o all'entità di leggere ed esportare i dati di FHIR altre informazioniRole allows user or principal to read and export FHIR Data Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. HealthcareApis/Services/Fhir/Resources/ReadMicrosoft.HealthcareApis/services/fhir/resources/read Leggere le risorse di FHIR (include la ricerca e la cronologia delle versioni).Read FHIR resources (includes searching and versioned history).
Microsoft. HealthcareApis/Services/Fhir/Resources/Export/ActionMicrosoft.HealthcareApis/services/fhir/resources/export/action Operazione di esportazione ($export).Export operation ($export).
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Role allows user or principal to read and export FHIR Data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843",
  "name": "3db33094-8700-4567-8da5-1501d4e7e843",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.HealthcareApis/services/fhir/resources/read",
        "Microsoft.HealthcareApis/services/fhir/resources/export/action"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "FHIR Data Exporter",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Lettore dati FHIRFHIR Data Reader

Il ruolo consente all'utente o all'entità di leggere i dati di FHIR altre informazioniRole allows user or principal to read FHIR Data Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. HealthcareApis/Services/Fhir/Resources/ReadMicrosoft.HealthcareApis/services/fhir/resources/read Leggere le risorse di FHIR (include la ricerca e la cronologia delle versioni).Read FHIR resources (includes searching and versioned history).
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Role allows user or principal to read FHIR Data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508",
  "name": "4c8d0bbc-75d3-4935-991f-5f3c56d81508",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.HealthcareApis/services/fhir/resources/read"
      ],
      "notDataActions": []
    }
  ],
  "roleName": "FHIR Data Reader",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

FHIR Data writerFHIR Data Writer

Il ruolo consente all'utente o all'entità di leggere e scrivere i dati di FHIR altre informazioniRole allows user or principal to read and write FHIR Data Learn more

AzioniActions DescrizioneDescription
nessunanone
NotActionsNotActions
nessunanone
DataActionsDataActions
Microsoft. HealthcareApis/Services/Fhir/Resources/*Microsoft.HealthcareApis/services/fhir/resources/*
NotDataActionsNotDataActions
Microsoft. HealthcareApis/Services/Fhir/Resources/hardDelete/ActionMicrosoft.HealthcareApis/services/fhir/resources/hardDelete/action Eliminazione hardware (inclusa la cronologia delle versioni).Hard Delete (including version history).
{
  "assignableScopes": [
    "/"
  ],
  "description": "Role allows user or principal to read and write FHIR Data",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913",
  "name": "3f88fce4-5892-4214-ae73-ba5294559913",
  "permissions": [
    {
      "actions": [],
      "notActions": [],
      "dataActions": [
        "Microsoft.HealthcareApis/services/fhir/resources/*"
      ],
      "notDataActions": [
        "Microsoft.HealthcareApis/services/fhir/resources/hardDelete/action"
      ]
    }
  ],
  "roleName": "FHIR Data Writer",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore ambiente del servizio di integrazioneIntegration Service Environment Contributor

Consente di gestire gli ambienti del servizio di integrazione, ma non di accedervi.Lets you manage integration service environments, but not access to them. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Logic/integrationServiceEnvironments/*Microsoft.Logic/integrationServiceEnvironments/*
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage integration service environments, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
  "name": "a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Support/*",
        "Microsoft.Logic/integrationServiceEnvironments/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Integration Service Environment Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Sviluppatore ambiente del servizio di integrazioneIntegration Service Environment Developer

Consente agli sviluppatori di creare e aggiornare i flussi di lavoro, gli account di integrazione e le connessioni API negli ambienti di Integration Services.Allows developers to create and update workflows, integration accounts and API connections in integration service environments. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
Microsoft. Logic/integrationServiceEnvironments/ReadMicrosoft.Logic/integrationServiceEnvironments/read Legge l'ambiente del servizio di integrazione.Reads the integration service environment.
Microsoft. Logic/integrationServiceEnvironments/join/ActionMicrosoft.Logic/integrationServiceEnvironments/join/action Aggiunge l'ambiente del servizio di integrazione.Joins the Integration Service Environment.
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Allows developers to create and update workflows, integration accounts and API connections in integration service environments.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
  "name": "c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Support/*",
        "Microsoft.Logic/integrationServiceEnvironments/read",
        "Microsoft.Logic/integrationServiceEnvironments/join/action"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Integration Service Environment Developer",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore account Intelligent SystemsIntelligent Systems Account Contributor

Consente di gestire gli account Sistemi intelligenti, ma non di accedervi.Lets you manage Intelligent Systems accounts, but not access to them.

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft.IntelligentSystems/accounts/*Microsoft.IntelligentSystems/accounts/* Creare e gestire account di Intelligent SystemsCreate and manage intelligent systems accounts
Microsoft. ResourceHealth/availabilityStatuses/ReadMicrosoft.ResourceHealth/availabilityStatuses/read Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificatoGets the availability statuses for all resources in the specified scope
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resource groups.
Microsoft. support/*Microsoft.Support/* Creare e aggiornare un ticket di supportoCreate and update a support ticket
NotActionsNotActions
nessunanone
DataActionsDataActions
nessunanone
NotDataActionsNotDataActions
nessunanone
{
  "assignableScopes": [
    "/"
  ],
  "description": "Lets you manage Intelligent Systems accounts, but not access to them.",
  "id": "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e",
  "name": "03a6d094-3444-4b3d-88af-7477090a9e5e",
  "permissions": [
    {
      "actions": [
        "Microsoft.Authorization/*/read",
        "Microsoft.Insights/alertRules/*",
        "Microsoft.IntelligentSystems/accounts/*",
        "Microsoft.ResourceHealth/availabilityStatuses/read",
        "Microsoft.Resources/deployments/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Support/*"
      ],
      "notActions": [],
      "dataActions": [],
      "notDataActions": []
    }
  ],
  "roleName": "Intelligent Systems Account Contributor",
  "roleType": "BuiltInRole",
  "type": "Microsoft.Authorization/roleDefinitions"
}

Collaboratore alle app per la logicaLogic App Contributor

Consente di gestire le app per la logica, ma non di modificarne l'accesso.Lets you manage logic apps, but not change access to them. Altre informazioniLearn more

AzioniActions DescrizioneDescription
Microsoft. Authorization/*/ReadMicrosoft.Authorization/*/read Leggere i ruoli e le assegnazioni di ruoliRead roles and role assignments
Microsoft. ClassicStorage/storageAccounts/listKeys/ActionMicrosoft.ClassicStorage/storageAccounts/listKeys/action Elenca le chiavi di accesso per gli account di archiviazione.Lists the access keys for the storage accounts.
Microsoft. ClassicStorage/storageAccounts/ReadMicrosoft.ClassicStorage/storageAccounts/read Restituisce l'account di archiviazione con l'account specificato.Return the storage account with the given account.
Microsoft. Insights/alertRules/*Microsoft.Insights/alertRules/* Creare e gestire un avviso classico per le metricheCreate and manage a classic metric alert
Microsoft. Insights/metricAlerts/*Microsoft.Insights/metricAlerts/*
Microsoft. Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* Crea, aggiorna o legge l'impostazione di diagnostica per Analysis ServerCreates, updates, or reads the diagnostic setting for Analysis Server
Microsoft. Insights/logdefinitions/*Microsoft.Insights/logdefinitions/* Questa autorizzazione è necessaria per gli utenti che hanno bisogno dell'accesso ai log attività tramite il portale.This permission is necessary for users who need access to Activity Logs via the portal. Elencare categorie di log nel log attività.List log categories in Activity Log.
Microsoft. Insights/metricDefinitions/*Microsoft.Insights/metricDefinitions/* Definizioni delle metriche (elenco dei tipi di metriche disponibili per una risorsa).Read metric definitions (list of available metric types for a resource).
Microsoft. Logic/*Microsoft.Logic/* Gestisce le risorse di App per la logica.Manages Logic Apps resources.
Microsoft. resources/Deployments/*Microsoft.Resources/deployments/* Creare e gestire una distribuzioneCreate and manage a deployment
Microsoft. resources/subscriptions/operationresults/ReadMicrosoft.Resources/subscriptions/operationresults/read Ottiene i risultati dell'operazione di sottoscrizione.Get the subscription operation results.
Microsoft. resources/subscriptions/resourceGroups/ReadMicrosoft.Resources/subscriptions/resourceGroups/read Ottiene o elenca i gruppi di risorse.Gets or lists resourc