Inbyggda Azure-roller för integrering
I den här artikeln visas de inbyggda Azure-rollerna i kategorin Integrering.
API Management Service Contributor
Kan hantera tjänsten och API:erna
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/* | Skapa och hantera API Management-tjänsten |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Can manage service and the APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/312a565d-c81f-4fd8-895a-4e21e48d571c",
"name": "312a565d-c81f-4fd8-895a-4e21e48d571c",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management-tjänstoperatorroll
Kan hantera tjänsten men inte API:erna
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/*/read | Läsa API Management Service-instanser |
| Microsoft.ApiManagement/service/backup/action | Säkerhetskopiera API Management Service till den angivna containern i ett användarangivet lagringskonto |
| Microsoft.ApiManagement/service/delete | Ta bort API Management Service-instans |
| Microsoft.ApiManagement/service/managedeployments/action | Ändra SKU/units, lägg till/ta bort regionala distributioner av API Management Service |
| Microsoft.ApiManagement/service/read | Läsa metadata för en API Management Service-instans |
| Microsoft.ApiManagement/service/restore/action | Återställa API Management Service från den angivna containern i ett användarangivet lagringskonto |
| Microsoft.ApiManagement/service/updatecertificate/action | Ladda upp TLS/SSL-certifikat för en API Management-tjänst |
| Microsoft.ApiManagement/service/updatehostname/action | Konfigurera, uppdatera eller ta bort anpassade domännamn för en API Management-tjänst |
| Microsoft.ApiManagement/service/write | Skapa eller uppdatera API Management Service-instans |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| Microsoft.ApiManagement/service/users/keys/read | Hämta nycklar som är associerade med användaren |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Can manage service but not the APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e022efe7-f5ba-4159-bbe4-b44f577e9b61",
"name": "e022efe7-f5ba-4159-bbe4-b44f577e9b61",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*/read",
"Microsoft.ApiManagement/service/backup/action",
"Microsoft.ApiManagement/service/delete",
"Microsoft.ApiManagement/service/managedeployments/action",
"Microsoft.ApiManagement/service/read",
"Microsoft.ApiManagement/service/restore/action",
"Microsoft.ApiManagement/service/updatecertificate/action",
"Microsoft.ApiManagement/service/updatehostname/action",
"Microsoft.ApiManagement/service/write",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.ApiManagement/service/users/keys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Operator Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Service Reader Role
Skrivskyddad åtkomst till tjänsten och API:er
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/*/read | Läsa API Management Service-instanser |
| Microsoft.ApiManagement/service/read | Läsa metadata för en API Management Service-instans |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| Microsoft.ApiManagement/service/users/keys/read | Hämta nycklar som är associerade med användaren |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Read-only access to service and APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/71522526-b88f-4d52-b57f-d31fc3546d0d",
"name": "71522526-b88f-4d52-b57f-d31fc3546d0d",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/*/read",
"Microsoft.ApiManagement/service/read",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [
"Microsoft.ApiManagement/service/users/keys/read"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Reader Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Service Workspace API Developer
Har läsbehörighet till taggar och produkter och skrivåtkomst för att tillåta: tilldela API:er till produkter, tilldela taggar till produkter och API:er. Den här rollen bör tilldelas i tjänstomfånget.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/tags/read | Visar en samling taggar som definierats i en tjänstinstans. eller Hämtar information om taggen som anges av dess identifierare. |
| Microsoft.ApiManagement/service/tags/apiLinks/* | |
| Microsoft.ApiManagement/service/tags/operationLinks/* | |
| Microsoft.ApiManagement/service/tags/productLinks/* | |
| Microsoft.ApiManagement/service/products/read | Visar en samling produkter i den angivna tjänstinstansen. eller Hämtar information om den produkt som anges av dess identifierare. |
| Microsoft.ApiManagement/service/products/apiLinks/* | |
| Microsoft.ApiManagement/service/read | Läsa metadata för en API Management Service-instans |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/9565a273-41b9-4368-97d2-aeb0c976a9b3",
"name": "9565a273-41b9-4368-97d2-aeb0c976a9b3",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/tags/read",
"Microsoft.ApiManagement/service/tags/apiLinks/*",
"Microsoft.ApiManagement/service/tags/operationLinks/*",
"Microsoft.ApiManagement/service/tags/productLinks/*",
"Microsoft.ApiManagement/service/products/read",
"Microsoft.ApiManagement/service/products/apiLinks/*",
"Microsoft.ApiManagement/service/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Workspace API Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Service Workspace API Product Manager
Har samma åtkomst som API Management Service Workspace API Developer samt läsåtkomst till användare och skrivåtkomst för att tillåta tilldelning av användare till grupper. Den här rollen bör tilldelas i tjänstomfånget.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/users/read | Visar en samling registrerade användare i den angivna tjänstinstansen. eller Hämtar information om användaren som anges av dess identifierare. |
| Microsoft.ApiManagement/service/tags/read | Visar en samling taggar som definierats i en tjänstinstans. eller Hämtar information om taggen som anges av dess identifierare. |
| Microsoft.ApiManagement/service/tags/apiLinks/* | |
| Microsoft.ApiManagement/service/tags/operationLinks/* | |
| Microsoft.ApiManagement/service/tags/productLinks/* | |
| Microsoft.ApiManagement/service/products/read | Visar en samling produkter i den angivna tjänstinstansen. eller Hämtar information om den produkt som anges av dess identifierare. |
| Microsoft.ApiManagement/service/products/apiLinks/* | |
| Microsoft.ApiManagement/service/groups/read | Visar en samling grupper som definierats i en tjänstinstans. eller Hämtar information om den grupp som anges av dess identifierare. |
| Microsoft.ApiManagement/service/groups/users/* | |
| Microsoft.ApiManagement/service/read | Läsa metadata för en API Management Service-instans |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da",
"name": "d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/users/read",
"Microsoft.ApiManagement/service/tags/read",
"Microsoft.ApiManagement/service/tags/apiLinks/*",
"Microsoft.ApiManagement/service/tags/operationLinks/*",
"Microsoft.ApiManagement/service/tags/productLinks/*",
"Microsoft.ApiManagement/service/products/read",
"Microsoft.ApiManagement/service/products/apiLinks/*",
"Microsoft.ApiManagement/service/groups/read",
"Microsoft.ApiManagement/service/groups/users/*",
"Microsoft.ApiManagement/service/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Service Workspace API Product Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Workspace API Developer
Har läsåtkomst till entiteter på arbetsytan och läs- och skrivåtkomst till entiteter för redigering av API:er. Den här rollen ska tilldelas i arbetsytans omfång.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/workspaces/*/read | |
| Microsoft.ApiManagement/service/workspaces/apis/* | |
| Microsoft.ApiManagement/service/workspaces/apiVersionSets/* | |
| Microsoft.ApiManagement/service/workspaces/policies/* | |
| Microsoft.ApiManagement/service/workspaces/schemas/* | |
| Microsoft.ApiManagement/service/workspaces/products/* | |
| Microsoft.ApiManagement/service/workspaces/policyFragments/* | |
| Microsoft.ApiManagement/service/workspaces/namedValues/* | |
| Microsoft.ApiManagement/service/workspaces/tags/* | |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/56328988-075d-4c6a-8766-d93edd6725b6",
"name": "56328988-075d-4c6a-8766-d93edd6725b6",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.ApiManagement/service/workspaces/apis/*",
"Microsoft.ApiManagement/service/workspaces/apiVersionSets/*",
"Microsoft.ApiManagement/service/workspaces/policies/*",
"Microsoft.ApiManagement/service/workspaces/schemas/*",
"Microsoft.ApiManagement/service/workspaces/products/*",
"Microsoft.ApiManagement/service/workspaces/policyFragments/*",
"Microsoft.ApiManagement/service/workspaces/namedValues/*",
"Microsoft.ApiManagement/service/workspaces/tags/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace API Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management Workspace API Product Manager
Har läsåtkomst till entiteter på arbetsytan och läs- och skrivåtkomst till entiteter för publicering av API:er. Den här rollen ska tilldelas i arbetsytans omfång.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/workspaces/*/read | |
| Microsoft.ApiManagement/service/workspaces/products/* | |
| Microsoft.ApiManagement/service/workspaces/subscriptions/* | |
| Microsoft.ApiManagement/service/workspaces/groups/* | |
| Microsoft.ApiManagement/service/workspaces/tags/* | |
| Microsoft.ApiManagement/service/workspaces/notifications/* | |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/73c2c328-d004-4c5e-938c-35c6f5679a1f",
"name": "73c2c328-d004-4c5e-938c-35c6f5679a1f",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.ApiManagement/service/workspaces/products/*",
"Microsoft.ApiManagement/service/workspaces/subscriptions/*",
"Microsoft.ApiManagement/service/workspaces/groups/*",
"Microsoft.ApiManagement/service/workspaces/tags/*",
"Microsoft.ApiManagement/service/workspaces/notifications/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace API Product Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Api Management Workspace-deltagare
Kan hantera arbetsytan och vyn, men inte ändra dess medlemmar. Den här rollen ska tilldelas i arbetsytans omfång.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/workspaces/* | |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0c34c906-8d99-4cb7-8bb7-33f5b0a1a799",
"name": "0c34c906-8d99-4cb7-8bb7-33f5b0a1a799",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
API Management-arbetsyteläsare
Har skrivskyddad åtkomst till entiteter på arbetsytan. Den här rollen ska tilldelas i arbetsytans omfång.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiManagement/service/workspaces/*/read | |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2",
"name": "ef1c2c96-4a77-49e8-b9a4-6179fe1d2fd2",
"permissions": [
{
"actions": [
"Microsoft.ApiManagement/service/workspaces/*/read",
"Microsoft.Authorization/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "API Management Workspace Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Appkonfigurationsdataägare
Ger fullständig åtkomst till App Configuration-data.
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.AppConfiguration/configurationStores/*/read | |
| Microsoft.AppConfiguration/configurationStores/*/write | |
| Microsoft.AppConfiguration/configurationStores/*/delete | |
| Microsoft.AppConfiguration/configurationStores/*/action | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows full access to App Configuration data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
"name": "5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppConfiguration/configurationStores/*/read",
"Microsoft.AppConfiguration/configurationStores/*/write",
"Microsoft.AppConfiguration/configurationStores/*/delete",
"Microsoft.AppConfiguration/configurationStores/*/action"
],
"notDataActions": []
}
],
"roleName": "App Configuration Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Dataläsare för appkonfiguration
Tillåter läsåtkomst till App Configuration-data.
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.AppConfiguration/configurationStores/*/read | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows read access to App Configuration data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/516239f1-63e1-4d78-a4de-a74fb236a071",
"name": "516239f1-63e1-4d78-a4de-a74fb236a071",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppConfiguration/configurationStores/*/read"
],
"notDataActions": []
}
],
"roleName": "App Configuration Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Efterlevnadshanteraren för Azure API Center
Tillåter hantering av API-efterlevnad i Azure API Center-tjänsten.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiCenter/services/*/read | |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action | Uppdateringar analysresultat för angiven API-definition. |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action | Exporterar API-definitionsfil. |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows managing API compliance in Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ede9aaa3-4627-494e-be13-4aa7c256148d",
"name": "ede9aaa3-4627-494e-be13-4aa7c256148d",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*/read",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Compliance Manager",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure API Center-dataläsare
Tillåter åtkomst till läsåtgärder för Azure API Center-dataplan.
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.ApiCenter/services/*/read | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows for access to Azure API Center data plane read operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c7244dfb-f447-457d-b2ba-3999044d1706",
"name": "c7244dfb-f447-457d-b2ba-3999044d1706",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.ApiCenter/services/*/read"
],
"notDataActions": []
}
],
"roleName": "Azure API Center Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure API Center-tjänstdeltagare
Tillåter hantering av Azure API Center-tjänsten.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiCenter/services/* | |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| NotActions | |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action | Uppdateringar analysresultat för angiven API-definition. |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows managing Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/dd24193f-ef65-44e5-8a7e-6fa6e03f7713",
"name": "dd24193f-ef65-44e5-8a7e-6fa6e03f7713",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Tjänstläsare för Azure API Center
Tillåter skrivskyddad åtkomst till Azure API Center-tjänsten.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ApiCenter/services/*/read | |
| Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action | Exporterar API-definitionsfil. |
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows read-only access to Azure API Center service.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6cba8790-29c5-48e5-bab1-c7541b01cb04",
"name": "6cba8790-29c5-48e5-bab1-c7541b01cb04",
"permissions": [
{
"actions": [
"Microsoft.ApiCenter/services/*/read",
"Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure API Center Service Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Relay-lyssnare
Tillåter lyssningsåtkomst till Azure Relay-resurser.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Relay/*/wcfRelays/read | |
| Microsoft.Relay/*/hybrid Anslut ions/read | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.Relay/*/listen/action | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows for listen access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/26e0b698-aa6d-4085-9386-aadae190014d",
"name": "26e0b698-aa6d-4085-9386-aadae190014d",
"permissions": [
{
"actions": [
"Microsoft.Relay/*/wcfRelays/read",
"Microsoft.Relay/*/hybridConnections/read"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*/listen/action"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Listener",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Relay-ägare
Ger fullständig åtkomst till Azure Relay-resurser.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Relay/* | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.Relay/* | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2787bf04-f1f5-4bfe-8383-c8a24483ee38",
"name": "2787bf04-f1f5-4bfe-8383-c8a24483ee38",
"permissions": [
{
"actions": [
"Microsoft.Relay/*"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Relay-avsändare
Tillåter sändningsåtkomst till Azure Relay-resurser.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Relay/*/wcfRelays/read | |
| Microsoft.Relay/*/hybrid Anslut ions/read | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.Relay/*/send/action | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows for send access to Azure Relay resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/26baccc8-eea7-41f1-98f4-1762cc7f685d",
"name": "26baccc8-eea7-41f1-98f4-1762cc7f685d",
"permissions": [
{
"actions": [
"Microsoft.Relay/*/wcfRelays/read",
"Microsoft.Relay/*/hybridConnections/read"
],
"notActions": [],
"dataActions": [
"Microsoft.Relay/*/send/action"
],
"notDataActions": []
}
],
"roleName": "Azure Relay Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Service Bus-dataägare
Ger fullständig åtkomst till Azure Service Bus-resurser.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ServiceBus/* | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.ServiceBus/* | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows for full access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419",
"name": "090c5cfd-751d-490a-894a-3ce6f1109419",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Service Bus-datamottagare
Tillåter åtkomst till Azure Service Bus-resurser.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ServiceBus/*/queues/read | |
| Microsoft.ServiceBus/*/topics/read | |
| Microsoft.ServiceBus/*/topics/subscriptions/read | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.ServiceBus/*/receive/action | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows for receive access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
"name": "4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*/queues/read",
"Microsoft.ServiceBus/*/topics/read",
"Microsoft.ServiceBus/*/topics/subscriptions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*/receive/action"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Receiver",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure Service Bus Data Sender
Tillåter att du skickar åtkomst till Azure Service Bus-resurser.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.ServiceBus/*/queues/read | |
| Microsoft.ServiceBus/*/topics/read | |
| Microsoft.ServiceBus/*/topics/subscriptions/read | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.ServiceBus/*/send/action | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows for send access to Azure Service Bus resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
"name": "69a216fc-b8fb-44d8-bc22-1f3c2cd27a39",
"permissions": [
{
"actions": [
"Microsoft.ServiceBus/*/queues/read",
"Microsoft.ServiceBus/*/topics/read",
"Microsoft.ServiceBus/*/topics/subscriptions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.ServiceBus/*/send/action"
],
"notDataActions": []
}
],
"roleName": "Azure Service Bus Data Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
BizTalk-deltagare
Låter dig hantera BizTalk-tjänster, men inte åtkomst till dem.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.BizTalkServices/BizTalk/* | Skapa och hantera BizTalk-tjänster |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage BizTalk services, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5e3c6656-6cfa-4708-81fe-0de47ac73342",
"name": "5e3c6656-6cfa-4708-81fe-0de47ac73342",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.BizTalkServices/BizTalk/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "BizTalk Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid-deltagare
Gör att du kan hantera EventGrid-åtgärder.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.EventGrid/* | Skapa och hantera Event Grid-resurser |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage EventGrid operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de",
"name": "1e241071-0855-49ea-94dc-649edcd759de",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/*",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid-datasändare
Tillåter sändningsåtkomst till event grid-händelser.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.EventGrid/topics/read | Läsa ett ämne |
| Microsoft.EventGrid/domains/read | Läsa en domän |
| Microsoft.EventGrid/partnerNamespaces/read | Läsa ett partnernamnområde |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.EventGrid/namespaces/read | Läsa ett namnområde |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.EventGrid/events/send/action | Skicka händelser till ämnen |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows send access to event grid events.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d5a91429-5739-47e2-a06b-3470a27159e7",
"name": "d5a91429-5739-47e2-a06b-3470a27159e7",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/topics/read",
"Microsoft.EventGrid/domains/read",
"Microsoft.EventGrid/partnerNamespaces/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.EventGrid/namespaces/read"
],
"notActions": [],
"dataActions": [
"Microsoft.EventGrid/events/send/action"
],
"notDataActions": []
}
],
"roleName": "EventGrid Data Sender",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid EventSubscription-deltagare
Gör att du kan hantera EventGrid-händelseprenumerationsåtgärder.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.EventGrid/eventSubscriptions/* | Skapa och hantera regionala händelseprenumerationer |
| Microsoft.EventGrid/topicTypes/eventSubscriptions/read | Lista globala händelseprenumerationer efter ämnestyp |
| Microsoft.EventGrid/locations/eventSubscriptions/read | Lista regionala händelseprenumerationer |
| Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read | Lista regionala händelseprenumerationer efter ämnestyp |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage EventGrid event subscription operations.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
"name": "428e0ff0-5e57-4d9c-a221-2c70d0e0a443",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/eventSubscriptions/*",
"Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
"Microsoft.EventGrid/locations/eventSubscriptions/read",
"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid EventSubscription Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
EventGrid EventSubscription Reader
Låter dig läsa EventGrid-händelseprenumerationer.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.EventGrid/eventSubscriptions/read | Läsa en eventSubscription |
| Microsoft.EventGrid/topicTypes/eventSubscriptions/read | Lista globala händelseprenumerationer efter ämnestyp |
| Microsoft.EventGrid/locations/eventSubscriptions/read | Lista regionala händelseprenumerationer |
| Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read | Lista regionala händelseprenumerationer efter ämnestyp |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you read EventGrid event subscriptions.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2414bbcf-6497-4faf-8c65-045460748405",
"name": "2414bbcf-6497-4faf-8c65-045460748405",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.EventGrid/eventSubscriptions/read",
"Microsoft.EventGrid/topicTypes/eventSubscriptions/read",
"Microsoft.EventGrid/locations/eventSubscriptions/read",
"Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read",
"Microsoft.Resources/subscriptions/resourceGroups/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "EventGrid EventSubscription Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-datadeltagare
Rollen ger användare eller huvudnamn fullständig åtkomst till FHIR-data
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/* | |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/* | |
| NotDataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/smart/action | Tillåter att användaren får åtkomst till FHIR-tjänsten enligt SMART i FHIR-specifikationen. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action | Tillåter att användaren får åtkomst till FHIR-tjänsten enligt SMART i FHIR-specifikationen. |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal full access to FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5a1fc7df-4bf1-4951-a576-89034ee01acd",
"name": "5a1fc7df-4bf1-4951-a576-89034ee01acd",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/*",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/*"
],
"notDataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/smart/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/smart/action"
]
}
],
"roleName": "FHIR Data Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-dataexportör
Med rollen kan användare eller huvudnamn läsa och exportera FHIR-data
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/read | Läs FHIR-resurser (inkluderar sökning och versionshistorik). |
| Microsoft.HealthcareApis/services/fhir/resources/export/action | Exportåtgärd ($export). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Läs FHIR-resurser (inkluderar sökning och versionshistorik). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action | Exportåtgärd ($export). |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and export FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3db33094-8700-4567-8da5-1501d4e7e843",
"name": "3db33094-8700-4567-8da5-1501d4e7e843",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/services/fhir/resources/export/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Exporter",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-dataimportör
Med rollen kan användare eller huvudnamn läsa och importera FHIR-data
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Läs FHIR-resurser (inkluderar sökning och versionshistorik). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action | Importera FHIR-resurser i batch. |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and import FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4465e953-8ced-4406-a58e-0f6e3f3b530b",
"name": "4465e953-8ced-4406-a58e-0f6e3f3b530b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Importer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-dataläsare
Med rollen kan användare eller huvudnamn läsa FHIR-data
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/read | Läs FHIR-resurser (inkluderar sökning och versionshistorik). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Läs FHIR-resurser (inkluderar sökning och versionshistorik). |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4c8d0bbc-75d3-4935-991f-5f3c56d81508",
"name": "4c8d0bbc-75d3-4935-991f-5f3c56d81508",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
FHIR-dataskrivare
Med rollen kan användare eller huvudnamn läsa och skriva FHIR-data
| Åtgärder | Description |
|---|---|
| ingen | |
| NotActions | |
| ingen | |
| DataActions | |
| Microsoft.HealthcareApis/services/fhir/resources/read | Läs FHIR-resurser (inkluderar sökning och versionshistorik). |
| Microsoft.HealthcareApis/services/fhir/resources/write | Skriv FHIR-resurser (inklusive skapa och uppdatera). |
| Microsoft.HealthcareApis/services/fhir/resources/delete | Ta bort FHIR-resurser (mjuk borttagning). |
| Microsoft.HealthcareApis/services/fhir/resources/export/action | Exportåtgärd ($export). |
| Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action | Verifiera åtgärden ($validate). |
| Microsoft.HealthcareApis/services/fhir/resources/reindex/action | Tillåter att användaren kör Reindex-jobbet för att indexera sökparametrar som ännu inte har indexerats. |
| Microsoft.HealthcareApis/services/fhir/resources/convertData/action | Datakonverteringsåtgärd ($convert-data) |
| Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action | Tillåter att användaren utför åtgärder för att skapa uppdateringsborttagning på profilresurser. |
| Microsoft.HealthcareApis/services/fhir/resources/import/action | Importera FHIR-resurser i batch. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/read | Läs FHIR-resurser (inkluderar sökning och versionshistorik). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/write | Skriv FHIR-resurser (inklusive skapa och uppdatera). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete | Ta bort FHIR-resurser (mjuk borttagning). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action | Exportåtgärd ($export). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action | Verifiera åtgärden ($validate). |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action | Tillåter att användaren kör Reindex-jobbet för att indexera sökparametrar som ännu inte har indexerats. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action | Datakonverteringsåtgärd ($convert-data) |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action | Tillåter att användaren utför åtgärder för att skapa uppdateringsborttagning på profilresurser. |
| Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action | Importera FHIR-resurser i batch. |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Role allows user or principal to read and write FHIR Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3f88fce4-5892-4214-ae73-ba5294559913",
"name": "3f88fce4-5892-4214-ae73-ba5294559913",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthcareApis/services/fhir/resources/read",
"Microsoft.HealthcareApis/services/fhir/resources/write",
"Microsoft.HealthcareApis/services/fhir/resources/delete",
"Microsoft.HealthcareApis/services/fhir/resources/export/action",
"Microsoft.HealthcareApis/services/fhir/resources/resourceValidate/action",
"Microsoft.HealthcareApis/services/fhir/resources/reindex/action",
"Microsoft.HealthcareApis/services/fhir/resources/convertData/action",
"Microsoft.HealthcareApis/services/fhir/resources/editProfileDefinitions/action",
"Microsoft.HealthcareApis/services/fhir/resources/import/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/read",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/write",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/delete",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/export/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/resourceValidate/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/reindex/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/convertData/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/editProfileDefinitions/action",
"Microsoft.HealthcareApis/workspaces/fhirservices/resources/import/action"
],
"notDataActions": []
}
],
"roleName": "FHIR Data Writer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Integration Service Environment-deltagare
Gör att du kan hantera integrationstjänstmiljöer, men inte åtkomst till dem.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Logic/integrationServiceEnvironments/* | |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage integration service environments, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
"name": "a41e2c5b-bd99-4a07-88f4-9bf657a760b8",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Support/*",
"Microsoft.Logic/integrationServiceEnvironments/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Integration Service Environment Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Utvecklare av integrationstjänstens miljö
Gör att utvecklare kan skapa och uppdatera arbetsflöden, integrationskonton och API-anslutningar i integrationstjänstmiljöer.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Logic/integrationServiceEnvironments/read | Läser integrationstjänstmiljön. |
| Microsoft.Logic/integrationServiceEnvironments/*/join/action | |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Allows developers to create and update workflows, integration accounts and API connections in integration service environments.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
"name": "c7aa55d3-1abb-444a-a5ca-5e51e485d6ec",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Support/*",
"Microsoft.Logic/integrationServiceEnvironments/read",
"Microsoft.Logic/integrationServiceEnvironments/*/join/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Integration Service Environment Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Intelligent Systems-kontodeltagare
Låter dig hantera Intelligent Systems-konton, men inte åtkomst till dem.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.IntelligentSystems/accounts/* | Skapa och hantera intelligenta systemkonton |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Intelligent Systems accounts, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/03a6d094-3444-4b3d-88af-7477090a9e5e",
"name": "03a6d094-3444-4b3d-88af-7477090a9e5e",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.IntelligentSystems/accounts/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Intelligent Systems Account Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic App-deltagare
Gör att du kan hantera logikappar, men inte ändra åtkomsten till dem.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.ClassicStorage/storageAccounts/listKeys/action | Visar en lista över åtkomstnycklarna för lagringskontona. |
| Microsoft.ClassicStorage/storageAccounts/read | Returnera lagringskontot med det angivna kontot. |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.Insights/metricAlerts/* | |
| Microsoft.Insights/diagnostic Inställningar/* | Skapar, uppdaterar eller läser diagnostikinställningen för Analysis Server |
| Microsoft.Insights/logdefinitions/* | Denna behörighet krävs för användare som behöver åtkomst till aktivitetsloggar via portalen. Visa loggkategorier i aktivitetsloggen. |
| Microsoft.Insights/metricDefinitions/* | Läsa måttdefinitioner (lista över tillgängliga måttenhetstyper för en resurs). |
| Microsoft.Logic/* | Hanterar Logic Apps-resurser. |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/operationresults/read | Hämta resultatet av prenumerationsåtgärden. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Storage/storageAccounts/listkeys/action | Returnerar åtkomstnycklarna för det angivna lagringskontot. |
| Microsoft.Storage/storageAccounts/read | Returnerar listan över lagringskonton eller hämtar egenskaperna för det angivna lagringskontot. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Web/connectionGateways/* | Skapa och hantera en Anslut ion Gateway. |
| Microsoft.Web/connections/* | Skapa och hantera en Anslut ion. |
| Microsoft.Web/customApis/* | Skapar och hanterar ett anpassat API. |
| Microsoft.Web/serverFarms/join/action | Ansluter till en App Service-plan |
| Microsoft.Web/serverFarms/read | Hämta egenskaperna för en App Service-plan |
| Microsoft.Web/sites/functions/listSecrets/action | Lista funktionshemligheter. |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage logic app, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/87a39d53-fc1b-424a-814c-f7e04687dc9e",
"name": "87a39d53-fc1b-424a-814c-f7e04687dc9e",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.ClassicStorage/storageAccounts/listKeys/action",
"Microsoft.ClassicStorage/storageAccounts/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metricAlerts/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.Insights/logdefinitions/*",
"Microsoft.Insights/metricDefinitions/*",
"Microsoft.Logic/*",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Storage/storageAccounts/listkeys/action",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Support/*",
"Microsoft.Web/connectionGateways/*",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/serverFarms/join/action",
"Microsoft.Web/serverFarms/read",
"Microsoft.Web/sites/functions/listSecrets/action"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic App Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logikappoperator
Låter dig läsa, aktivera och inaktivera logikappar, men inte redigera eller uppdatera dem.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/*/read | Läs insights-aviseringsregler |
| Microsoft.Insights/metricAlerts/*/read | |
| Microsoft.Insights/diagnostic Inställningar/*/read | Hämtar diagnostikinställningar för Logic Apps |
| Microsoft.Insights/metricDefinitions/*/read | Hämtar tillgängliga mått för Logic Apps. |
| Microsoft.Logic/*/read | Läser Logic Apps-resurser. |
| Microsoft.Logic/workflows/disable/action | Inaktiverar arbetsflödet. |
| Microsoft.Logic/workflows/enable/action | Aktiverar arbetsflödet. |
| Microsoft.Logic/workflows/validate/action | Verifierar arbetsflödet. |
| Microsoft.Resources/deployments/operations/read | Hämtar eller listar distributionsåtgärder. |
| Microsoft.Resources/subscriptions/operationresults/read | Hämta resultatet av prenumerationsåtgärden. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Web/connectionGateways/*/read | Läs Anslut ion-gatewayer. |
| Microsoft.Web/connections/*/read | Läs Anslut. |
| Microsoft.Web/customApis/*/read | Läs anpassat API. |
| Microsoft.Web/serverFarms/read | Hämta egenskaperna för en App Service-plan |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you read, enable and disable logic app.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/515c2055-d9d4-4321-b1b9-bd0c9a0f79fe",
"name": "515c2055-d9d4-4321-b1b9-bd0c9a0f79fe",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*/read",
"Microsoft.Insights/metricAlerts/*/read",
"Microsoft.Insights/diagnosticSettings/*/read",
"Microsoft.Insights/metricDefinitions/*/read",
"Microsoft.Logic/*/read",
"Microsoft.Logic/workflows/disable/action",
"Microsoft.Logic/workflows/enable/action",
"Microsoft.Logic/workflows/validate/action",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/connectionGateways/*/read",
"Microsoft.Web/connections/*/read",
"Microsoft.Web/customApis/*/read",
"Microsoft.Web/serverFarms/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic App Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard-deltagare (förhandsversion)
Du kan hantera alla aspekter av en standardlogikapp och arbetsflöden. Du kan inte ändra åtkomst eller ägarskap.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.Resources/deployments/operations/read | Hämtar eller listar distributionsåtgärder. |
| Microsoft.Resources/subscriptions/operationresults/read | Hämta resultatet av prenumerationsåtgärden. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Web/*/read | |
| Microsoft.Web/certificates/* | Skapa och hantera ett certifikat. |
| Microsoft.Web/connectionGateways/* | Skapa och hantera en Anslut ion Gateway. |
| Microsoft.Web/connections/* | Skapa och hantera en Anslut ion. |
| Microsoft.Web/customApis/* | Skapar och hanterar ett anpassat API. |
| Microsoft.Web/serverFarms/* | Skapa och hantera en App Service-plan. |
| Microsoft.Web/sites/* | Skapa och hantera en webbapp. |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ad710c24-b039-4e85-a019-deb4a06e8570",
"name": "ad710c24-b039-4e85-a019-deb4a06e8570",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/certificates/*",
"Microsoft.Web/connectionGateways/*",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/serverFarms/*",
"Microsoft.Web/sites/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Contributor (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard Developer (förhandsversion)
Du kan skapa och redigera arbetsflöden, anslutningar och inställningar för en standardlogikapp. Du kan inte göra ändringar utanför arbetsflödesomfånget.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.Resources/deployments/operations/read | Hämtar eller listar distributionsåtgärder. |
| Microsoft.Resources/subscriptions/operationresults/read | Hämta resultatet av prenumerationsåtgärden. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Web/*/read | |
| Microsoft.Web/connections/* | Skapa och hantera en Anslut ion. |
| Microsoft.Web/customApis/* | Skapar och hanterar ett anpassat API. |
| Microsoft.Web/sites/config/list/Action | Visa en lista över säkerhetskänsliga inställningar för webbappar, till exempel publiceringsuppgifter, appinställningar och anslutningssträng |
| microsoft.web/sites/config/Write | Uppdatera konfigurationsinställningarna för webbappen |
| microsoft.web/sites/config/web/appsettings/delete | Ta bort appinställning för Web Apps |
| microsoft.web/sites/config/web/appsettings/write | Skapa eller uppdatera inställning för enkel app för webbappar |
| microsoft.web/sites/deployWorkflowArtifacts/action | Skapa artefakterna i en logikapp. |
| microsoft.web/sites/hostruntime/* | Hämta eller lista artefakter för värdkörning för webbappen eller funktionsappen. |
| microsoft.web/sites/listworkflowsconnections/action | Lista logikappens anslutningar med dess ID i en logikapp. |
| Microsoft.Web/sites/publish/Action | Publicera en webbapp |
| microsoft.web/sites/slots/config/appsettings/write | Skapa eller uppdatera webbappsfackets inställning för enskild app |
| Microsoft.Web/sites/slots/config/list/Action | Visa en lista över säkerhetskänsliga inställningar för webbappsfacket, till exempel publiceringsuppgifter, appinställningar och anslutningssträng |
| microsoft.web/sites/slots/config/web/appsettings/delete | Ta bort webbappplatsens appinställning |
| microsoft.web/sites/slots/deployWorkflowArtifacts/action | Skapa artefakterna i ett distributionsfack i en logikapp. |
| microsoft.web/sites/slots/listworkflowsconnections/action | Lista logikappens anslutningar efter dess ID i ett distributionsfack i en logikapp. |
| Microsoft.Web/sites/slots/publish/Action | Publicera ett webbappsfack |
| microsoft.web/sites/workflows/* | |
| microsoft.web/sites/workflowsconfiguration/* | |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/523776ba-4eb2-4600-a3c8-f2dc93da4bdb",
"name": "523776ba-4eb2-4600-a3c8-f2dc93da4bdb",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/connections/*",
"Microsoft.Web/customApis/*",
"Microsoft.Web/sites/config/list/Action",
"microsoft.web/sites/config/Write",
"microsoft.web/sites/config/web/appsettings/delete",
"microsoft.web/sites/config/web/appsettings/write",
"microsoft.web/sites/deployWorkflowArtifacts/action",
"microsoft.web/sites/hostruntime/*",
"microsoft.web/sites/listworkflowsconnections/action",
"Microsoft.Web/sites/publish/Action",
"microsoft.web/sites/slots/config/appsettings/write",
"Microsoft.Web/sites/slots/config/list/Action",
"microsoft.web/sites/slots/config/web/appsettings/delete",
"microsoft.web/sites/slots/deployWorkflowArtifacts/action",
"microsoft.web/sites/slots/listworkflowsconnections/action",
"Microsoft.Web/sites/slots/publish/Action",
"microsoft.web/sites/workflows/*",
"microsoft.web/sites/workflowsconfiguration/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Developer (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard Operator (förhandsversion)
Du kan aktivera och inaktivera logikappen, skicka arbetsflödeskörningar igen och skapa anslutningar. Du kan inte redigera arbetsflöden eller inställningar.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.Resources/deployments/operations/read | Hämtar eller listar distributionsåtgärder. |
| Microsoft.Resources/subscriptions/operationresults/read | Hämta resultatet av prenumerationsåtgärden. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Web/*/read | |
| Microsoft.Web/sites/applySlotConfig/Action | Tillämpa konfiguration av webbappsfack från målplatsen på den aktuella webbappen |
| microsoft.web/sites/hostruntime/* | Hämta eller lista artefakter för värdkörning för webbappen eller funktionsappen. |
| Microsoft.Web/sites/restart/Action | Starta om en webbapp |
| Microsoft.Web/sites/slots/restart/Action | Starta om ett webbappsfack |
| Microsoft.Web/sites/slots/slotsswap/Action | Växla distributionsfack för Web App |
| Microsoft.Web/sites/slots/start/Action | Starta ett webbappsfack |
| Microsoft.Web/sites/slots/stop/Action | Stoppa ett webbappsfack |
| Microsoft.Web/sites/slotsdiffs/Action | Få skillnader i konfiguration mellan webbappar och platser |
| Microsoft.Web/sites/slotsswap/Action | Växla distributionsfack för Web App |
| Microsoft.Web/sites/start/Action | Starta en webbapp |
| Microsoft.Web/sites/stop/Action | Stoppa en webbapp |
| Microsoft.Web/sites/write | Skapa en ny webbapp eller uppdatera en befintlig |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b70c96e9-66fe-4c09-b6e7-c98e69c98555",
"name": "b70c96e9-66fe-4c09-b6e7-c98e69c98555",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read",
"Microsoft.Web/sites/applySlotConfig/Action",
"microsoft.web/sites/hostruntime/*",
"Microsoft.Web/sites/restart/Action",
"Microsoft.Web/sites/slots/restart/Action",
"Microsoft.Web/sites/slots/slotsswap/Action",
"Microsoft.Web/sites/slots/start/Action",
"Microsoft.Web/sites/slots/stop/Action",
"Microsoft.Web/sites/slotsdiffs/Action",
"Microsoft.Web/sites/slotsswap/Action",
"Microsoft.Web/sites/start/Action",
"Microsoft.Web/sites/stop/Action",
"Microsoft.Web/sites/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Operator (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Logic Apps Standard Reader (förhandsversion)
Du har skrivskyddad åtkomst till alla resurser i en standardlogikapp och arbetsflöden, inklusive arbetsflödeskörningar och deras historik.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.Resources/deployments/operations/read | Hämtar eller listar distributionsåtgärder. |
| Microsoft.Resources/subscriptions/operationresults/read | Hämta resultatet av prenumerationsåtgärden. |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| Microsoft.Web/*/read | |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4accf36b-2c05-432f-91c8-5c532dff4c73",
"name": "4accf36b-2c05-432f-91c8-5c532dff4c73",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/*/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Logic Apps Standard Reader (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Schemaläggarens jobbsamlingar deltagare
Låter dig hantera Scheduler-jobbsamlingar, men inte åtkomst till dem.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Insights/alertRules/* | Skapa och hantera en klassisk måttavisering |
| Microsoft.ResourceHealth/availabilityStatuses/read | Hämtar tillgänglighetsstatusar för alla resurser i det angivna omfånget |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Scheduler/jobcollections/* | Skapa och hantera jobbsamlingar |
| Microsoft.Support/* | Skapa och uppdatera ett supportärende |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Scheduler job collections, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/188a0f2f-5c9e-469b-ae67-2aa5ce574b94",
"name": "188a0f2f-5c9e-469b-ae67-2aa5ce574b94",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Scheduler/jobcollections/*",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Scheduler Job Collections Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Services Hub-operatör
Med Services Hub Operator kan du utföra alla läs-, skriv- och borttagningsåtgärder relaterade till Services Hub-Anslut orer.
| Åtgärder | beskrivning |
|---|---|
| Microsoft.Authorization/*/read | Läsa roller och rolltilldelningar |
| Microsoft.Resources/subscriptions/resourceGroups/read | Hämtar eller listar resursgrupper. |
| Microsoft.Resources/deployments/* | Skapa och hantera en distribution |
| Microsoft.ServicesHub/connectors/write | Skapa eller uppdatera en Services Hub-Anslut eller |
| Microsoft.ServicesHub/connectors/read | Visa eller lista Services Hub-Anslut orer |
| Microsoft.ServicesHub/connectors/delete | Ta bort Services Hub-Anslut orer |
| Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action | Visar en lista över utvärderingsrättigheter för en viss Services Hub-arbetsyta |
| Microsoft.ServicesHub/supportOfferingEntitlement/read | Visa stöderbjudanderättigheter för en viss Services Hub-arbetsyta |
| Microsoft.ServicesHub/workspaces/read | Visa en lista över Services Hub-arbetsytor för en viss användare |
| NotActions | |
| ingen | |
| DataActions | |
| ingen | |
| NotDataActions | |
| ingen |
{
"assignableScopes": [
"/"
],
"description": "Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/82200a5b-e217-47a5-b665-6d8765ee745b",
"name": "82200a5b-e217-47a5-b665-6d8765ee745b",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/deployments/*",
"Microsoft.ServicesHub/connectors/write",
"Microsoft.ServicesHub/connectors/read",
"Microsoft.ServicesHub/connectors/delete",
"Microsoft.ServicesHub/connectors/checkAssessmentEntitlement/action",
"Microsoft.ServicesHub/supportOfferingEntitlement/read",
"Microsoft.ServicesHub/workspaces/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Services Hub Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}