適用於 Azure 資源的內建角色Built-in roles for Azure resources

角色型存取控制 (RBAC) 具有數個適用於 Azure 資源的內建角色,可供您指派給使用者、群組、服務主體和受控身分識別。Role-based access control (RBAC) has several built-in roles for Azure resources that you can assign to users, groups, service principals, and managed identities. 角色指派是您控制 Azure 資源存取權的方式。Role assignments are the way you control access to Azure resources. 如果內建角色無法滿足您組織的特定需求,您可以建立自己的 Azure 資源自訂角色If the built-in roles don't meet the specific needs of your organization, you can create your own custom roles for Azure resources.

本文章列出適用於 Azure 資源的內建角色,這些角色總是不斷更新。This article lists the built-in roles for Azure resources, which are always evolving. 若要取得最新角色,請使用 Get-AzRoleDefinitionaz role definition listTo get the latest roles, use Get-AzRoleDefinition or az role definition list. 如果要尋找 Azure Active Directory 的系統管理員角色,請參閱 Azure Active Directory 中的系統管理員角色權限If you are looking for administrator roles for Azure Active Directory, see Administrator role permissions in Azure Active Directory.

內建角色描述Built-in role descriptions

下表提供每個內建角色的簡短說明。The following table provides a brief description of each built-in role. 按一下角色名稱,即可查看每個角色的 ActionsNotActionsDataActionsNotDataActions 清單。Click the role name to see the list of Actions, NotActions, DataActions, and NotDataActions for each role. 如需這些動作的意義以及它們如何套用在管理和資料平面的相關資訊,請參閱了解 Azure 資源的角色定義For information about what these actions mean and how they apply to the management and data planes, see Understand role definitions for Azure resources.

內建角色Built-in role 描述Description
擁有者Owner 可讓您管理一切,包括對資源的存取。Lets you manage everything, including access to resources.
參與者Contributor 除了授與資源的存取權之外,還可讓您管理所有專案。Lets you manage everything except granting access to resources.
讀取者Reader 可讓您檢視所有項目,但是無法進行變更。Lets you view everything, but not make any changes.
AcrDeleteAcrDelete acr 刪除acr delete
AcrImageSignerAcrImageSigner ACR 影像簽署者acr image signer
AcrPullAcrPull acr 提取acr pull
AcrPushAcrPush acr 推送acr push
AcrQuarantineReaderAcrQuarantineReader ACR 隔離資料讀取者acr quarantine data reader
AcrQuarantineWriterAcrQuarantineWriter ACR 隔離資料寫入者acr quarantine data writer
API 管理服務參與者API Management Service Contributor 可管理服務與 APICan manage service and the APIs
API 管理服務操作員角色API Management Service Operator Role 可管理服務,但無法管理 APICan manage service but not the APIs
API 管理服務讀取者角色API Management Service Reader Role 具有服務與 API 的唯讀存取權Read-only access to service and APIs
Application Insights 元件參與者Application Insights Component Contributor 可以管理 Application Insights 元件Can manage Application Insights components
Application Insights 快照集偵錯工具Application Insights Snapshot Debugger 給予使用者權限,以便檢視及下載使用 Application Insights 快照偵錯工具所收集的偵錯快照。Gives user permission to view and download debug snapshots collected with the Application Insights Snapshot Debugger. 請注意,擁有者參與者角色未包含這些權限。Note that these permissions are not included in the Owner or Contributor roles.
自動化作業運算子Automation Job Operator 使用「自動化 Runbook」來建立及管理作業。Create and Manage Jobs using Automation Runbooks.
自動化運算子Automation Operator 「自動化運算子」能夠啟動、停止、暫止及繼續作業Automation Operators are able to start, stop, suspend, and resume jobs
自動化 Runbook 運算子Automation Runbook Operator 讀取 Runbook 屬性 - 以便能夠建立 Runbook 的作業。Read Runbook properties - to be able to create Jobs of the runbook.
Avere 參與者Avere Contributor 可以建立和管理 Avere vFXT 叢集。Can create and manage an Avere vFXT cluster.
Avere 運算子Avere Operator 由 Avere vFXT 叢集用來管理叢集Used by the Avere vFXT cluster to manage the cluster
Azure 事件中樞資料擁有者Azure Event Hubs Data Owner 允許 Azure 事件中樞資源的完整存取權。Allows for full access to Azure Event Hubs resources.
Azure 事件中樞資料接收器Azure Event Hubs Data Receiver 允許接收 Azure 事件中樞資源的存取權。Allows receive access to Azure Event Hubs resources.
Azure 事件中樞資料寄件者Azure Event Hubs Data Sender 允許傳送 Azure 事件中樞資源的存取權。Allows send access to Azure Event Hubs resources.
Azure Kubernetes Service 叢集管理員角色Azure Kubernetes Service Cluster Admin Role 列出叢集管理員認證動作。List cluster admin credential action.
Azure Kubernetes Service 叢集使用者角色Azure Kubernetes Service Cluster User Role 列出叢集使用者認證動作。List cluster user credential action.
Azure 地圖服務資料讀取器(預覽)Azure Maps Data Reader (Preview) 授與從 Azure 地圖服務帳戶讀取對應相關資料的存取權。Grants access to read map related data from an Azure maps account.
Azure Sentinel 參與者Azure Sentinel Contributor Azure Sentinel 參與者Azure Sentinel Contributor
Azure Sentinel 讀取器Azure Sentinel Reader Azure Sentinel 讀取器Azure Sentinel Reader
Azure Sentinel 回應程式Azure Sentinel Responder Azure Sentinel 回應程式Azure Sentinel Responder
Azure 服務匯流排資料擁有者Azure Service Bus Data Owner 允許 Azure 服務匯流排資源的完整存取權。Allows for full access to Azure Service Bus resources.
Azure 服務匯流排資料接收器Azure Service Bus Data Receiver 允許接收 Azure 服務匯流排資源的存取權。Allows for receive access to Azure Service Bus resources.
Azure 服務匯流排資料寄件者Azure Service Bus Data Sender 允許 Azure 服務匯流排資源的「傳送」存取權。Allows for send access to Azure Service Bus resources.
Azure Stack 註冊擁有者Azure Stack Registration Owner 可讓您管理 Azure Stack 註冊。Lets you manage Azure Stack registrations.
備份參與者Backup Contributor 可讓您管理備份服務,但無法建立保存庫並將存取權授與其他人Lets you manage backup service, but can't create vaults and give access to others
備份操作員Backup Operator 可讓您管理備份服務,但無法移除備份、建立保存庫及為其他人提供存取權Lets you manage backup services, except removal of backup, vault creation and giving access to others
備份讀取者Backup Reader 可以檢視備份服務,但無法進行變更Can view backup services, but can't make changes
帳單讀取器Billing Reader 允許對計費資料進行讀取存取Allows read access to billing data
BizTalk 參與者BizTalk Contributor 可讓您管理 BizTalk 服務,但無法存取它們。Lets you manage BizTalk services, but not access to them.
區塊鏈成員節點存取(預覽)Blockchain Member Node Access (Preview) 允許存取區塊鏈成員節點Allows for access to Blockchain Member nodes
藍圖參與者Blueprint Contributor 可以管理藍圖定義,但不能加以指派。Can manage blueprint definitions, but not assign them.
藍圖操作者Blueprint Operator 可以指派現有的已發行藍圖,但無法建立新的藍圖。Can assign existing published blueprints, but cannot create new blueprints. 注意:這僅適用于使用使用者指派的受控識別來完成指派。NOTE: this only works if the assignment is done with a user-assigned managed identity.
CDN 端點參與者CDN Endpoint Contributor 可管理 CDN 端點,但無法對其他使用者授與存取權。Can manage CDN endpoints, but can’t grant access to other users.
CDN 端點讀者CDN Endpoint Reader 可檢視 CDN 端點,但無法進行變更。Can view CDN endpoints, but can’t make changes.
CDN 設定檔參與者CDN Profile Contributor 可管理 CDN 設定檔及其端點,但無法對其他使用者授與存取權。Can manage CDN profiles and their endpoints, but can’t grant access to other users.
CDN 設定檔讀者CDN Profile Reader 可檢視 CDN 設定檔及其端點,但無法進行變更。Can view CDN profiles and their endpoints, but can’t make changes.
傳統網路參與者Classic Network Contributor 可讓您管理傳統網路,但無法存取它們。Lets you manage classic networks, but not access to them.
傳統儲存體帳戶參與者Classic Storage Account Contributor 可讓您管理傳統儲存體帳戶,但無法存取它們。Lets you manage classic storage accounts, but not access to them.
傳統儲存體帳戶金鑰操作員服務角色Classic Storage Account Key Operator Service Role 「傳統儲存體帳戶金鑰操作員」可以列出及重新產生「傳統儲存體帳戶」的金鑰Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts
傳統虛擬機器參與者Classic Virtual Machine Contributor 可讓您管理傳統虛擬機器 (不含虛擬機器所連線的虛擬網路或儲存體帳戶),但無法存取它們。Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.
認知服務參與者Cognitive Services Contributor 可讓您建立、讀取、更新、刪除及管理認知服務的金鑰。Lets you create, read, update, delete and manage keys of Cognitive Services.
認知服務資料讀取器(預覽)Cognitive Services Data Reader (Preview) 可讓您讀取認知服務資料。Lets you read Cognitive Services data.
認知服務使用者Cognitive Services User 可讓您讀取和列出認知服務的金鑰。Lets you read and list keys of Cognitive Services.
Cosmos DB 帳戶讀者角色Cosmos DB Account Reader Role 可以讀取 Azure Cosmos DB 帳戶資料。Can read Azure Cosmos DB account data. 請參閱 DocumentDB 帳戶參與者以管理 Azure Cosmos DB 帳戶。See DocumentDB Account Contributor for managing Azure Cosmos DB accounts.
Cosmos DB 運算子Cosmos DB Operator 可讓您管理 Azure Cosmos DB 帳戶,但不能存取其中的資料。Lets you manage Azure Cosmos DB accounts, but not access data in them. 防止存取帳戶金鑰和連接字串。Prevents access to account keys and connection strings.
CosmosBackupOperatorCosmosBackupOperator 可為帳戶的 Cosmos DB 資料庫或容器提交還原要求Can submit restore request for a Cosmos DB database or a container for an account
成本管理參與者Cost Management Contributor 可檢視成本和管理成本組態 (例如預算、匯出)Can view costs and manage cost configuration (e.g. budgets, exports)
成本管理讀者Cost Management Reader 可檢視成本資料和組態 (例如預算、匯出)Can view cost data and configuration (e.g. budgets, exports)
資料箱參與者Data Box Contributor 可讓您管理資料箱服務下的所有項目,為他人賦予存取權除外。Lets you manage everything under Data Box Service except giving access to others.
資料箱讀者Data Box Reader 可讓您管理資料箱服務,建立訂單或編輯訂單詳細資料和為他人賦予存取權除外。Lets you manage Data Box Service except creating order or editing order details and giving access to others.
Data Factory 參與者Data Factory Contributor 建立和管理 Data Factory,以及其中的子資源。Create and manage data factories, as well as child resources within them.
Data Lake Analytics 開發人員Data Lake Analytics Developer 可讓您提交、監視及管理您自己的作業,但無法建立或刪除 Data Lake Analytics 帳戶。Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.
資料清除者Data Purger 可清除分析資料Can purge analytics data
DevTest Labs 使用者DevTest Labs User 可讓您連線、啟動、重新啟及關閉您 Azure DevTest Labs 中的虛擬機器。Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.
DNS 區域參與者DNS Zone Contributor 可讓您管理 Azure DNS 中的 DNS 區域與記錄集,但無法讓您控制誰可存取它們。Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.
DocumentDB 帳戶參與者DocumentDB Account Contributor 可以管理 Azure Cosmos DB 帳戶。Can manage Azure Cosmos DB accounts. Azure Cosmos DB 先前稱為 DocumentDB。Azure Cosmos DB is formerly known as DocumentDB.
EventGrid EventSubscription 參與者EventGrid EventSubscription Contributor 可讓您管理 EventGrid 事件訂用帳戶作業。Lets you manage EventGrid event subscription operations.
EventGrid EventSubscription 讀者EventGrid EventSubscription Reader 可讓您讀取 EventGrid 事件訂用帳戶。Lets you read EventGrid event subscriptions.
HDInsight 叢集操作員HDInsight Cluster Operator 可讓您讀取和修改 HDInsight 叢集設定。Lets you read and modify HDInsight cluster configurations.
HDInsight 網域服務參與者HDInsight Domain Services Contributor 可讀取、建立、修改和刪除 HDInsight 企業安全性套件所需的網域服務相關作業Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package
Intelligent Systems 帳戶參與者Intelligent Systems Account Contributor 可讓您管理「智慧型系統」帳戶,但無法存取它們。Lets you manage Intelligent Systems accounts, but not access to them.
Key Vault 參與者Key Vault Contributor 可讓您管理金鑰保存庫,但無法存取它們。Lets you manage key vaults, but not access to them.
實驗室建立者Lab Creator 可讓您在「Azure 實驗室帳戶」下建立、管理、刪除您的受控實驗室。Lets you create, manage, delete your managed labs under your Azure Lab Accounts.
Log Analytics 參與者Log Analytics Contributor 「Log Analytics 參與者」角色可以讀取所有監視資料和編輯監視設定。Log Analytics Contributor can read all monitoring data and edit monitoring settings. 編輯監視設定包括將 VM 延伸模組新增至 VM、讀取儲存體帳戶金鑰以便能夠設定從「Azure 儲存體」收集記錄、建立及設定「自動化」帳戶、新增解決方案,以及設定所有 Azure 資源上的 Azure 診斷。Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources.
Log Analytics 讀者Log Analytics Reader 「Log Analytics 讀者」可以檢視和搜尋所有監視資料,以及檢視監視設定,包括檢視所有 Azure 資源上的 Azure 診斷設定。Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.
邏輯應用程式參與者Logic App Contributor 可讓您管理邏輯應用程式,但不能變更其存取。Lets you manage logic apps, but not change access to them.
邏輯應用程式運算子Logic App Operator 可讓您讀取、啟用及停用邏輯應用程式,但無法編輯或更新它們。Lets you read, enable, and disable logic apps, but not edit or update them.
受控應用程式操作員角色Managed Application Operator Role 可讓您讀取受控應用程式資源及對其執行動作Lets you read and perform actions on Managed Application resources
受控應用程式讀者Managed Applications Reader 可讓您讀取受控應用程式中的資源及要求 JIT 存取權。Lets you read resources in a managed app and request JIT access.
受控身分識別參與者Managed Identity Contributor 建立、讀取、更新及刪除使用者指派的身分識別Create, Read, Update, and Delete User Assigned Identity
受控身分識別操作員Managed Identity Operator 讀取及指派使用者指派的身分識別Read and Assign User Assigned Identity
受控服務註冊指派刪除角色Managed Services Registration assignment Delete Role 受控服務註冊指派刪除角色可讓管理租使用者使用者刪除指派給其租使用者的註冊指派。Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.
管理群組參與者Management Group Contributor 管理群組參與者角色Management Group Contributor Role
管理群組讀者Management Group Reader 管理群組讀者角色Management Group Reader Role
監視參與者Monitoring Contributor 可以讀取所有監視資料並編輯監視設定。Can read all monitoring data and edit monitoring settings. 請參閱開始使用 Azure 監視器的角色、權限和安全性See also Get started with roles, permissions, and security with Azure Monitor.
監視計量發行者Monitoring Metrics Publisher 針對 Azure 資源啟用發佈計量Enables publishing metrics against Azure resources
監視讀取器Monitoring Reader 可以讀取所有監視資料 (計量、記錄等等)。Can read all monitoring data (metrics, logs, etc.). 請參閱開始使用 Azure 監視器的角色、權限和安全性See also Get started with roles, permissions, and security with Azure Monitor.
網路參與者Network Contributor 可讓您管理網路,但無法存取它們。Lets you manage networks, but not access to them.
New Relic APM 帳戶參與者New Relic APM Account Contributor 可讓您管理 New Relic Application Performance Management 帳戶及應用程式,但無法存取它們。Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.
讀取者及資料存取Reader and Data Access 可讓您檢視所有內容,但無法讓您刪除或建立儲存體帳戶或內含的資源。Lets you view everything but will not let you delete or create a storage account or contained resource. 也可透過存取儲存體帳戶金鑰,對儲存體帳戶中內含的所有資料進行讀取/寫入存取。It will also allow read/write access to all data contained in a storage account via access to storage account keys.
Redis 快取參與者Redis Cache Contributor 可讓您管理 Redis 快取,但無法存取它們。Lets you manage Redis caches, but not access to them.
資源原則參與者 (預覽)Resource Policy Contributor (Preview) (預覽) 從 EA 回填的使用者,有權建立/修改資源原則、建立支援票證及讀取資源/階層。(Preview) Backfilled users from EA, with rights to create/modify resource policy, create support ticket and read resources/hierarchy.
排程器工作集合參與者Scheduler Job Collections Contributor 可讓您管理「排程器」工作集合,但無法存取它們。Lets you manage Scheduler job collections, but not access to them.
搜尋服務參與者Search Service Contributor 可讓您管理「搜尋」服務,但無法存取它們。Lets you manage Search services, but not access to them.
安全性系統管理員Security Admin 僅限資訊安全中心:可檢視安全性原則、檢視安全性狀態、編輯安全性原則、檢視警示和建議、關閉警示和建議In Security Center only: Can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations
安全性管理員 (舊版)Security Manager (Legacy) 此為舊版角色。This is a legacy role. 請改用安全性系統管理員Please use Security Administrator instead
安全性讀取者Security Reader 僅限資訊安全中心:可檢視建議和警示、檢視安全性原則、檢視安全性狀態,但無法進行變更In Security Center only: Can view recommendations and alerts, view security policies, view security states, but cannot make changes
Site Recovery 參與者Site Recovery Contributor 可讓您管理 Site Recovery 服務,但無法建立保存庫和指派角色Lets you manage Site Recovery service except vault creation and role assignment
Site Recovery 操作員Site Recovery Operator 可讓您容錯移轉及容錯回復,但無法執行其他 Site Recovery 管理作業Lets you failover and failback but not perform other Site Recovery management operations
Site Recovery 讀取者Site Recovery Reader 可讓您檢視 Site Recovery 狀態,但無法執行其他管理作業Lets you view Site Recovery status but not perform other management operations
空間錨點帳戶參與者Spatial Anchors Account Contributor 可讓您管理帳戶中的空間錨點,但不能將其刪除Lets you manage spatial anchors in your account, but not delete them
空間錨點帳戶擁有者Spatial Anchors Account Owner 可讓您管理帳戶中的空間錨點,包括刪除它們Lets you manage spatial anchors in your account, including deleting them
空間錨點帳戶讀者Spatial Anchors Account Reader 可讓您找出並讀取您帳戶中的空間錨點屬性Lets you locate and read properties of spatial anchors in your account
SQL DB 參與者SQL DB Contributor 可讓您管理 SQL 資料庫,但無法存取它們。Lets you manage SQL databases, but not access to them. 此外,您也無法管理其安全性相關原則或其父 SQL 伺服器。Also, you can't manage their security-related policies or their parent SQL servers.
SQL 受控執行個體參與者SQL Managed Instance Contributor 可讓您管理 SQL 受控實例和必要的網路設定,但無法將存取權授與其他人。Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.
SQL 安全性管理員SQL Security Manager 可讓您管理 SQL 伺服器及資料庫的安全性相關原則,但無法存取它們。Lets you manage the security-related policies of SQL servers and databases, but not access to them.
SQL Server 參與者SQL Server Contributor 可讓您管理 SQL 伺服器及資料庫,但無法存取它們,也無法存取其安全性相關原則。Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.
儲存體帳戶參與者Storage Account Contributor 允許管理儲存體帳戶。Permits management of storage accounts. 提供帳戶金鑰的存取權,其可用來透過共用金鑰授權存取資料。Provides access to the account key, which can be used to access data via Shared Key authorization.
儲存體帳戶金鑰操作員服務角色Storage Account Key Operator Service Role 允許列出及重新產生儲存體帳戶存取金鑰。Permits listing and regenerating storage account access keys.
儲存體 Blob 資料參與者Storage Blob Data Contributor 讀取、寫入和刪除 Azure 儲存體的容器和 blob。Read, write, and delete Azure Storage containers and blobs. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
儲存體 Blob 資料擁有者Storage Blob Data Owner 提供 Azure 儲存體 blob 容器和資料的完整存取權,包括指派 POSIX 存取控制。Provides full access to Azure Storage blob containers and data, including assigning POSIX access control. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
儲存體 Blob 資料讀者Storage Blob Data Reader 讀取並列出 Azure 儲存體的容器和 blob。Read and list Azure Storage containers and blobs. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
儲存體 Blob DelegatorStorage Blob Delegator 取得使用者委派金鑰,然後可以用來為使用 Azure AD 認證簽署的容器或 blob 建立共用存取簽章。Get a user delegation key, which can then be used to create a shared access signature for a container or blob that is signed with Azure AD credentials. 如需詳細資訊,請參閱建立使用者委派 SASFor more information, see Create a user delegation SAS.
儲存體檔案資料 SMB 共用參與者Storage File Data SMB Share Contributor 允許透過 SMB 在 Azure 儲存體檔案共用中進行讀取、寫入和刪除存取Allows for read, write, and delete access in Azure Storage file shares over SMB
儲存體檔案資料 SMB 共用提高許可權參與者Storage File Data SMB Share Elevated Contributor 允許透過 SMB 在 Azure 儲存體檔案共用中進行讀取、寫入、刪除及修改 NTFS 許可權存取Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB
儲存體檔案資料 SMB 共用讀取器Storage File Data SMB Share Reader 允許透過 SMB 讀取對 Azure 檔案共用的存取Allows for read access to Azure File Share over SMB
儲存體佇列資料參與者Storage Queue Data Contributor 讀取、寫入和刪除 Azure 儲存體的佇列和佇列訊息。Read, write, and delete Azure Storage queues and queue messages. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
儲存體佇列資料訊息處理器Storage Queue Data Message Processor 查看、取出和刪除 Azure 儲存體佇列中的訊息。Peek, retrieve, and delete a message from an Azure Storage queue. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
儲存體佇列資料訊息寄件者Storage Queue Data Message Sender 將訊息新增至 Azure 儲存體的佇列。Add messages to an Azure Storage queue. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
儲存體佇列資料讀取器Storage Queue Data Reader 讀取和列出 Azure 儲存體的佇列和佇列訊息。Read and list Azure Storage queues and queue messages. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
支援要求參與者Support Request Contributor 可讓您建立及管理支援要求Lets you create and manage Support requests
流量管理員參與者Traffic Manager Contributor 可讓您管理「流量管理員」設定檔,但無法控制誰可以存取它們。Lets you manage Traffic Manager profiles, but does not let you control who has access to them.
使用者存取系統管理員User Access Administrator 可讓您管理 Azure 資源的使用者存取。Lets you manage user access to Azure resources.
虛擬機器系統管理員登入Virtual Machine Administrator Login 在入口網站中檢視虛擬機器並以系統管理員身分登入View Virtual Machines in the portal and login as administrator
虛擬機器參與者Virtual Machine Contributor 可讓您管理虛擬機器 (不含虛擬機器所連接的虛擬網路或儲存體帳戶),但無法存取它們。Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.
虛擬機器使用者登入Virtual Machine User Login 在入口網站中檢視虛擬機器並以一般使用者身分登入。View Virtual Machines in the portal and login as a regular user.
Web 方案參與者Web Plan Contributor 可讓您管理網站的 Web 方案,但無法存取它們。Lets you manage the web plans for websites, but not access to them.
網站參與者Website Contributor 可讓您管理網站 (非 Web 方案),但無法存取它們。Lets you manage websites (not web plans), but not access to them.

擁有者Owner

說明Description 可讓您管理一切,包括對資源的存取。Lets you manage everything, including access to resources.
IdId 8e3af657-a8ff-443c-a75c-2fe8c4bcb6358e3af657-a8ff-443c-a75c-2fe8c4bcb635
動作Actions
* 建立和管理所有類型的資源Create and manage resources of all types
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

參與者Contributor

說明Description 除了授與資源的存取權之外,還可讓您管理所有專案。Lets you manage everything except granting access to resources.
IdId b24988ac-6180-42a0-ab88-20f7382dd24cb24988ac-6180-42a0-ab88-20f7382dd24c
動作Actions
* 建立和管理所有類型的資源Create and manage resources of all types
NotActionsNotActions
Microsoft.Authorization/*/DeleteMicrosoft.Authorization/*/Delete 刪除角色、原則指派、原則定義和原則集合定義Delete roles, policy assignments, policy definitions and policy set definitions
Microsoft.Authorization/*/WriteMicrosoft.Authorization/*/Write 建立角色、角色指派、原則指派、原則定義和原則集合定義Create roles, role assignments, policy assignments, policy definitions and policy set definitions
Microsoft.Authorization/elevateAccess/ActionMicrosoft.Authorization/elevateAccess/Action 對呼叫者授與租用戶範圍的使用者存取系統管理員存取權Grants the caller User Access Administrator access at the tenant scope
Microsoft.Blueprint/blueprintAssignments/writeMicrosoft.Blueprint/blueprintAssignments/write 建立或更新任何藍圖指派Create or update any blueprint assignments
Microsoft.Blueprint/blueprintAssignments/deleteMicrosoft.Blueprint/blueprintAssignments/delete 刪除任何藍圖指派Delete any blueprint assignments
DataActionsDataActions
none
NotDataActionsNotDataActions
none

讀取者Reader

說明Description 可讓您檢視所有項目,但是無法進行變更。Lets you view everything, but not make any changes.
IdId acdd72a7-3385-48ef-bd42-f606fba81ae7acdd72a7-3385-48ef-bd42-f606fba81ae7
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

AcrDeleteAcrDelete

說明Description acr 刪除acr delete
IdId c2f4ef07-c644-48eb-af81-4b1b4947fb11c2f4ef07-c644-48eb-af81-4b1b4947fb11
動作Actions
ContainerRegistry/registry/構件/deleteMicrosoft.ContainerRegistry/registries/artifacts/delete 刪除容器登錄中的成品。Delete artifact in a container registry.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

AcrImageSignerAcrImageSigner

說明Description ACR 影像簽署者acr image signer
IdId 6cef56e8-d556-48e5-a04f-b8e64114680f6cef56e8-d556-48e5-a04f-b8e64114680f
動作Actions
Microsoft.ContainerRegistry/registries/sign/writeMicrosoft.ContainerRegistry/registries/sign/write 推送/提取容器登錄的內容信任中繼資料。Push/Pull content trust metadata for a container registry.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

AcrPullAcrPull

說明Description acr 提取acr pull
IdId 7f951dda-4ed3-4680-a7ca-43fe172d538d7f951dda-4ed3-4680-a7ca-43fe172d538d
動作Actions
Microsoft.ContainerRegistry/registries/pull/readMicrosoft.ContainerRegistry/registries/pull/read 從容器登錄中提取或取得映像。Pull or Get images from a container registry.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

AcrPushAcrPush

說明Description acr 推送acr push
IdId 8311e382-0749-4cb8-b61a-304f252e45ec8311e382-0749-4cb8-b61a-304f252e45ec
動作Actions
Microsoft.ContainerRegistry/registries/pull/readMicrosoft.ContainerRegistry/registries/pull/read 從容器登錄中提取或取得映像。Pull or Get images from a container registry.
Microsoft.ContainerRegistry/registries/push/writeMicrosoft.ContainerRegistry/registries/push/write 將映像推送或寫入至容器登錄。Push or Write images to a container registry.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

AcrQuarantineReaderAcrQuarantineReader

說明Description ACR 隔離資料讀取者acr quarantine data reader
IdId cdda3590-29a3-44f6-95f2-9f980659eb04cdda3590-29a3-44f6-95f2-9f980659eb04
動作Actions
ContainerRegistry/登錄/隔離/讀取Microsoft.ContainerRegistry/registries/quarantine/read 從容器登錄中提取或取得隔離的映像Pull or Get quarantined images from container registry
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

AcrQuarantineWriterAcrQuarantineWriter

說明Description ACR 隔離資料寫入者acr quarantine data writer
IdId c8d4ff99-41c3-41a8-9f60-21dfdad59608c8d4ff99-41c3-41a8-9f60-21dfdad59608
動作Actions
ContainerRegistry/登錄/隔離/讀取Microsoft.ContainerRegistry/registries/quarantine/read 從容器登錄中提取或取得隔離的映像Pull or Get quarantined images from container registry
ContainerRegistry/登錄/隔離/寫入Microsoft.ContainerRegistry/registries/quarantine/write 寫入/修改已隔離映像的隔離狀態Write/Modify quarantine state of quarantined images
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

API 管理服務參與者API Management Service Contributor

說明Description 可管理服務與 APICan manage service and the APIs
IdId 312a565d-c81f-4fd8-895a-4e21e48d571c312a565d-c81f-4fd8-895a-4e21e48d571c
動作Actions
Microsoft.ApiManagement/service/*Microsoft.ApiManagement/service/* 建立和管理 API 管理服務Create and manage API Management service
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

API 管理服務操作員角色API Management Service Operator Role

說明Description 可管理服務,但無法管理 APICan manage service but not the APIs
IdId e022efe7-f5ba-4159-bbe4-b44f577e9b61e022efe7-f5ba-4159-bbe4-b44f577e9b61
動作Actions
Microsoft.ApiManagement/service/*/readMicrosoft.ApiManagement/service/*/read 讀取 API 管理服務執行個體Read API Management Service instances
Microsoft.ApiManagement/service/backup/actionMicrosoft.ApiManagement/service/backup/action 將 API 管理服務備份到使用者所提供之儲存體帳戶中的指定容器Backup API Management Service to the specified container in a user provided storage account
Microsoft.ApiManagement/service/deleteMicrosoft.ApiManagement/service/delete 刪除 API 管理服務執行個體Delete API Management Service instance
Microsoft.ApiManagement/service/managedeployments/actionMicrosoft.ApiManagement/service/managedeployments/action 變更 SKU/單位、新增/移除 API 管理服務的區域部署Change SKU/units, add/remove regional deployments of API Management Service
Microsoft.ApiManagement/service/readMicrosoft.ApiManagement/service/read 讀取 API 管理服務執行個體的中繼資料Read metadata for an API Management Service instance
Microsoft.ApiManagement/service/restore/actionMicrosoft.ApiManagement/service/restore/action 從使用者所提供之儲存體帳戶中的指定容器來還原 API 管理服務Restore API Management Service from the specified container in a user provided storage account
Microsoft.ApiManagement/service/updatecertificate/actionMicrosoft.ApiManagement/service/updatecertificate/action 上傳 API 管理服務的 SSL 憑證Upload SSL certificate for an API Management Service
Microsoft.ApiManagement/service/updatehostname/actionMicrosoft.ApiManagement/service/updatehostname/action 設定、更新或移除 API 管理服務的自訂網域名稱Setup, update or remove custom domain names for an API Management Service
Microsoft.ApiManagement/service/writeMicrosoft.ApiManagement/service/write 建立 API 管理服務的新執行個體Create a new instance of API Management Service
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
Microsoft.ApiManagement/service/users/keys/readMicrosoft.ApiManagement/service/users/keys/read 取得與使用者相關聯的金鑰Get keys associated with user
DataActionsDataActions
none
NotDataActionsNotDataActions
none

API 管理服務讀取者角色API Management Service Reader Role

說明Description 具有服務與 API 的唯讀存取權Read-only access to service and APIs
IdId 71522526-b88f-4d52-b57f-d31fc3546d0d71522526-b88f-4d52-b57f-d31fc3546d0d
動作Actions
Microsoft.ApiManagement/service/*/readMicrosoft.ApiManagement/service/*/read 讀取 API 管理服務執行個體Read API Management Service instances
Microsoft.ApiManagement/service/readMicrosoft.ApiManagement/service/read 讀取 API 管理服務執行個體的中繼資料Read metadata for an API Management Service instance
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
Microsoft.ApiManagement/service/users/keys/readMicrosoft.ApiManagement/service/users/keys/read 取得與使用者相關聯的金鑰Get keys associated with user
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Application Insights 元件參與者Application Insights Component Contributor

說明Description 可以管理 Application Insights 元件Can manage Application Insights components
IdId ae349356-3a1b-4a5e-921d-050484c6347eae349356-3a1b-4a5e-921d-050484c6347e
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.Insights/components/*Microsoft.Insights/components/* 建立和管理 Insights 元件Create and manage Insights components
Microsoft.Insights/webtests/*Microsoft.Insights/webtests/* 建立和管理 Web 測試Create and manage web tests
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Application Insights 快照集偵錯工具Application Insights Snapshot Debugger

說明Description 給予使用者權限,以便檢視及下載使用 Application Insights 快照偵錯工具所收集的偵錯快照。Gives user permission to view and download debug snapshots collected with the Application Insights Snapshot Debugger. 請注意,擁有者參與者角色未包含這些權限。Note that these permissions are not included in the Owner or Contributor roles.
IdId 08954f03-6346-4c2e-81c0-ec3a5cfae23b08954f03-6346-4c2e-81c0-ec3a5cfae23b
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Insights/components/*/readMicrosoft.Insights/components/*/read
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

自動化作業運算子Automation Job Operator

說明Description 使用「自動化 Runbook」來建立及管理作業。Create and Manage Jobs using Automation Runbooks.
IdId 4fe576fe-1146-4730-92eb-48519fa6bf9f4fe576fe-1146-4730-92eb-48519fa6bf9f
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/readMicrosoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read 讀取混合式 Runbook 背景工作角色資源Reads Hybrid Runbook Worker Resources
Microsoft.Automation/automationAccounts/jobs/readMicrosoft.Automation/automationAccounts/jobs/read 取得 Azure 自動化作業Gets an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/resume/actionMicrosoft.Automation/automationAccounts/jobs/resume/action 繼續 Azure 自動化作業Resumes an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/stop/actionMicrosoft.Automation/automationAccounts/jobs/stop/action 停止 Azure 自動化作業Stops an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/streams/readMicrosoft.Automation/automationAccounts/jobs/streams/read 取得 Azure 自動化作業串流Gets an Azure Automation job stream
Microsoft.Automation/automationAccounts/jobs/suspend/actionMicrosoft.Automation/automationAccounts/jobs/suspend/action 暫止 Azure 自動化作業Suspends an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/writeMicrosoft.Automation/automationAccounts/jobs/write 建立 Azure 自動化作業Creates an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/output/readMicrosoft.Automation/automationAccounts/jobs/output/read 取得作業的輸出Gets the output of a job
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

自動化運算子Automation Operator

說明Description 「自動化運算子」能夠啟動、停止、暫止及繼續作業Automation Operators are able to start, stop, suspend, and resume jobs
IdId d3881f73-407a-4167-8283-e981cbba0404d3881f73-407a-4167-8283-e981cbba0404
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Automation/automationAccounts/hybridRunbookWorkerGroups/readMicrosoft.Automation/automationAccounts/hybridRunbookWorkerGroups/read 讀取混合式 Runbook 背景工作角色資源Reads Hybrid Runbook Worker Resources
Microsoft.Automation/automationAccounts/jobs/readMicrosoft.Automation/automationAccounts/jobs/read 取得 Azure 自動化作業Gets an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/resume/actionMicrosoft.Automation/automationAccounts/jobs/resume/action 繼續 Azure 自動化作業Resumes an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/stop/actionMicrosoft.Automation/automationAccounts/jobs/stop/action 停止 Azure 自動化作業Stops an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/streams/readMicrosoft.Automation/automationAccounts/jobs/streams/read 取得 Azure 自動化作業串流Gets an Azure Automation job stream
Microsoft.Automation/automationAccounts/jobs/suspend/actionMicrosoft.Automation/automationAccounts/jobs/suspend/action 暫止 Azure 自動化作業Suspends an Azure Automation job
Microsoft.Automation/automationAccounts/jobs/writeMicrosoft.Automation/automationAccounts/jobs/write 建立 Azure 自動化作業Creates an Azure Automation job
Microsoft.Automation/automationAccounts/jobSchedules/readMicrosoft.Automation/automationAccounts/jobSchedules/read 取得 Azure 自動化作業排程Gets an Azure Automation job schedule
Microsoft.Automation/automationAccounts/jobSchedules/writeMicrosoft.Automation/automationAccounts/jobSchedules/write 建立 Azure 自動化作業排程Creates an Azure Automation job schedule
Microsoft.Automation/automationAccounts/linkedWorkspace/readMicrosoft.Automation/automationAccounts/linkedWorkspace/read 取得連結至自動化帳戶的工作區Gets the workspace linked to the automation account
Microsoft.Automation/automationAccounts/readMicrosoft.Automation/automationAccounts/read 取得 Azure 自動化帳戶Gets an Azure Automation account
Microsoft.Automation/automationAccounts/runbooks/readMicrosoft.Automation/automationAccounts/runbooks/read 取得 Azure 自動化 RunbookGets an Azure Automation runbook
Microsoft.Automation/automationAccounts/schedules/readMicrosoft.Automation/automationAccounts/schedules/read 取得 Azure 自動化排程資產Gets an Azure Automation schedule asset
Microsoft.Automation/automationAccounts/schedules/writeMicrosoft.Automation/automationAccounts/schedules/write 建立或更新 Azure 自動化排程資產Creates or updates an Azure Automation schedule asset
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Automation/automationAccounts/jobs/output/readMicrosoft.Automation/automationAccounts/jobs/output/read 取得作業的輸出Gets the output of a job
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

自動化 Runbook 運算子Automation Runbook Operator

說明Description 讀取 Runbook 屬性 - 以便能夠建立 Runbook 的作業。Read Runbook properties - to be able to create Jobs of the runbook.
IdId 5fb5aef8-1081-4b8e-bb16-9d5d0385bab55fb5aef8-1081-4b8e-bb16-9d5d0385bab5
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Automation/automationAccounts/runbooks/readMicrosoft.Automation/automationAccounts/runbooks/read 取得 Azure 自動化 RunbookGets an Azure Automation runbook
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Avere 參與者Avere Contributor

說明Description 可以建立和管理 Avere vFXT 叢集。Can create and manage an Avere vFXT cluster.
IdId 4f8fab4f-1852-4a58-a46a-8eaf358af14a4f8fab4f-1852-4a58-a46a-8eaf358af14a
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft。 Compute/*/readMicrosoft.Compute/*/read
Microsoft.Compute/availabilitySets/*Microsoft.Compute/availabilitySets/*
Microsoft.Compute/virtualMachines/*Microsoft.Compute/virtualMachines/*
Microsoft。計算/磁片/*Microsoft.Compute/disks/*
Microsoft. Network/*/readMicrosoft.Network/*/read
Microsoft.Network/networkInterfaces/*Microsoft.Network/networkInterfaces/*
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.Network/virtualNetworks/subnets/readMicrosoft.Network/virtualNetworks/subnets/read 取得虛擬網路子網路定義Gets a virtual network subnet definition
Microsoft.Network/virtualNetworks/subnets/join/actionMicrosoft.Network/virtualNetworks/subnets/join/action 加入虛擬網路。Joins a virtual network. 未打斷。Not Alertable.
Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/actionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action 將資源 (例如,儲存體帳戶或 SQL Database) 加入至子網路。Joins resource such as storage account or SQL database to a subnet. 未打斷。Not alertable.
Microsoft.Network/networkSecurityGroups/join/actionMicrosoft.Network/networkSecurityGroups/join/action 加入網路安全性群組。Joins a network security group. 未打斷。Not Alertable.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft. Storage/*/readMicrosoft.Storage/*/read
Microsoft.Storage/storageAccounts/*Microsoft.Storage/storageAccounts/*
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft .Resources/訂用帳戶/resourceGroups/資源/讀取Microsoft.Resources/subscriptions/resourceGroups/resources/read 取得資源群組的資源。Gets the resources for the resource group.
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/deleteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/delete 傳回刪除 Blob 的結果Returns the result of deleting a blob
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/readMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read 傳回 Blob 或 Blob 清單Returns a blob or a list of blobs
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/writeMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/write 傳回寫入 Blob 的結果Returns the result of writing a blob
NotDataActionsNotDataActions
none

Avere 運算子Avere Operator

說明Description 由 Avere vFXT 叢集用來管理叢集Used by the Avere vFXT cluster to manage the cluster
IdId c025889f-8102-4ebf-b32c-fc0c6f0c6bd9c025889f-8102-4ebf-b32c-fc0c6f0c6bd9
動作Actions
Microsoft.Compute/virtualMachines/readMicrosoft.Compute/virtualMachines/read 取得虛擬機器的屬性Get the properties of a virtual machine
Microsoft.Network/networkInterfaces/readMicrosoft.Network/networkInterfaces/read 取得網路介面定義。Gets a network interface definition.
Microsoft.Network/networkInterfaces/writeMicrosoft.Network/networkInterfaces/write 建立網路介面,或更新現有的網路介面。Creates a network interface or updates an existing network interface.
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.Network/virtualNetworks/subnets/readMicrosoft.Network/virtualNetworks/subnets/read 取得虛擬網路子網路定義Gets a virtual network subnet definition
Microsoft.Network/virtualNetworks/subnets/join/actionMicrosoft.Network/virtualNetworks/subnets/join/action 加入虛擬網路。Joins a virtual network. 未打斷。Not Alertable.
Microsoft.Network/networkSecurityGroups/join/actionMicrosoft.Network/networkSecurityGroups/join/action 加入網路安全性群組。Joins a network security group. 未打斷。Not Alertable.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/blobServices/containers/deleteMicrosoft.Storage/storageAccounts/blobServices/containers/delete 傳回刪除容器的結果Returns the result of deleting a container
Microsoft.Storage/storageAccounts/blobServices/containers/readMicrosoft.Storage/storageAccounts/blobServices/containers/read 傳回容器的清單Returns list of containers
Microsoft.Storage/storageAccounts/blobServices/containers/writeMicrosoft.Storage/storageAccounts/blobServices/containers/write 傳回放置 Blob 容器的結果Returns the result of put blob container
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/deleteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/delete 傳回刪除 Blob 的結果Returns the result of deleting a blob
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/readMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read 傳回 Blob 或 Blob 清單Returns a blob or a list of blobs
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/writeMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/write 傳回寫入 Blob 的結果Returns the result of writing a blob
NotDataActionsNotDataActions
none

Azure 事件中樞資料擁有者Azure Event Hubs Data Owner

說明Description 允許 Azure 事件中樞資源的完整存取權。Allows for full access to Azure Event Hubs resources.
IdId f526a384-b230-433a-b45c-95f59c4a2decf526a384-b230-433a-b45c-95f59c4a2dec
動作Actions
Microsoft EventHub/*Microsoft.EventHub/*
NotActionsNotActions
none
DataActionsDataActions
Microsoft EventHub/*Microsoft.EventHub/*
NotDataActionsNotDataActions
none

Azure 事件中樞資料接收器Azure Event Hubs Data Receiver

說明Description 允許接收 Azure 事件中樞資源的存取權。Allows receive access to Azure Event Hubs resources.
IdId a638d3c7-ab3a-418d-83e6-5f17a39d4fdea638d3c7-ab3a-418d-83e6-5f17a39d4fde
動作Actions
Microsoft EventHub/*/eventhubs/consumergroups/readMicrosoft.EventHub/*/eventhubs/consumergroups/read
NotActionsNotActions
none
DataActionsDataActions
Microsoft EventHub/*/receive/actionMicrosoft.EventHub/*/receive/action
NotDataActionsNotDataActions
none

Azure 事件中樞資料寄件者Azure Event Hubs Data Sender

說明Description 允許傳送 Azure 事件中樞資源的存取權。Allows send access to Azure Event Hubs resources.
IdId 2b629674-e913-4c01-ae53-ef4638d8f9752b629674-e913-4c01-ae53-ef4638d8f975
動作Actions
Microsoft EventHub/*/eventhubs/readMicrosoft.EventHub/*/eventhubs/read
NotActionsNotActions
none
DataActionsDataActions
Microsoft EventHub/*/send/actionMicrosoft.EventHub/*/send/action
NotDataActionsNotDataActions
none

Azure Kubernetes Service 叢集管理員角色Azure Kubernetes Service Cluster Admin Role

說明Description 列出叢集管理員認證動作。List cluster admin credential action.
IdId 0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be80ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8
動作Actions
Microsoft.ContainerService/managedClusters/listClusterAdminCredential/actionMicrosoft.ContainerService/managedClusters/listClusterAdminCredential/action 列出受控叢集的 clusterAdmin 認證List the clusterAdmin credential of a managed cluster
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Azure Kubernetes Service 叢集使用者角色Azure Kubernetes Service Cluster User Role

說明Description 列出叢集使用者認證動作。List cluster user credential action.
IdId 4abbcc35-e782-43d8-92c5-2d3f1bd2253f4abbcc35-e782-43d8-92c5-2d3f1bd2253f
動作Actions
Microsoft.ContainerService/managedClusters/listClusterUserCredential/actionMicrosoft.ContainerService/managedClusters/listClusterUserCredential/action 列出受控叢集的 clusterUser 認證List the clusterUser credential of a managed cluster
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Azure 地圖服務資料讀者 (預覽)Azure Maps Data Reader (Preview)

說明Description 授與從 Azure 地圖服務帳戶讀取對應相關資料的存取權。Grants access to read map related data from an Azure maps account.
IdId 423170ca-a8f6-4b0f-8487-9e4eb8f49bfa423170ca-a8f6-4b0f-8487-9e4eb8f49bfa
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Maps/accounts/data/readMicrosoft.Maps/accounts/data/read 將資料讀取權限授與地圖服務帳戶。Grants data read access to a maps account.
NotDataActionsNotDataActions
none

Azure Sentinel 參與者Azure Sentinel Contributor

說明Description Azure Sentinel 參與者Azure Sentinel Contributor
IdId ab8e14d6-4a74-4a29-9ba8-549422addadeab8e14d6-4a74-4a29-9ba8-549422addade
動作Actions
SecurityInsights/*Microsoft.SecurityInsights/*
Microsoft.OperationalInsights/workspaces/analytics/query/actionMicrosoft.OperationalInsights/workspaces/analytics/query/action 使用新的引擎進行搜尋。Search using new engine.
Microsoft.OperationalInsights/workspaces/readMicrosoft.OperationalInsights/workspaces/read 取得現有工作區Gets an existing workspace
Microsoft.OperationalInsights/workspaces/savedSearches/*Microsoft.OperationalInsights/workspaces/savedSearches/*
Microsoft.OperationsManagement/solutions/readMicrosoft.OperationsManagement/solutions/read 取得現有的 OMS 解決方案Get exiting OMS solution
Microsoft.OperationalInsights/workspaces/query/readMicrosoft.OperationalInsights/workspaces/query/read 針對工作區中的資料執行查詢Run queries over the data in the workspace
Microsoft.operationalinsights/工作區/資料來源/讀取Microsoft.OperationalInsights/workspaces/dataSources/read 取得工作區下的資料來源。Get datasources under a workspace.
Microsoft Insights/活頁簿/*Microsoft.Insights/workbooks/*
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Azure Sentinel 讀取器Azure Sentinel Reader

說明Description Azure Sentinel 讀取器Azure Sentinel Reader
IdId 8d289c81-5878-46d4-8554-54e1e3d8b5cb8d289c81-5878-46d4-8554-54e1e3d8b5cb
動作Actions
SecurityInsights/*/readMicrosoft.SecurityInsights/*/read
Microsoft.OperationalInsights/workspaces/analytics/query/actionMicrosoft.OperationalInsights/workspaces/analytics/query/action 使用新的引擎進行搜尋。Search using new engine.
Microsoft.OperationalInsights/workspaces/readMicrosoft.OperationalInsights/workspaces/read 取得現有工作區Gets an existing workspace
Microsoft.OperationalInsights/workspaces/savedSearches/readMicrosoft.OperationalInsights/workspaces/savedSearches/read 取得已儲存的搜尋查詢Gets a saved search query
Microsoft.OperationsManagement/solutions/readMicrosoft.OperationsManagement/solutions/read 取得現有的 OMS 解決方案Get exiting OMS solution
Microsoft.OperationalInsights/workspaces/query/readMicrosoft.OperationalInsights/workspaces/query/read 針對工作區中的資料執行查詢Run queries over the data in the workspace
Microsoft.operationalinsights/工作區/資料來源/讀取Microsoft.OperationalInsights/workspaces/dataSources/read 取得工作區下的資料來源。Get datasources under a workspace.
Microsoft Insights/活頁簿/讀取Microsoft.Insights/workbooks/read 讀取活頁簿Read a workbook
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Azure Sentinel 回應程式Azure Sentinel Responder

說明Description Azure Sentinel 回應程式Azure Sentinel Responder
IdId 3e150937-b8fe-4cfb-8069-0eaf05ecd0563e150937-b8fe-4cfb-8069-0eaf05ecd056
動作Actions
SecurityInsights/*/readMicrosoft.SecurityInsights/*/read
SecurityInsights/案例/*Microsoft.SecurityInsights/cases/*
Microsoft.OperationalInsights/workspaces/analytics/query/actionMicrosoft.OperationalInsights/workspaces/analytics/query/action 使用新的引擎進行搜尋。Search using new engine.
Microsoft.OperationalInsights/workspaces/readMicrosoft.OperationalInsights/workspaces/read 取得現有工作區Gets an existing workspace
Microsoft.operationalinsights/工作區/資料來源/讀取Microsoft.OperationalInsights/workspaces/dataSources/read 取得工作區下的資料來源。Get datasources under a workspace.
Microsoft.OperationalInsights/workspaces/savedSearches/readMicrosoft.OperationalInsights/workspaces/savedSearches/read 取得已儲存的搜尋查詢Gets a saved search query
Microsoft.OperationsManagement/solutions/readMicrosoft.OperationsManagement/solutions/read 取得現有的 OMS 解決方案Get exiting OMS solution
Microsoft.OperationalInsights/workspaces/query/readMicrosoft.OperationalInsights/workspaces/query/read 針對工作區中的資料執行查詢Run queries over the data in the workspace
Microsoft.operationalinsights/工作區/資料來源/讀取Microsoft.OperationalInsights/workspaces/dataSources/read 取得工作區下的資料來源。Get datasources under a workspace.
Microsoft Insights/活頁簿/讀取Microsoft.Insights/workbooks/read 讀取活頁簿Read a workbook
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Azure 服務匯流排資料擁有者Azure Service Bus Data Owner

說明Description 允許 Azure 服務匯流排資源的完整存取權。Allows for full access to Azure Service Bus resources.
IdId 090c5cfd-751d-490a-894a-3ce6f1109419090c5cfd-751d-490a-894a-3ce6f1109419
動作Actions
Microsoft。Microsoft.ServiceBus/*
NotActionsNotActions
none
DataActionsDataActions
Microsoft。Microsoft.ServiceBus/*
NotDataActionsNotDataActions
none

Azure 服務匯流排資料接收器Azure Service Bus Data Receiver

說明Description 允許接收 Azure 服務匯流排資源的存取權。Allows for receive access to Azure Service Bus resources.
IdId 4f6d3b9b-027b-4f4c-9142-0e5a2a2247e04f6d3b9b-027b-4f4c-9142-0e5a2a2247e0
動作Actions
Microsoft. 匯流排/*/queues/readMicrosoft.ServiceBus/*/queues/read
Microsoft. 匯流排/*/topics/readMicrosoft.ServiceBus/*/topics/read
Microsoft. 匯流排/*/topics/subscriptions/readMicrosoft.ServiceBus/*/topics/subscriptions/read
NotActionsNotActions
none
DataActionsDataActions
Microsoft. 匯流排/*/receive/actionMicrosoft.ServiceBus/*/receive/action
NotDataActionsNotDataActions
none

Azure 服務匯流排資料寄件者Azure Service Bus Data Sender

說明Description 允許 Azure 服務匯流排資源的「傳送」存取權。Allows for send access to Azure Service Bus resources.
IdId 69a216fc-b8fb-44d8-bc22-1f3c2cd27a3969a216fc-b8fb-44d8-bc22-1f3c2cd27a39
動作Actions
Microsoft. 匯流排/*/queues/readMicrosoft.ServiceBus/*/queues/read
Microsoft. 匯流排/*/topics/readMicrosoft.ServiceBus/*/topics/read
Microsoft. 匯流排/*/topics/subscriptions/readMicrosoft.ServiceBus/*/topics/subscriptions/read
NotActionsNotActions
none
DataActionsDataActions
Microsoft. 匯流排/*/send/actionMicrosoft.ServiceBus/*/send/action
NotDataActionsNotDataActions
none

Azure Stack 註冊擁有者Azure Stack Registration Owner

說明Description 可讓您管理 Azure Stack 註冊。Lets you manage Azure Stack registrations.
IdId 6f12a6df-dd06-4f3e-bcb1-ce8be600526a6f12a6df-dd06-4f3e-bcb1-ce8be600526a
動作Actions
AzureStack/註冊/產品/*/actionMicrosoft.AzureStack/registrations/products/*/action
Microsoft.AzureStack/registrations/products/readMicrosoft.AzureStack/registrations/products/read 取得 Azure Stack Marketplace 產品的屬性Gets the properties of an Azure Stack Marketplace product
Microsoft.AzureStack/registrations/readMicrosoft.AzureStack/registrations/read 取得 Azure Stack 註冊的屬性Gets the properties of an Azure Stack registration
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

備份參與者Backup Contributor

說明Description 可讓您管理備份服務,但無法建立保存庫並將存取權授與其他人Lets you manage backup service, but can't create vaults and give access to others
IdId 5e467623-bb1f-42f4-a55d-6e525e11384b5e467623-bb1f-42f4-a55d-6e525e11384b
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.RecoveryServices/locations/*Microsoft.RecoveryServices/locations/*
Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/*Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/* 管理備份管理上作業的結果Manage results of operation on backup management
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/*Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/* 在復原服務保存庫的備份網狀架構內建立和管理備份容器Create and manage backup containers inside backup fabrics of Recovery Services vault
Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/actionMicrosoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action 重新整理容器清單Refreshes the container list
Microsoft.RecoveryServices/Vaults/backupJobs/*Microsoft.RecoveryServices/Vaults/backupJobs/* 建立和管理備份作業Create and manage backup jobs
Microsoft.RecoveryServices/Vaults/backupJobsExport/actionMicrosoft.RecoveryServices/Vaults/backupJobsExport/action 匯出作業Export Jobs
Microsoft.RecoveryServices/Vaults/backupManagementMetaData/*Microsoft.RecoveryServices/Vaults/backupManagementMetaData/* 建立和管理與備份管理相關的中繼資料Create and manage meta data related to backup management
Microsoft.RecoveryServices/Vaults/backupOperationResults/*Microsoft.RecoveryServices/Vaults/backupOperationResults/* 建立和管理備份管理作業的結果Create and manage Results of backup management operations
Microsoft.RecoveryServices/Vaults/backupPolicies/*Microsoft.RecoveryServices/Vaults/backupPolicies/* 建立和管理備份原則Create and manage backup policies
Microsoft.RecoveryServices/Vaults/backupProtectableItems/*Microsoft.RecoveryServices/Vaults/backupProtectableItems/* 建立和管理可以備份的項目Create and manage items which can be backed up
Microsoft.RecoveryServices/Vaults/backupProtectedItems/*Microsoft.RecoveryServices/Vaults/backupProtectedItems/* 建立和管理備份項目Create and manage backed up items
Microsoft.RecoveryServices/Vaults/backupProtectionContainers/*Microsoft.RecoveryServices/Vaults/backupProtectionContainers/* 建立和管理保存備份項目的容器Create and manage containers holding backup items
Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*Microsoft.RecoveryServices/Vaults/backupSecurityPIN/*
Microsoft.RecoveryServices/Vaults/backupUsageSummaries/readMicrosoft.RecoveryServices/Vaults/backupUsageSummaries/read 傳回復原服務之受保護項目和受保護伺服器的摘要。Returns summaries for Protected Items and Protected Servers for a Recovery Services .
Microsoft.RecoveryServices/Vaults/certificates/*Microsoft.RecoveryServices/Vaults/certificates/* 建立和管理備份復原服務保存庫中與備份相關的憑證Create and manage certificates related to backup in Recovery Services vault
Microsoft.RecoveryServices/Vaults/extendedInformation/*Microsoft.RecoveryServices/Vaults/extendedInformation/* 建立和管理與保存庫相關的擴充資訊Create and manage extended info related to vault
Microsoft.RecoveryServices/Vaults/monitoringAlerts/readMicrosoft.RecoveryServices/Vaults/monitoringAlerts/read 取得復原服務保存庫的警示。Gets the alerts for the Recovery services vault.
Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*
Microsoft.RecoveryServices/Vaults/readMicrosoft.RecoveryServices/Vaults/read 「取得保存庫」作業會取得物件,此物件代表 'vault' 類型的 Azure 資源The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/registeredIdentities/*Microsoft.RecoveryServices/Vaults/registeredIdentities/* 建立和管理註冊的身分識別Create and manage registered identities
Microsoft.RecoveryServices/Vaults/usages/*Microsoft.RecoveryServices/Vaults/usages/* 建立和管理復原服務保存庫的使用方式Create and manage usage of Recovery Services vault
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/readMicrosoft.Storage/storageAccounts/read 傳回儲存體帳戶清單,或取得指定儲存體帳戶的屬性。Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.RecoveryServices/Vaults/backupstorageconfig/*Microsoft.RecoveryServices/Vaults/backupstorageconfig/*
Microsoft.RecoveryServices/Vaults/backupconfig/*Microsoft.RecoveryServices/Vaults/backupconfig/*
Microsoft.RecoveryServices/Vaults/backupValidateOperation/actionMicrosoft.RecoveryServices/Vaults/backupValidateOperation/action 驗證受保護項目上的作業Validate Operation on Protected Item
Microsoft.RecoveryServices/Vaults/writeMicrosoft.RecoveryServices/Vaults/write 「建立保存庫」作業會建立 'vault' 類型的 Azure 資源Create Vault operation creates an Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/backupOperations/readMicrosoft.RecoveryServices/Vaults/backupOperations/read 傳回復原服務保存庫的備份作業狀態。Returns Backup Operation Status for Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/backupEngines/readMicrosoft.RecoveryServices/Vaults/backupEngines/read 傳回已向保存庫註冊的所有備份管理伺服器。Returns all the backup management servers registered with vault.
Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/*
Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read 取得所有可保護的容器Get all protectable containers
Microsoft.RecoveryServices/locations/backupStatus/actionMicrosoft.RecoveryServices/locations/backupStatus/action 檢查復原服務保存庫的備份狀態Check Backup Status for Recovery Services Vaults
Microsoft.RecoveryServices/locations/backupPreValidateProtection/actionMicrosoft.RecoveryServices/locations/backupPreValidateProtection/action
Microsoft.RecoveryServices/locations/backupValidateFeatures/actionMicrosoft.RecoveryServices/locations/backupValidateFeatures/action 驗證功能Validate Features
Microsoft.RecoveryServices/Vaults/monitoringAlerts/writeMicrosoft.RecoveryServices/Vaults/monitoringAlerts/write 解決警示。Resolves the alert.
Microsoft.RecoveryServices/operations/readMicrosoft.RecoveryServices/operations/read 作業會傳回資源提供者的作業清單Operation returns the list of Operations for a Resource Provider
Microsoft.RecoveryServices/locations/operationStatus/readMicrosoft.RecoveryServices/locations/operationStatus/read 取得給定作業的作業狀態Gets Operation Status for a given Operation
Microsoft.RecoveryServices/Vaults/backupProtectionIntents/readMicrosoft.RecoveryServices/Vaults/backupProtectionIntents/read 列出所有的備份保護用途List all backup Protection Intents
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

備份操作員Backup Operator

說明Description 可讓您管理備份服務,但無法移除備份、建立保存庫及為其他人提供存取權Lets you manage backup services, except removal of backup, vault creation and giving access to others
IdId 00c29273-979b-4161-815c-10b084fb932400c29273-979b-4161-815c-10b084fb9324
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/readMicrosoft.RecoveryServices/Vaults/backupFabrics/operationResults/read 傳回作業的狀態Returns status of the operation
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read 取得對保護容器執行之作業的結果。Gets result of Operation performed on Protection Container.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/actionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/backup/action 對受保護的項目執行備份。Performs Backup for Protected Item.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read 取得對受保護項目執行之作業的結果。Gets Result of Operation Performed on Protected Items.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read 傳回對受保護項目執行之作業的狀態。Returns the status of Operation performed on Protected Items.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read 傳回受保護項目的物件詳細資料Returns object details of the Protected Item
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/actionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/provisionInstantItemRecovery/action 為受保護的項目佈建即時項目復原Provision Instant Item Recovery for Protected Item
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read 取得受保護項目的復原點。Get Recovery Points for Protected Items.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/actionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/restore/action 還原受保護項目的復原點。Restore Recovery Points for Protected Items.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/actionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/revokeInstantItemRecovery/action 為受保護的項目撤銷即時項目復原Revoke Instant Item Recovery for Protected Item
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/writeMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write 建立備用的受保護項目Create a backup Protected Item
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read 傳回所有已註冊的容器Returns all registered containers
Microsoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/actionMicrosoft.RecoveryServices/Vaults/backupFabrics/refreshContainers/action 重新整理容器清單Refreshes the container list
Microsoft.RecoveryServices/Vaults/backupJobs/*Microsoft.RecoveryServices/Vaults/backupJobs/* 建立和管理備份作業Create and manage backup jobs
Microsoft.RecoveryServices/Vaults/backupJobsExport/actionMicrosoft.RecoveryServices/Vaults/backupJobsExport/action 匯出作業Export Jobs
Microsoft.RecoveryServices/Vaults/backupManagementMetaData/readMicrosoft.RecoveryServices/Vaults/backupManagementMetaData/read
Microsoft.RecoveryServices/Vaults/backupOperationResults/*Microsoft.RecoveryServices/Vaults/backupOperationResults/* 建立和管理備份管理作業的結果Create and manage Results of backup management operations
Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/readMicrosoft.RecoveryServices/Vaults/backupPolicies/operationResults/read 取得原則作業的結果。Get Results of Policy Operation.
Microsoft.RecoveryServices/Vaults/backupPolicies/readMicrosoft.RecoveryServices/Vaults/backupPolicies/read 傳回所有保護原則Returns all Protection Policies
Microsoft.RecoveryServices/Vaults/backupProtectableItems/*Microsoft.RecoveryServices/Vaults/backupProtectableItems/* 建立和管理可以備份的項目Create and manage items which can be backed up
Microsoft.RecoveryServices/Vaults/backupProtectedItems/readMicrosoft.RecoveryServices/Vaults/backupProtectedItems/read 傳回所有受保護項目的清單。Returns the list of all Protected Items.
Microsoft.RecoveryServices/Vaults/backupProtectionContainers/readMicrosoft.RecoveryServices/Vaults/backupProtectionContainers/read 傳回屬於訂用帳戶的所有容器Returns all containers belonging to the subscription
Microsoft.RecoveryServices/Vaults/backupUsageSummaries/readMicrosoft.RecoveryServices/Vaults/backupUsageSummaries/read 傳回復原服務之受保護項目和受保護伺服器的摘要。Returns summaries for Protected Items and Protected Servers for a Recovery Services .
Microsoft.RecoveryServices/Vaults/certificates/writeMicrosoft.RecoveryServices/Vaults/certificates/write 「更新資源憑證」作業會更新資源/保存庫的認證憑證。The Update Resource Certificate operation updates the resource/vault credential certificate.
Microsoft.RecoveryServices/Vaults/extendedInformation/readMicrosoft.RecoveryServices/Vaults/extendedInformation/read 「取得延伸資訊」作業會取得物件的延伸資訊,此延伸資訊代表 'vault' 類型的 Azure 資源The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft.RecoveryServices/Vaults/extendedInformation/writeMicrosoft.RecoveryServices/Vaults/extendedInformation/write 「取得延伸資訊」作業會取得物件的延伸資訊,此延伸資訊代表 'vault' 類型的 Azure 資源The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft.RecoveryServices/Vaults/monitoringAlerts/readMicrosoft.RecoveryServices/Vaults/monitoringAlerts/read 取得復原服務保存庫的警示。Gets the alerts for the Recovery services vault.
Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*
Microsoft.RecoveryServices/Vaults/readMicrosoft.RecoveryServices/Vaults/read 「取得保存庫」作業會取得物件,此物件代表 'vault' 類型的 Azure 資源The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read 「取得作業結果」作業可用來取得以非同步方式提交之作業的作業狀態和結果The Get Operation Results operation can be used get the operation status and result for the asynchronously submitted operation
Microsoft.RecoveryServices/Vaults/registeredIdentities/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/read 「取得容器」作業可用來取得為資源註冊的容器。The Get Containers operation can be used get the containers registered for a resource.
Microsoft.RecoveryServices/Vaults/registeredIdentities/writeMicrosoft.RecoveryServices/Vaults/registeredIdentities/write 「註冊服務容器」作業可用來向復原服務註冊容器。The Register Service Container operation can be used to register a container with Recovery Service.
Microsoft.RecoveryServices/Vaults/usages/readMicrosoft.RecoveryServices/Vaults/usages/read 傳回復原服務保存庫的使用量詳細資料。Returns usage details for a Recovery Services Vault.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/readMicrosoft.Storage/storageAccounts/read 傳回儲存體帳戶清單,或取得指定儲存體帳戶的屬性。Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.RecoveryServices/Vaults/backupstorageconfig/*Microsoft.RecoveryServices/Vaults/backupstorageconfig/*
Microsoft.RecoveryServices/Vaults/backupValidateOperation/actionMicrosoft.RecoveryServices/Vaults/backupValidateOperation/action 驗證受保護項目上的作業Validate Operation on Protected Item
Microsoft.RecoveryServices/Vaults/backupOperations/readMicrosoft.RecoveryServices/Vaults/backupOperations/read 傳回復原服務保存庫的備份作業狀態。Returns Backup Operation Status for Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/backupPolicies/operations/readMicrosoft.RecoveryServices/Vaults/backupPolicies/operations/read 取得原則作業的狀態。Get Status of Policy Operation.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/writeMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/write 建立已註冊的容器Creates a registered container
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/actionMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/inquire/action 執行容器內工作負載的查詢Do inquiry for workloads within a container
Microsoft.RecoveryServices/Vaults/backupEngines/readMicrosoft.RecoveryServices/Vaults/backupEngines/read 傳回已向保存庫註冊的所有備份管理伺服器。Returns all the backup management servers registered with vault.
Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/writeMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write 建立備份保護用途Create a backup Protection Intent
Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/readMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read 取得備份保護用途Get a backup Protection Intent
Microsoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectableContainers/read 取得所有可保護的容器Get all protectable containers
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read 取得容器中的所有項目Get all items in a container
Microsoft.RecoveryServices/locations/backupStatus/actionMicrosoft.RecoveryServices/locations/backupStatus/action 檢查復原服務保存庫的備份狀態Check Backup Status for Recovery Services Vaults
Microsoft.RecoveryServices/locations/backupPreValidateProtection/actionMicrosoft.RecoveryServices/locations/backupPreValidateProtection/action
Microsoft.RecoveryServices/locations/backupValidateFeatures/actionMicrosoft.RecoveryServices/locations/backupValidateFeatures/action 驗證功能Validate Features
Microsoft.RecoveryServices/Vaults/monitoringAlerts/writeMicrosoft.RecoveryServices/Vaults/monitoringAlerts/write 解決警示。Resolves the alert.
Microsoft.RecoveryServices/operations/readMicrosoft.RecoveryServices/operations/read 作業會傳回資源提供者的作業清單Operation returns the list of Operations for a Resource Provider
Microsoft.RecoveryServices/locations/operationStatus/readMicrosoft.RecoveryServices/locations/operationStatus/read 取得給定作業的作業狀態Gets Operation Status for a given Operation
Microsoft.RecoveryServices/Vaults/backupProtectionIntents/readMicrosoft.RecoveryServices/Vaults/backupProtectionIntents/read 列出所有的備份保護用途List all backup Protection Intents
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

備份讀取者Backup Reader

說明Description 可以檢視備份服務,但無法進行變更Can view backup services, but can't make changes
IdId a795c7a0-d4a2-40c1-ae25-d81f01202912a795c7a0-d4a2-40c1-ae25-d81f01202912
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.RecoveryServices/locations/allocatedStamp/readMicrosoft.RecoveryServices/locations/allocatedStamp/read GetAllocatedStamp 是服務所使用的內部作業GetAllocatedStamp is internal operation used by service
Microsoft.RecoveryServices/Vaults/backupFabrics/operationResults/readMicrosoft.RecoveryServices/Vaults/backupFabrics/operationResults/read 傳回作業的狀態Returns status of the operation
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/operationResults/read 取得對保護容器執行之作業的結果。Gets result of Operation performed on Protection Container.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationResults/read 取得對受保護項目執行之作業的結果。Gets Result of Operation Performed on Protected Items.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/operationsStatus/read 傳回對受保護項目執行之作業的狀態。Returns the status of Operation performed on Protected Items.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read 傳回受保護項目的物件詳細資料Returns object details of the Protected Item
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/recoveryPoints/read 取得受保護項目的復原點。Get Recovery Points for Protected Items.
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/read 傳回所有已註冊的容器Returns all registered containers
Microsoft.RecoveryServices/Vaults/backupJobs/operationResults/readMicrosoft.RecoveryServices/Vaults/backupJobs/operationResults/read 傳回作業的作業結果。Returns the Result of Job Operation.
Microsoft.RecoveryServices/Vaults/backupJobs/readMicrosoft.RecoveryServices/Vaults/backupJobs/read 傳回所有作業物件Returns all Job Objects
Microsoft.RecoveryServices/Vaults/backupJobsExport/actionMicrosoft.RecoveryServices/Vaults/backupJobsExport/action 匯出作業Export Jobs
Microsoft.RecoveryServices/Vaults/backupManagementMetaData/readMicrosoft.RecoveryServices/Vaults/backupManagementMetaData/read
Microsoft.RecoveryServices/Vaults/backupOperationResults/readMicrosoft.RecoveryServices/Vaults/backupOperationResults/read 傳回復原服務保存庫的備份作業結果。Returns Backup Operation Result for Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/backupPolicies/operationResults/readMicrosoft.RecoveryServices/Vaults/backupPolicies/operationResults/read 取得原則作業的結果。Get Results of Policy Operation.
Microsoft.RecoveryServices/Vaults/backupPolicies/readMicrosoft.RecoveryServices/Vaults/backupPolicies/read 傳回所有保護原則Returns all Protection Policies
Microsoft.RecoveryServices/Vaults/backupProtectedItems/readMicrosoft.RecoveryServices/Vaults/backupProtectedItems/read 傳回所有受保護項目的清單。Returns the list of all Protected Items.
Microsoft.RecoveryServices/Vaults/backupProtectionContainers/readMicrosoft.RecoveryServices/Vaults/backupProtectionContainers/read 傳回屬於訂用帳戶的所有容器Returns all containers belonging to the subscription
Microsoft.RecoveryServices/Vaults/backupUsageSummaries/readMicrosoft.RecoveryServices/Vaults/backupUsageSummaries/read 傳回復原服務之受保護項目和受保護伺服器的摘要。Returns summaries for Protected Items and Protected Servers for a Recovery Services .
Microsoft.RecoveryServices/Vaults/extendedInformation/readMicrosoft.RecoveryServices/Vaults/extendedInformation/read 「取得延伸資訊」作業會取得物件的延伸資訊,此延伸資訊代表 'vault' 類型的 Azure 資源The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft.RecoveryServices/Vaults/monitoringAlerts/readMicrosoft.RecoveryServices/Vaults/monitoringAlerts/read 取得復原服務保存庫的警示。Gets the alerts for the Recovery services vault.
Microsoft.RecoveryServices/Vaults/readMicrosoft.RecoveryServices/Vaults/read 「取得保存庫」作業會取得物件,此物件代表 'vault' 類型的 Azure 資源The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read 「取得作業結果」作業可用來取得以非同步方式提交之作業的作業狀態和結果The Get Operation Results operation can be used get the operation status and result for the asynchronously submitted operation
Microsoft.RecoveryServices/Vaults/registeredIdentities/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/read 「取得容器」作業可用來取得為資源註冊的容器。The Get Containers operation can be used get the containers registered for a resource.
Microsoft.RecoveryServices/Vaults/backupstorageconfig/readMicrosoft.RecoveryServices/Vaults/backupstorageconfig/read 傳回復原服務保存庫的儲存體組態。Returns Storage Configuration for Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/backupconfig/readMicrosoft.RecoveryServices/Vaults/backupconfig/read 傳回復原服務保存庫的組態。Returns Configuration for Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/backupOperations/readMicrosoft.RecoveryServices/Vaults/backupOperations/read 傳回復原服務保存庫的備份作業狀態。Returns Backup Operation Status for Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/backupPolicies/operations/readMicrosoft.RecoveryServices/Vaults/backupPolicies/operations/read 取得原則作業的狀態。Get Status of Policy Operation.
Microsoft.RecoveryServices/Vaults/backupEngines/readMicrosoft.RecoveryServices/Vaults/backupEngines/read 傳回已向保存庫註冊的所有備份管理伺服器。Returns all the backup management servers registered with vault.
Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/readMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/read 取得備份保護用途Get a backup Protection Intent
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/items/read 取得容器中的所有項目Get all items in a container
Microsoft.RecoveryServices/locations/backupStatus/actionMicrosoft.RecoveryServices/locations/backupStatus/action 檢查復原服務保存庫的備份狀態Check Backup Status for Recovery Services Vaults
Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*Microsoft.RecoveryServices/Vaults/monitoringConfigurations/*
Microsoft.RecoveryServices/Vaults/monitoringAlerts/writeMicrosoft.RecoveryServices/Vaults/monitoringAlerts/write 解決警示。Resolves the alert.
Microsoft.RecoveryServices/operations/readMicrosoft.RecoveryServices/operations/read 作業會傳回資源提供者的作業清單Operation returns the list of Operations for a Resource Provider
Microsoft.RecoveryServices/locations/operationStatus/readMicrosoft.RecoveryServices/locations/operationStatus/read 取得給定作業的作業狀態Gets Operation Status for a given Operation
Microsoft.RecoveryServices/Vaults/backupProtectionIntents/readMicrosoft.RecoveryServices/Vaults/backupProtectionIntents/read 列出所有的備份保護用途List all backup Protection Intents
Microsoft.RecoveryServices/Vaults/usages/readMicrosoft.RecoveryServices/Vaults/usages/read 傳回復原服務保存庫的使用量詳細資料。Returns usage details for a Recovery Services Vault.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

帳單讀取器Billing Reader

說明Description 允許對計費資料進行讀取存取Allows read access to billing data
IdId fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64fa23ad8b-c56e-40d8-ac0c-ce449e1d2c64
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Billing/*/readMicrosoft.Billing/*/read 讀取帳單資訊Read Billing information
Microsoft.Commerce/*/readMicrosoft.Commerce/*/read
Microsoft.Consumption/*/readMicrosoft.Consumption/*/read
Microsoft.Management/managementGroups/readMicrosoft.Management/managementGroups/read 列出已驗證之使用者的管理群組。List management groups for the authenticated user.
Microsoft.CostManagement/*/readMicrosoft.CostManagement/*/read
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

BizTalk 參與者BizTalk Contributor

說明Description 可讓您管理 BizTalk 服務,但無法存取它們。Lets you manage BizTalk services, but not access to them.
IdId 5e3c6656-6cfa-4708-81fe-0de47ac733425e3c6656-6cfa-4708-81fe-0de47ac73342
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.BizTalkServices/BizTalk/*Microsoft.BizTalkServices/BizTalk/* 建立和管理 BizTalk 服務Create and manage BizTalk services
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

區塊鏈成員節點存取(預覽)Blockchain Member Node Access (Preview)

說明Description 允許存取區塊鏈成員節點Allows for access to Blockchain Member nodes
IdId 31a002a1-acaf-453e-8a5b-297c9ca1ea2431a002a1-acaf-453e-8a5b-297c9ca1ea24
動作Actions
區塊鏈/blockchainMembers/transactionNodes/readMicrosoft.Blockchain/blockchainMembers/transactionNodes/read 取得或列出現有的區塊鏈成員交易節點。Gets or Lists existing Blockchain Member Transaction Node(s).
NotActionsNotActions
none
DataActionsDataActions
區塊鏈/blockchainMembers/transactionNodes/connect/actionMicrosoft.Blockchain/blockchainMembers/transactionNodes/connect/action 連接到區塊鏈成員交易節點。Connects to a Blockchain Member Transaction Node.
NotDataActionsNotDataActions
none

藍圖參與者Blueprint Contributor

說明Description 可以管理藍圖定義,但不能加以指派。Can manage blueprint definitions, but not assign them.
IdId 41077137-e803-4205-871c-5a86e6a753b441077137-e803-4205-871c-5a86e6a753b4
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft 藍圖/藍圖/*Microsoft.Blueprint/blueprints/* 建立和管理藍圖定義或藍圖構件。Create and manage blueprint definitions or blueprint artifacts.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

藍圖運算子Blueprint Operator

說明Description 可以指派現有的已發行藍圖,但無法建立新的藍圖。Can assign existing published blueprints, but cannot create new blueprints. 注意:這僅適用于使用使用者指派的受控識別來完成指派。NOTE: this only works if the assignment is done with a user-assigned managed identity.
IdId 437d2ced-4a38-4302-8479-ed2bcb43d090437d2ced-4a38-4302-8479-ed2bcb43d090
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft. 藍圖/blueprintAssignments/*Microsoft.Blueprint/blueprintAssignments/* 建立和管理藍圖指派。Create and manage blueprint assignments.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

CDN 端點參與者CDN Endpoint Contributor

說明Description 可管理 CDN 端點,但無法對其他使用者授與存取權。Can manage CDN endpoints, but can’t grant access to other users.
IdId 426e0c7f-0c7e-4658-b36f-ff54d6c29b45426e0c7f-0c7e-4658-b36f-ff54d6c29b45
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Cdn/edgenodes/readMicrosoft.Cdn/edgenodes/read
Microsoft.Cdn/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft.Cdn/profiles/endpoints/*Microsoft.Cdn/profiles/endpoints/*
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

CDN 端點讀者CDN Endpoint Reader

說明Description 可檢視 CDN 端點,但無法進行變更。Can view CDN endpoints, but can’t make changes.
IdId 871e35f6-b5c1-49cc-a043-bde969a0f2cd871e35f6-b5c1-49cc-a043-bde969a0f2cd
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Cdn/edgenodes/readMicrosoft.Cdn/edgenodes/read
Microsoft.Cdn/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft.Cdn/profiles/endpoints/*/readMicrosoft.Cdn/profiles/endpoints/*/read
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

CDN 設定檔參與者CDN Profile Contributor

說明Description 可管理 CDN 設定檔及其端點,但無法對其他使用者授與存取權。Can manage CDN profiles and their endpoints, but can’t grant access to other users.
IdId ec156ff8-a8d1-4d15-830c-5b80698ca432ec156ff8-a8d1-4d15-830c-5b80698ca432
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Cdn/edgenodes/readMicrosoft.Cdn/edgenodes/read
Microsoft.Cdn/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft.Cdn/profiles/*Microsoft.Cdn/profiles/*
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

CDN 設定檔讀者CDN Profile Reader

說明Description 可檢視 CDN 設定檔及其端點,但無法進行變更。Can view CDN profiles and their endpoints, but can’t make changes.
IdId 8f96442b-4075-438f-813d-ad51ab4019af8f96442b-4075-438f-813d-ad51ab4019af
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Cdn/edgenodes/readMicrosoft.Cdn/edgenodes/read
Microsoft.Cdn/operationresults/*Microsoft.Cdn/operationresults/*
Microsoft.Cdn/profiles/*/readMicrosoft.Cdn/profiles/*/read
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

傳統網路參與者Classic Network Contributor

說明Description 可讓您管理傳統網路,但無法存取它們。Lets you manage classic networks, but not access to them.
IdId b34d265f-36f7-4a0d-a4d4-e158ca92e90fb34d265f-36f7-4a0d-a4d4-e158ca92e90f
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.ClassicNetwork/*Microsoft.ClassicNetwork/* 建立和管理傳統網路Create and manage classic networks
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

傳統儲存體帳戶參與者Classic Storage Account Contributor

說明Description 可讓您管理傳統儲存體帳戶,但無法存取它們。Lets you manage classic storage accounts, but not access to them.
IdId 86e8f5dc-a6e9-4c67-9d15-de283e8eac2586e8f5dc-a6e9-4c67-9d15-de283e8eac25
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.ClassicStorage/storageAccounts/*Microsoft.ClassicStorage/storageAccounts/* 建立及管理儲存體帳戶Create and manage storage accounts
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

傳統儲存體帳戶金鑰操作員服務角色Classic Storage Account Key Operator Service Role

說明Description 「傳統儲存體帳戶金鑰操作員」可以列出及重新產生「傳統儲存體帳戶」的金鑰Classic Storage Account Key Operators are allowed to list and regenerate keys on Classic Storage Accounts
IdId 985d6b00-f706-48f5-a6fe-d0ca12fb668d985d6b00-f706-48f5-a6fe-d0ca12fb668d
動作Actions
Microsoft.ClassicStorage/storageAccounts/listkeys/actionMicrosoft.ClassicStorage/storageAccounts/listkeys/action 列出儲存體帳戶的存取金鑰。Lists the access keys for the storage accounts.
Microsoft.ClassicStorage/storageAccounts/regeneratekey/actionMicrosoft.ClassicStorage/storageAccounts/regeneratekey/action 重新產生儲存體帳戶的現有存取金鑰。Regenerates the existing access keys for the storage account.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

傳統虛擬機器參與者Classic Virtual Machine Contributor

說明Description 可讓您管理傳統虛擬機器 (不含虛擬機器所連線的虛擬網路或儲存體帳戶),但無法存取它們。Lets you manage classic virtual machines, but not access to them, and not the virtual network or storage account they’re connected to.
IdId d73bb868-a0df-4d4d-bd69-98a00b01fccbd73bb868-a0df-4d4d-bd69-98a00b01fccb
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.ClassicCompute/domainNames/*Microsoft.ClassicCompute/domainNames/* 建立和管理傳統運算網域名稱Create and manage classic compute domain names
Microsoft.ClassicCompute/virtualMachines/*Microsoft.ClassicCompute/virtualMachines/* 建立和管理虛擬機器Create and manage virtual machines
Microsoft.ClassicNetwork/networkSecurityGroups/join/actionMicrosoft.ClassicNetwork/networkSecurityGroups/join/action
Microsoft.ClassicNetwork/reservedIps/link/actionMicrosoft.ClassicNetwork/reservedIps/link/action 連結保留的 IPLink a reserved Ip
Microsoft.ClassicNetwork/reservedIps/readMicrosoft.ClassicNetwork/reservedIps/read 取得保留的 IPGets the reserved Ips
Microsoft.ClassicNetwork/virtualNetworks/join/actionMicrosoft.ClassicNetwork/virtualNetworks/join/action 加入虛擬網路。Joins the virtual network.
Microsoft.ClassicNetwork/virtualNetworks/readMicrosoft.ClassicNetwork/virtualNetworks/read 取得虛擬網路。Get the virtual network.
Microsoft.ClassicStorage/storageAccounts/disks/readMicrosoft.ClassicStorage/storageAccounts/disks/read 傳回儲存體帳戶磁碟。Returns the storage account disk.
Microsoft.ClassicStorage/storageAccounts/images/readMicrosoft.ClassicStorage/storageAccounts/images/read 傳回儲存體帳戶映像。Returns the storage account image. (已被取代。(Deprecated. 使用 'Microsoft.ClassicStorage/storageAccounts/vmImages')Use 'Microsoft.ClassicStorage/storageAccounts/vmImages')
Microsoft.ClassicStorage/storageAccounts/listKeys/actionMicrosoft.ClassicStorage/storageAccounts/listKeys/action 列出儲存體帳戶的存取金鑰。Lists the access keys for the storage accounts.
Microsoft.ClassicStorage/storageAccounts/readMicrosoft.ClassicStorage/storageAccounts/read 傳回具有給定帳戶的儲存體帳戶。Return the storage account with the given account.
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

認知服務參與者Cognitive Services Contributor

說明Description 可讓您建立、讀取、更新、刪除及管理認知服務的金鑰。Lets you create, read, update, delete and manage keys of Cognitive Services.
IdId 25fbc0a9-bd7c-42a3-aa1a-3b75d497ee6825fbc0a9-bd7c-42a3-aa1a-3b75d497ee68
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.CognitiveServices/*Microsoft.CognitiveServices/*
Microsoft.Features/features/readMicrosoft.Features/features/read 取得訂用帳戶的功能。Gets the features of a subscription.
Microsoft.Features/providers/features/readMicrosoft.Features/providers/features/read 取得給定資源提供者中某個訂用帳戶的功能。Gets the feature of a subscription in a given resource provider.
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* 建立、更新或讀取 Analysis Server 的診斷設定Creates, updates, or reads the diagnostic setting for Analysis Server
Microsoft.Insights/logDefinitions/readMicrosoft.Insights/logDefinitions/read 讀取記錄定義Read log definitions
Microsoft.Insights/metricdefinitions/readMicrosoft.Insights/metricdefinitions/read 讀取計量定義Read metric definitions
Microsoft.Insights/metrics/readMicrosoft.Insights/metrics/read 讀取計量Read metrics
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/deployments/operations/readMicrosoft.Resources/deployments/operations/read 取得或列出部署作業。Gets or lists deployment operations.
Microsoft.Resources/subscriptions/operationresults/readMicrosoft.Resources/subscriptions/operationresults/read 取得訂用帳戶作業結果。Get the subscription operation results.
Microsoft.Resources/subscriptions/readMicrosoft.Resources/subscriptions/read 取得訂用帳戶清單。Gets the list of subscriptions.
Microsoft.Resources/subscriptions/resourcegroups/deployments/*Microsoft.Resources/subscriptions/resourcegroups/deployments/*
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

認知服務資料讀取器(預覽)Cognitive Services Data Reader (Preview)

說明Description 可讓您讀取認知服務資料。Lets you read Cognitive Services data.
IdId b59867f0-fa02-499b-be73-45a86b5b3e1cb59867f0-fa02-499b-be73-45a86b5b3e1c
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
Microsoft.CognitiveServices/*/readMicrosoft.CognitiveServices/*/read
NotDataActionsNotDataActions
none

認知服務使用者Cognitive Services User

說明Description 可讓您讀取和列出認知服務的金鑰。Lets you read and list keys of Cognitive Services.
IdId a97b65f3-24c7-4388-baec-2e87135dc908a97b65f3-24c7-4388-baec-2e87135dc908
動作Actions
Microsoft.CognitiveServices/*/readMicrosoft.CognitiveServices/*/read
Microsoft.CognitiveServices/accounts/listkeys/actionMicrosoft.CognitiveServices/accounts/listkeys/action 列出金鑰List Keys
Microsoft.Insights/alertRules/readMicrosoft.Insights/alertRules/read 讀取傳統計量警示Read a classic metric alert
Microsoft.Insights/diagnosticSettings/readMicrosoft.Insights/diagnosticSettings/read 讀取資源診斷設定Read a resource diagnostic setting
Microsoft.Insights/logDefinitions/readMicrosoft.Insights/logDefinitions/read 讀取記錄定義Read log definitions
Microsoft.Insights/metricdefinitions/readMicrosoft.Insights/metricdefinitions/read 讀取計量定義Read metric definitions
Microsoft.Insights/metrics/readMicrosoft.Insights/metrics/read 讀取計量Read metrics
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/operations/readMicrosoft.Resources/deployments/operations/read 取得或列出部署作業。Gets or lists deployment operations.
Microsoft.Resources/subscriptions/operationresults/readMicrosoft.Resources/subscriptions/operationresults/read 取得訂用帳戶作業結果。Get the subscription operation results.
Microsoft.Resources/subscriptions/readMicrosoft.Resources/subscriptions/read 取得訂用帳戶清單。Gets the list of subscriptions.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
Microsoft.CognitiveServices/*Microsoft.CognitiveServices/*
NotDataActionsNotDataActions
none

Cosmos DB 帳戶讀者角色Cosmos DB Account Reader Role

說明Description 可以讀取 Azure Cosmos DB 帳戶資料。Can read Azure Cosmos DB account data. 請參閱 DocumentDB 帳戶參與者以管理 Azure Cosmos DB 帳戶。See DocumentDB Account Contributor for managing Azure Cosmos DB accounts.
IdId fbdf93bf-df7d-467e-a4d2-9458aa1360c8fbdf93bf-df7d-467e-a4d2-9458aa1360c8
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派,可以讀取提供給每個使用者的權限Read roles and role assignments, can read permissions given to each user
Microsoft.DocumentDB/*/readMicrosoft.DocumentDB/*/read 讀取任何集合Read any collection
Microsoft.DocumentDB/databaseAccounts/readonlykeys/actionMicrosoft.DocumentDB/databaseAccounts/readonlykeys/action 讀取資料庫帳戶的唯讀金鑰。Reads the database account readonly keys.
Microsoft.Insights/MetricDefinitions/readMicrosoft.Insights/MetricDefinitions/read 讀取計量定義Read metric definitions
Microsoft.Insights/Metrics/readMicrosoft.Insights/Metrics/read 讀取計量Read metrics
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Cosmos DB 運算子Cosmos DB Operator

說明Description 可讓您管理 Azure Cosmos DB 帳戶,但不能存取其中的資料。Lets you manage Azure Cosmos DB accounts, but not access data in them. 防止存取帳戶金鑰和連接字串。Prevents access to account keys and connection strings.
IdId 230815da-be43-4aae-9cb4-875f7bd000aa230815da-be43-4aae-9cb4-875f7bd000aa
動作Actions
Microsoft.DocumentDb/databaseAccounts/*Microsoft.DocumentDb/databaseAccounts/*
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
Microsoft DocumentDB/databaseAccounts/readonlyKeys/*Microsoft.DocumentDB/databaseAccounts/readonlyKeys/*
Microsoft DocumentDB/databaseAccounts/regenerateKey/*Microsoft.DocumentDB/databaseAccounts/regenerateKey/*
Microsoft DocumentDB/databaseAccounts/listKeys/*Microsoft.DocumentDB/databaseAccounts/listKeys/*
Microsoft DocumentDB/databaseAccounts/listConnectionStrings/*Microsoft.DocumentDB/databaseAccounts/listConnectionStrings/*
DataActionsDataActions
none
NotDataActionsNotDataActions
none

CosmosBackupOperatorCosmosBackupOperator

說明Description 可為帳戶的 Cosmos DB 資料庫或容器提交還原要求Can submit restore request for a Cosmos DB database or a container for an account
IdId db7b14f2-5adf-42da-9f96-f2ee17bab5cbdb7b14f2-5adf-42da-9f96-f2ee17bab5cb
動作Actions
Microsoft.DocumentDB/databaseAccounts/backup/actionMicrosoft.DocumentDB/databaseAccounts/backup/action 提交要求以設定備份Submit a request to configure backup
Microsoft.DocumentDB/databaseAccounts/restore/actionMicrosoft.DocumentDB/databaseAccounts/restore/action 提交還原要求Submit a restore request
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

成本管理參與者Cost Management Contributor

說明Description 可檢視成本和管理成本組態 (例如預算、匯出)Can view costs and manage cost configuration (e.g. budgets, exports)
IdId 434105ed-43f6-45c7-a02f-909b2ba83430434105ed-43f6-45c7-a02f-909b2ba83430
動作Actions
Microsoft.Consumption/*Microsoft.Consumption/*
Microsoft.CostManagement/*Microsoft.CostManagement/*
Microsoft.Billing/billingPeriods/readMicrosoft.Billing/billingPeriods/read
Microsoft.Resources/subscriptions/readMicrosoft.Resources/subscriptions/read 取得訂用帳戶清單。Gets the list of subscriptions.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Advisor/configurations/readMicrosoft.Advisor/configurations/read 取得組態Get configurations
Microsoft.Advisor/recommendations/readMicrosoft.Advisor/recommendations/read 讀取建議Reads recommendations
Microsoft.Management/managementGroups/readMicrosoft.Management/managementGroups/read 列出已驗證之使用者的管理群組。List management groups for the authenticated user.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

成本管理讀者Cost Management Reader

說明Description 可檢視成本資料和組態 (例如預算、匯出)Can view cost data and configuration (e.g. budgets, exports)
IdId 72fafb9e-0641-4937-9268-a91bfd8191a372fafb9e-0641-4937-9268-a91bfd8191a3
動作Actions
Microsoft.Consumption/*/readMicrosoft.Consumption/*/read
Microsoft.CostManagement/*/readMicrosoft.CostManagement/*/read
Microsoft.Billing/billingPeriods/readMicrosoft.Billing/billingPeriods/read
Microsoft.Resources/subscriptions/readMicrosoft.Resources/subscriptions/read 取得訂用帳戶清單。Gets the list of subscriptions.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Advisor/configurations/readMicrosoft.Advisor/configurations/read 取得組態Get configurations
Microsoft.Advisor/recommendations/readMicrosoft.Advisor/recommendations/read 讀取建議Reads recommendations
Microsoft.Management/managementGroups/readMicrosoft.Management/managementGroups/read 列出已驗證之使用者的管理群組。List management groups for the authenticated user.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

資料箱參與者Data Box Contributor

說明Description 可讓您管理資料箱服務下的所有項目,為他人賦予存取權除外。Lets you manage everything under Data Box Service except giving access to others.
IdId add466c9-e687-43fc-8d98-dfcf8d720be5add466c9-e687-43fc-8d98-dfcf8d720be5
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Databox/*Microsoft.Databox/*
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

資料箱讀者Data Box Reader

說明Description 可讓您管理資料箱服務,建立訂單或編輯訂單詳細資料和為他人賦予存取權除外。Lets you manage Data Box Service except creating order or editing order details and giving access to others.
IdId 028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027028f4ed7-e2a9-465e-a8f4-9c0ffdfdc027
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Databox/*/readMicrosoft.Databox/*/read
Microsoft.Databox/jobs/listsecrets/actionMicrosoft.Databox/jobs/listsecrets/action
Microsoft.Databox/jobs/listcredentials/actionMicrosoft.Databox/jobs/listcredentials/action 列出與訂單相關的未加密認證。Lists the unencrypted credentials related to the order.
Microsoft.Databox/locations/availableSkus/actionMicrosoft.Databox/locations/availableSkus/action 此方法會傳回可用的 SKU 清單。This method returns the list of available skus.
Databox/位置/validateAddress/動作Microsoft.Databox/locations/validateAddress/action 驗證出貨地址,並提供備用的地址 (若有的話)。Validates the shipping address and provides alternate addresses if any.
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Data Factory 參與者Data Factory Contributor

說明Description 建立和管理 Data Factory,以及其中的子資源。Create and manage data factories, as well as child resources within them.
IdId 673868aa-7521-48a0-acc6-0f60742d39f5673868aa-7521-48a0-acc6-0f60742d39f5
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.DataFactory/dataFactories/*Microsoft.DataFactory/dataFactories/* 建立和管理 Data Factory 以及其中的子資源。Create and manage data factories, and child resources within them.
Microsoft.DataFactory/factories/*Microsoft.DataFactory/factories/* 建立和管理 Data Factory 以及其中的子資源。Create and manage data factories, and child resources within them.
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Data Lake Analytics 開發人員Data Lake Analytics Developer

說明Description 可讓您提交、監視及管理您自己的作業,但無法建立或刪除 Data Lake Analytics 帳戶。Lets you submit, monitor, and manage your own jobs but not create or delete Data Lake Analytics accounts.
IdId 47b7735b-770e-4598-a7da-8b91488b4c8847b7735b-770e-4598-a7da-8b91488b4c88
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.BigAnalytics/accounts/*Microsoft.BigAnalytics/accounts/*
Microsoft.DataLakeAnalytics/accounts/*Microsoft.DataLakeAnalytics/accounts/*
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
Microsoft.BigAnalytics/accounts/DeleteMicrosoft.BigAnalytics/accounts/Delete
Microsoft.BigAnalytics/accounts/TakeOwnership/actionMicrosoft.BigAnalytics/accounts/TakeOwnership/action
Microsoft.BigAnalytics/accounts/WriteMicrosoft.BigAnalytics/accounts/Write
Microsoft.DataLakeAnalytics/accounts/DeleteMicrosoft.DataLakeAnalytics/accounts/Delete 刪除 DataLakeAnalytics 帳戶。Delete a DataLakeAnalytics account.
Microsoft.DataLakeAnalytics/accounts/TakeOwnership/actionMicrosoft.DataLakeAnalytics/accounts/TakeOwnership/action 授與權限以取消其他使用者所提交的作業。Grant permissions to cancel jobs submitted by other users.
Microsoft.DataLakeAnalytics/accounts/WriteMicrosoft.DataLakeAnalytics/accounts/Write 建立或更新 DataLakeAnalytics 帳戶。Create or update a DataLakeAnalytics account.
Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/WriteMicrosoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Write 建立或更新 DataLakeAnalytics 帳戶所連結的 DataLakeStore 帳戶。Create or update a linked DataLakeStore account of a DataLakeAnalytics account.
Microsoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/DeleteMicrosoft.DataLakeAnalytics/accounts/dataLakeStoreAccounts/Delete 取消 DataLakeStore 帳戶與 DataLakeAnalytics 帳戶的連結。Unlink a DataLakeStore account from a DataLakeAnalytics account.
Microsoft.DataLakeAnalytics/accounts/storageAccounts/WriteMicrosoft.DataLakeAnalytics/accounts/storageAccounts/Write 建立或更新 DataLakeAnalytics 帳戶所連結的儲存體帳戶。Create or update a linked Storage account of a DataLakeAnalytics account.
Microsoft.DataLakeAnalytics/accounts/storageAccounts/DeleteMicrosoft.DataLakeAnalytics/accounts/storageAccounts/Delete 取消儲存體帳戶與 DataLakeAnalytics 帳戶的連結。Unlink a Storage account from a DataLakeAnalytics account.
Microsoft.DataLakeAnalytics/accounts/firewallRules/WriteMicrosoft.DataLakeAnalytics/accounts/firewallRules/Write 建立或更新防火牆規則。Create or update a firewall rule.
Microsoft.DataLakeAnalytics/accounts/firewallRules/DeleteMicrosoft.DataLakeAnalytics/accounts/firewallRules/Delete 刪除防火牆規則。Delete a firewall rule.
Microsoft.DataLakeAnalytics/accounts/computePolicies/WriteMicrosoft.DataLakeAnalytics/accounts/computePolicies/Write 建立或更新計算原則。Create or update a compute policy.
Microsoft.DataLakeAnalytics/accounts/computePolicies/DeleteMicrosoft.DataLakeAnalytics/accounts/computePolicies/Delete 刪除計算原則。Delete a compute policy.
DataActionsDataActions
none
NotDataActionsNotDataActions
none

資料清除者Data Purger

說明Description 可清除分析資料Can purge analytics data
IdId 150f5e0c-0603-4f03-8c7f-cf70034c4e90150f5e0c-0603-4f03-8c7f-cf70034c4e90
動作Actions
Microsoft.Insights/components/*/readMicrosoft.Insights/components/*/read
Microsoft.Insights/components/purge/actionMicrosoft.Insights/components/purge/action 從 Application Insights 清除資料Purging data from Application Insights
Microsoft.OperationalInsights/workspaces/*/readMicrosoft.OperationalInsights/workspaces/*/read
Microsoft.OperationalInsights/workspaces/purge/actionMicrosoft.OperationalInsights/workspaces/purge/action 從工作區刪除指定的資料Delete specified data from workspace
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

DevTest Labs 使用者DevTest Labs User

說明Description 可讓您連線、啟動、重新啟及關閉您 Azure DevTest Labs 中的虛擬機器。Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.
IdId 76283e04-6283-4c54-8f91-bcf1374a3c6476283e04-6283-4c54-8f91-bcf1374a3c64
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.Compute/availabilitySets/readMicrosoft.Compute/availabilitySets/read 取得可用性設定組的屬性Get the properties of an availability set
Microsoft.Compute/virtualMachines/*/readMicrosoft.Compute/virtualMachines/*/read 讀取虛擬機器的屬性 (VM 大小、執行階段狀態、VM 擴充功能等)Read the properties of a virtual machine (VM sizes, runtime status, VM extensions, etc.)
Microsoft.Compute/virtualMachines/deallocate/actionMicrosoft.Compute/virtualMachines/deallocate/action 關閉虛擬機器的電源,並將計算資源釋出Powers off the virtual machine and releases the compute resources
Microsoft.Compute/virtualMachines/readMicrosoft.Compute/virtualMachines/read 取得虛擬機器的屬性Get the properties of a virtual machine
Microsoft.Compute/virtualMachines/restart/actionMicrosoft.Compute/virtualMachines/restart/action 重新啟動虛擬機器Restarts the virtual machine
Microsoft.Compute/virtualMachines/start/actionMicrosoft.Compute/virtualMachines/start/action 啟動虛擬機器Starts the virtual machine
Microsoft.DevTestLab/*/readMicrosoft.DevTestLab/*/read 讀取實驗室的屬性Read the properties of a lab
Microsoft.DevTestLab/labs/claimAnyVm/actionMicrosoft.DevTestLab/labs/claimAnyVm/action 在實驗室中宣告隨機的可宣告虛擬機器。Claim a random claimable virtual machine in the lab.
Microsoft.DevTestLab/labs/createEnvironment/actionMicrosoft.DevTestLab/labs/createEnvironment/action 在實驗室中建立虛擬機器。Create virtual machines in a lab.
Microsoft.devtestlab/labs/ensureCurrentUserProfile/actionMicrosoft.DevTestLab/labs/ensureCurrentUserProfile/action 請確定目前的使用者在實驗室中具有有效的設定檔。Ensure the current user has a valid profile in the lab.
Microsoft.DevTestLab/labs/formulas/deleteMicrosoft.DevTestLab/labs/formulas/delete 刪除公式。Delete formulas.
Microsoft.DevTestLab/labs/formulas/readMicrosoft.DevTestLab/labs/formulas/read 讀取公式。Read formulas.
Microsoft.DevTestLab/labs/formulas/writeMicrosoft.DevTestLab/labs/formulas/write 新增或修改公式。Add or modify formulas.
Microsoft.DevTestLab/labs/policySets/evaluatePolicies/actionMicrosoft.DevTestLab/labs/policySets/evaluatePolicies/action 評估實驗室原則。Evaluates lab policy.
Microsoft.DevTestLab/labs/virtualMachines/claim/actionMicrosoft.DevTestLab/labs/virtualMachines/claim/action 取得現有虛擬機器的擁有權Take ownership of an existing virtual machine
Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/actionMicrosoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action 列出適用的啟動/停止排程 (若有的話)。Lists the applicable start/stop schedules, if any.
Microsoft.devtestlab/labs/virtualMachines/getRdpFileContents/actionMicrosoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action 取得代表虛擬機器 RDP 檔案內容的字串Gets a string that represents the contents of the RDP file for the virtual machine
Microsoft.Network/loadBalancers/backendAddressPools/join/actionMicrosoft.Network/loadBalancers/backendAddressPools/join/action 加入負載平衡器後端位址集區。Joins a load balancer backend address pool. 未打斷。Not Alertable.
Microsoft.Network/loadBalancers/inboundNatRules/join/actionMicrosoft.Network/loadBalancers/inboundNatRules/join/action 加入負載平衡器輸入 nat 規則。Joins a load balancer inbound nat rule. 未打斷。Not Alertable.
Microsoft.Network/networkInterfaces/*/readMicrosoft.Network/networkInterfaces/*/read 讀取網路介面的屬性 (例如網路介面所屬的所有負載平衡器)Read the properties of a network interface (for example, all the load balancers that the network interface is a part of)
Microsoft.Network/networkInterfaces/join/actionMicrosoft.Network/networkInterfaces/join/action 將虛擬機器加入網路介面。Joins a Virtual Machine to a network interface. 未打斷。Not Alertable.
Microsoft.Network/networkInterfaces/readMicrosoft.Network/networkInterfaces/read 取得網路介面定義。Gets a network interface definition.
Microsoft.Network/networkInterfaces/writeMicrosoft.Network/networkInterfaces/write 建立網路介面,或更新現有的網路介面。Creates a network interface or updates an existing network interface.
Microsoft.Network/publicIPAddresses/*/readMicrosoft.Network/publicIPAddresses/*/read 讀取公用 IP 位址的屬性Read the properties of a public IP address
Microsoft.Network/publicIPAddresses/join/actionMicrosoft.Network/publicIPAddresses/join/action 加入公用 ip 位址。Joins a public ip address. 未打斷。Not Alertable.
Microsoft.Network/publicIPAddresses/readMicrosoft.Network/publicIPAddresses/read 取得公用 IP 位址定義。Gets a public ip address definition.
Microsoft.Network/virtualNetworks/subnets/join/actionMicrosoft.Network/virtualNetworks/subnets/join/action 加入虛擬網路。Joins a virtual network. 未打斷。Not Alertable.
Microsoft.Resources/deployments/operations/readMicrosoft.Resources/deployments/operations/read 取得或列出部署作業。Gets or lists deployment operations.
Microsoft.Resources/deployments/readMicrosoft.Resources/deployments/read 取得或列出部署。Gets or lists deployments.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/listKeys/actionMicrosoft.Storage/storageAccounts/listKeys/action 傳回指定儲存體帳戶的存取金鑰。Returns the access keys for the specified storage account.
NotActionsNotActions
Microsoft.Compute/virtualMachines/vmSizes/readMicrosoft.Compute/virtualMachines/vmSizes/read 列出虛擬機器所能更新成的大小Lists available sizes the virtual machine can be updated to
DataActionsDataActions
none
NotDataActionsNotDataActions
none

DNS 區域參與者DNS Zone Contributor

說明Description 可讓您管理 Azure DNS 中的 DNS 區域與記錄集,但無法讓您控制誰可存取它們。Lets you manage DNS zones and record sets in Azure DNS, but does not let you control who has access to them.
IdId befefa01-2a29-4197-83a8-272ff33ce314befefa01-2a29-4197-83a8-272ff33ce314
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.Network/dnsZones/*Microsoft.Network/dnsZones/* 建立和管理 DNS 區域和記錄Create and manage DNS zones and records
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage Support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

DocumentDB 帳戶參與者DocumentDB Account Contributor

說明Description 可以管理 Azure Cosmos DB 帳戶。Can manage Azure Cosmos DB accounts. Azure Cosmos DB 先前稱為 DocumentDB。Azure Cosmos DB is formerly known as DocumentDB.
IdId 5bd9cd88-fe45-4216-938b-f97437e154505bd9cd88-fe45-4216-938b-f97437e15450
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.DocumentDb/databaseAccounts/*Microsoft.DocumentDb/databaseAccounts/* 建立及管理 Azure Cosmos DB 帳戶Create and manage Azure Cosmos DB accounts
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

EventGrid EventSubscription 參與者EventGrid EventSubscription Contributor

說明Description 可讓您管理 EventGrid 事件訂用帳戶作業。Lets you manage EventGrid event subscription operations.
IdId 428e0ff0-5e57-4d9c-a221-2c70d0e0a443428e0ff0-5e57-4d9c-a221-2c70d0e0a443
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.EventGrid/eventSubscriptions/*Microsoft.EventGrid/eventSubscriptions/*
Microsoft.EventGrid/topicTypes/eventSubscriptions/readMicrosoft.EventGrid/topicTypes/eventSubscriptions/read 依主題類型列出全域事件訂用帳戶List global event subscriptions by topic type
Microsoft.EventGrid/locations/eventSubscriptions/readMicrosoft.EventGrid/locations/eventSubscriptions/read 列出區域事件訂用帳戶List regional event subscriptions
Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/readMicrosoft.EventGrid/locations/topicTypes/eventSubscriptions/read 依主題類型列出區域事件訂用帳戶List regional event subscriptions by topictype
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

EventGrid EventSubscription 讀者EventGrid EventSubscription Reader

說明Description 可讓您讀取 EventGrid 事件訂用帳戶。Lets you read EventGrid event subscriptions.
IdId 2414bbcf-6497-4faf-8c65-0454607484052414bbcf-6497-4faf-8c65-045460748405
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.EventGrid/eventSubscriptions/readMicrosoft.EventGrid/eventSubscriptions/read 閱讀 eventSubscriptionRead an eventSubscription
Microsoft.EventGrid/topicTypes/eventSubscriptions/readMicrosoft.EventGrid/topicTypes/eventSubscriptions/read 依主題類型列出全域事件訂用帳戶List global event subscriptions by topic type
Microsoft.EventGrid/locations/eventSubscriptions/readMicrosoft.EventGrid/locations/eventSubscriptions/read 列出區域事件訂用帳戶List regional event subscriptions
Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/readMicrosoft.EventGrid/locations/topicTypes/eventSubscriptions/read 依主題類型列出區域事件訂用帳戶List regional event subscriptions by topictype
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

HDInsight 叢集操作員HDInsight Cluster Operator

說明Description 可讓您讀取和修改 HDInsight 叢集設定。Lets you read and modify HDInsight cluster configurations.
IdId 61ed4efc-fab3-44fd-b111-e24485cc132a61ed4efc-fab3-44fd-b111-e24485cc132a
動作Actions
Microsoft HDInsight/*/readMicrosoft.HDInsight/*/read
Microsoft HDInsight/叢集/getGatewaySettings/動作Microsoft.HDInsight/clusters/getGatewaySettings/action 取得 HDInsight 叢集的閘道設定Get gateway settings for HDInsight Cluster
Microsoft HDInsight/叢集/updateGatewaySettings/動作Microsoft.HDInsight/clusters/updateGatewaySettings/action 更新 HDInsight 叢集的閘道設定Update gateway settings for HDInsight Cluster
Microsoft HDInsight/叢集/設定/*Microsoft.HDInsight/clusters/configurations/*
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Resources/deployments/operations/readMicrosoft.Resources/deployments/operations/read 取得或列出部署作業。Gets or lists deployment operations.
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

HDInsight 網域服務參與者HDInsight Domain Services Contributor

說明Description 可讀取、建立、修改和刪除 HDInsight 企業安全性套件所需的網域服務相關作業Can Read, Create, Modify and Delete Domain Services related operations needed for HDInsight Enterprise Security Package
IdId 8d8d5a11-05d3-4bda-a417-a08778121c7c8d8d5a11-05d3-4bda-a417-a08778121c7c
動作Actions
Microsoft.AAD/*/readMicrosoft.AAD/*/read
Microsoft.AAD/domainServices/*/readMicrosoft.AAD/domainServices/*/read
Microsoft.AAD/domainServices/oucontainer/*Microsoft.AAD/domainServices/oucontainer/*
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Intelligent Systems 帳戶參與者Intelligent Systems Account Contributor

說明Description 可讓您管理「智慧型系統」帳戶,但無法存取它們。Lets you manage Intelligent Systems accounts, but not access to them.
IdId 03a6d094-3444-4b3d-88af-7477090a9e5e03a6d094-3444-4b3d-88af-7477090a9e5e
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.IntelligentSystems/accounts/*Microsoft.IntelligentSystems/accounts/* 建立及管理 Intelligent Systems 帳戶Create and manage intelligent systems accounts
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Key Vault 參與者Key Vault Contributor

說明Description 可讓您管理金鑰保存庫,但無法存取它們。Lets you manage key vaults, but not access to them.
IdId f25e0fa2-a7c8-4377-a976-54943a77a395f25e0fa2-a7c8-4377-a976-54943a77a395
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.KeyVault/*Microsoft.KeyVault/*
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
Microsoft.KeyVault/locations/deletedVaults/purge/actionMicrosoft.KeyVault/locations/deletedVaults/purge/action 清除虛刪除的 Key VaultPurge a soft deleted key vault
Microsoft.KeyVault/hsmPools/*Microsoft.KeyVault/hsmPools/*
DataActionsDataActions
none
NotDataActionsNotDataActions
none

實驗室建立者Lab Creator

說明Description 可讓您在「Azure 實驗室帳戶」下建立、管理、刪除您的受控實驗室。Lets you create, manage, delete your managed labs under your Azure Lab Accounts.
IdId b97fb8bc-a8b2-4522-a38b-dd33c7e65eadb97fb8bc-a8b2-4522-a38b-dd33c7e65ead
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.LabServices/labAccounts/*/readMicrosoft.LabServices/labAccounts/*/read
Microsoft.LabServices/labAccounts/createLab/actionMicrosoft.LabServices/labAccounts/createLab/action 在實驗室帳戶中建立實驗室。Create a lab in a lab account.
Microsoft.LabServices/labAccounts/sizes/getRegionalAvailability/actionMicrosoft.LabServices/labAccounts/sizes/getRegionalAvailability/action
Microsoft.LabServices/labAccounts/getRegionalAvailability/actionMicrosoft.LabServices/labAccounts/getRegionalAvailability/action 取得在實驗室帳戶下設定的每個大小類別的區域可用性資訊Get regional availability information for each size category configured under a lab account
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Log Analytics 參與者Log Analytics Contributor

說明Description 「Log Analytics 參與者」角色可以讀取所有監視資料和編輯監視設定。Log Analytics Contributor can read all monitoring data and edit monitoring settings. 編輯監視設定包括將 VM 延伸模組新增至 VM、讀取儲存體帳戶金鑰以便能夠設定從「Azure 儲存體」收集記錄、建立及設定「自動化」帳戶、新增解決方案,以及設定所有 Azure 資源上的 Azure 診斷。Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources.
IdId 92aaf0da-9dab-42b6-94a3-d43ce8d1629392aaf0da-9dab-42b6-94a3-d43ce8d16293
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
Microsoft.Automation/automationAccounts/*Microsoft.Automation/automationAccounts/*
Microsoft.ClassicCompute/virtualMachines/extensions/*Microsoft.ClassicCompute/virtualMachines/extensions/*
Microsoft.ClassicStorage/storageAccounts/listKeys/actionMicrosoft.ClassicStorage/storageAccounts/listKeys/action 列出儲存體帳戶的存取金鑰。Lists the access keys for the storage accounts.
Microsoft.Compute/virtualMachines/extensions/*Microsoft.Compute/virtualMachines/extensions/*
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* 建立、更新或讀取 Analysis Server 的診斷設定Creates, updates, or reads the diagnostic setting for Analysis Server
Microsoft.OperationalInsights/*Microsoft.OperationalInsights/*
Microsoft.OperationsManagement/*Microsoft.OperationsManagement/*
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourcegroups/deployments/*Microsoft.Resources/subscriptions/resourcegroups/deployments/*
Microsoft.Storage/storageAccounts/listKeys/actionMicrosoft.Storage/storageAccounts/listKeys/action 傳回指定儲存體帳戶的存取金鑰。Returns the access keys for the specified storage account.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Log Analytics 讀者Log Analytics Reader

說明Description 「Log Analytics 讀者」可以檢視和搜尋所有監視資料,以及檢視監視設定,包括檢視所有 Azure 資源上的 Azure 診斷設定。Log Analytics Reader can view and search all monitoring data as well as and view monitoring settings, including viewing the configuration of Azure diagnostics on all Azure resources.
IdId 73c42c96-874c-492b-b04d-ab87d138a89373c42c96-874c-492b-b04d-ab87d138a893
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
Microsoft.OperationalInsights/workspaces/analytics/query/actionMicrosoft.OperationalInsights/workspaces/analytics/query/action 使用新的引擎進行搜尋。Search using new engine.
Microsoft.OperationalInsights/workspaces/search/actionMicrosoft.OperationalInsights/workspaces/search/action 執行搜尋查詢Executes a search query
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
Microsoft.OperationalInsights/workspaces/sharedKeys/readMicrosoft.OperationalInsights/workspaces/sharedKeys/read 擷取工作區的共用金鑰。Retrieves the shared keys for the workspace. 這些金鑰可用來將 Microsoft Operational Insights 代理程式連線到工作區。These keys are used to connect Microsoft Operational Insights agents to the workspace.
DataActionsDataActions
none
NotDataActionsNotDataActions
none

邏輯應用程式參與者Logic App Contributor

說明Description 可讓您管理邏輯應用程式,但不能變更其存取。Lets you manage logic apps, but not change access to them.
IdId 87a39d53-fc1b-424a-814c-f7e04687dc9e87a39d53-fc1b-424a-814c-f7e04687dc9e
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.ClassicStorage/storageAccounts/listKeys/actionMicrosoft.ClassicStorage/storageAccounts/listKeys/action 列出儲存體帳戶的存取金鑰。Lists the access keys for the storage accounts.
Microsoft.ClassicStorage/storageAccounts/readMicrosoft.ClassicStorage/storageAccounts/read 傳回具有給定帳戶的儲存體帳戶。Return the storage account with the given account.
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft Insights/metricAlerts/*Microsoft.Insights/metricAlerts/*
Microsoft.Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* 建立、更新或讀取 Analysis Server 的診斷設定Creates, updates, or reads the diagnostic setting for Analysis Server
Microsoft.Insights/logdefinitions/*Microsoft.Insights/logdefinitions/* 此為使用者需要透過入口網站存取活動記錄時所需的權限。This permission is necessary for users who need access to Activity Logs via the portal. 列出活動記錄檔中的記錄檔分類。List log categories in Activity Log.
Microsoft.Insights/metricDefinitions/*Microsoft.Insights/metricDefinitions/* 讀取度量定義 (可用資源的度量類型清單)。Read metric definitions (list of available metric types for a resource).
Microsoft.Logic/*Microsoft.Logic/* 管理 Logic Apps 資源。Manages Logic Apps resources.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/operationresults/readMicrosoft.Resources/subscriptions/operationresults/read 取得訂用帳戶作業結果。Get the subscription operation results.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/listkeys/actionMicrosoft.Storage/storageAccounts/listkeys/action 傳回指定儲存體帳戶的存取金鑰。Returns the access keys for the specified storage account.
Microsoft.Storage/storageAccounts/readMicrosoft.Storage/storageAccounts/read 傳回儲存體帳戶清單,或取得指定儲存體帳戶的屬性。Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Web/connectionGateways/*Microsoft.Web/connectionGateways/* 建立及管理「連線閘道」。Create and manages a Connection Gateway.
Microsoft.Web/connections/*Microsoft.Web/connections/* 建立及管理「連線」。Create and manages a Connection.
Microsoft.Web/customApis/*Microsoft.Web/customApis/* 建立及管理「自訂 API」。Creates and manages a Custom API.
Microsoft.Web/serverFarms/join/actionMicrosoft.Web/serverFarms/join/action
Microsoft.Web/serverFarms/readMicrosoft.Web/serverFarms/read 取得 App Service 方案的屬性Get the properties on an App Service Plan
Microsoft.Web/sites/functions/listSecrets/actionMicrosoft.Web/sites/functions/listSecrets/action 列出函數秘密。List Function secrets.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

邏輯應用程式操作員Logic App Operator

說明Description 可讓您讀取、啟用及停用邏輯應用程式,但無法編輯或更新它們。Lets you read, enable, and disable logic apps, but not edit or update them.
IdId 515c2055-d9d4-4321-b1b9-bd0c9a0f79fe515c2055-d9d4-4321-b1b9-bd0c9a0f79fe
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*/readMicrosoft.Insights/alertRules/*/read 讀取 Insights 警示規則Read Insights alert rules
Microsoft Insights/metricAlerts/*/readMicrosoft.Insights/metricAlerts/*/read
Microsoft.Insights/diagnosticSettings/*/readMicrosoft.Insights/diagnosticSettings/*/read 取得 Logic Apps 的診斷設定Gets diagnostic settings for Logic Apps
Microsoft.Insights/metricDefinitions/*/readMicrosoft.Insights/metricDefinitions/*/read 取得 Logic Apps 的可用計量。Gets the available metrics for Logic Apps.
Microsoft.Logic/*/readMicrosoft.Logic/*/read 讀取 Logic Apps 資源。Reads Logic Apps resources.
Microsoft.Logic/workflows/disable/actionMicrosoft.Logic/workflows/disable/action 停用工作流程。Disables the workflow.
Microsoft.Logic/workflows/enable/actionMicrosoft.Logic/workflows/enable/action 啟用工作流程。Enables the workflow.
Microsoft.Logic/workflows/validate/actionMicrosoft.Logic/workflows/validate/action 驗證工作流程。Validates the workflow.
Microsoft.Resources/deployments/operations/readMicrosoft.Resources/deployments/operations/read 取得或列出部署作業。Gets or lists deployment operations.
Microsoft.Resources/subscriptions/operationresults/readMicrosoft.Resources/subscriptions/operationresults/read 取得訂用帳戶作業結果。Get the subscription operation results.
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Web/connectionGateways/*/readMicrosoft.Web/connectionGateways/*/read 讀取「連線閘道」。Read Connection Gateways.
Microsoft.Web/connections/*/readMicrosoft.Web/connections/*/read 讀取「連線」。Read Connections.
Microsoft.Web/customApis/*/readMicrosoft.Web/customApis/*/read 讀取「自訂 API」。Read Custom API.
Microsoft.Web/serverFarms/readMicrosoft.Web/serverFarms/read 取得 App Service 方案的屬性Get the properties on an App Service Plan
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

受控應用程式操作員角色Managed Application Operator Role

說明Description 可讓您讀取受控應用程式資源及對其執行動作Lets you read and perform actions on Managed Application resources
IdId c7393b34-138c-406f-901b-d8cf2b17e6aec7393b34-138c-406f-901b-d8cf2b17e6ae
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
Microsoft.Solutions/applications/readMicrosoft.Solutions/applications/read 擷取應用程式清單。Retrieves a list of applications.
Microsoft 解決方案/*/actionMicrosoft.Solutions/*/action
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

受控應用程式讀者Managed Applications Reader

說明Description 可讓您讀取受控應用程式中的資源及要求 JIT 存取權。Lets you read resources in a managed app and request JIT access.
IdId b9331d33-8a36-4f8c-b097-4f54124fdb44b9331d33-8a36-4f8c-b097-4f54124fdb44
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Solutions/jitRequests/*Microsoft.Solutions/jitRequests/*
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

受控身分識別參與者Managed Identity Contributor

說明Description 建立、讀取、更新及刪除使用者指派的身分識別Create, Read, Update, and Delete User Assigned Identity
IdId e40ec5ca-96e0-45a2-b4ff-59039f2c2b59e40ec5ca-96e0-45a2-b4ff-59039f2c2b59
動作Actions
Microsoft.ManagedIdentity/userAssignedIdentities/readMicrosoft.ManagedIdentity/userAssignedIdentities/read 取得現有已指派使用者的身分識別Gets an existing user assigned identity
Microsoft.ManagedIdentity/userAssignedIdentities/writeMicrosoft.ManagedIdentity/userAssignedIdentities/write 建立新的已指派使用者的身分識別,或更新與現有已指派使用者之身分識別相關聯的標記Creates a new user assigned identity or updates the tags associated with an existing user assigned identity
Microsoft.ManagedIdentity/userAssignedIdentities/deleteMicrosoft.ManagedIdentity/userAssignedIdentities/delete 刪除現有已指派使用者的身分識別Deletes an existing user assigned identity
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

受控身分識別操作員Managed Identity Operator

說明Description 讀取及指派使用者指派的身分識別Read and Assign User Assigned Identity
IdId f1a07417-d97a-45cb-824c-7a7467783830f1a07417-d97a-45cb-824c-7a7467783830
動作Actions
Microsoft.ManagedIdentity/userAssignedIdentities/*/readMicrosoft.ManagedIdentity/userAssignedIdentities/*/read
Microsoft.ManagedIdentity/userAssignedIdentities/*/assign/actionMicrosoft.ManagedIdentity/userAssignedIdentities/*/assign/action
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

受控服務註冊指派刪除角色Managed Services Registration assignment Delete Role

說明Description 受控服務註冊指派刪除角色可讓管理租使用者使用者刪除指派給其租使用者的註冊指派。Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.
IdId 91c1777a-f3dc-4fae-b103-61d183457e4691c1777a-f3dc-4fae-b103-61d183457e46
動作Actions
ManagedServices/registrationAssignments/readMicrosoft.ManagedServices/registrationAssignments/read 抓取受控服務註冊指派的清單。Retrieves a list of Managed Services registration assignments.
ManagedServices/registrationAssignments/deleteMicrosoft.ManagedServices/registrationAssignments/delete 移除受控服務註冊指派。Removes Managed Services registration assignment.
ManagedServices/operationStatuses/readMicrosoft.ManagedServices/operationStatuses/read 讀取資源的作業狀態。Reads the operation status for the resource.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

管理群組參與者Management Group Contributor

說明Description 管理群組參與者角色Management Group Contributor Role
IdId 5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c
動作Actions
Microsoft.Management/managementGroups/deleteMicrosoft.Management/managementGroups/delete 刪除管理群組。Delete management group.
Microsoft.Management/managementGroups/readMicrosoft.Management/managementGroups/read 列出已驗證之使用者的管理群組。List management groups for the authenticated user.
Microsoft.Management/managementGroups/subscriptions/deleteMicrosoft.Management/managementGroups/subscriptions/delete 從管理群組中取消訂用帳戶的關聯。De-associates subscription from the management group.
Microsoft.Management/managementGroups/subscriptions/writeMicrosoft.Management/managementGroups/subscriptions/write 將現有的訂用帳戶關聯至管理群組。Associates existing subscription with the management group.
Microsoft.Management/managementGroups/writeMicrosoft.Management/managementGroups/write 建立或更新管理群組。Create or update a management group.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

管理群組讀者Management Group Reader

說明Description 管理群組讀者角色Management Group Reader Role
IdId ac63b705-f282-497d-ac71-919bf39d939dac63b705-f282-497d-ac71-919bf39d939d
動作Actions
Microsoft.Management/managementGroups/readMicrosoft.Management/managementGroups/read 列出已驗證之使用者的管理群組。List management groups for the authenticated user.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

監視參與者Monitoring Contributor

說明Description 可以讀取所有監視資料並編輯監視設定。Can read all monitoring data and edit monitoring settings. 請參閱開始使用 Azure 監視器的角色、權限和安全性See also Get started with roles, permissions, and security with Azure Monitor.
IdId 749f88d5-cbae-40b8-bcfc-e573ddc772fa749f88d5-cbae-40b8-bcfc-e573ddc772fa
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
Microsoft.AlertsManagement/alerts/*Microsoft.AlertsManagement/alerts/*
Microsoft.AlertsManagement/alertsSummary/*Microsoft.AlertsManagement/alertsSummary/*
Microsoft.Insights/actiongroups/*Microsoft.Insights/actiongroups/*
Microsoft.Insights/activityLogAlerts/*Microsoft.Insights/activityLogAlerts/*
Microsoft.Insights/AlertRules/*Microsoft.Insights/AlertRules/* 讀取/寫入/刪除警示規則。Read/write/delete alert rules.
Microsoft.Insights/components/*Microsoft.Insights/components/* 讀取/寫入/刪除 Application Insights 元件。Read/write/delete Application Insights components.
Microsoft.Insights/DiagnosticSettings/*Microsoft.Insights/DiagnosticSettings/* 讀取/寫入/刪除診斷設定。Read/write/delete diagnostic settings.
Microsoft.Insights/eventtypes/*Microsoft.Insights/eventtypes/* 列出訂用帳戶中的活動記錄檔事件 (管理事件)。List Activity Log events (management events) in a subscription. 此權限適用於以程式設計方式存取和入口網站存取活動記錄檔。This permission is applicable to both programmatic and portal access to the Activity Log.
Microsoft.Insights/LogDefinitions/*Microsoft.Insights/LogDefinitions/* 此為使用者需要透過入口網站存取活動記錄時所需的權限。This permission is necessary for users who need access to Activity Logs via the portal. 列出活動記錄檔中的記錄檔分類。List log categories in Activity Log.
Microsoft.Insights/metricalerts/*Microsoft.Insights/metricalerts/*
Microsoft.Insights/MetricDefinitions/*Microsoft.Insights/MetricDefinitions/* 讀取度量定義 (可用資源的度量類型清單)。Read metric definitions (list of available metric types for a resource).
Microsoft.Insights/Metrics/*Microsoft.Insights/Metrics/* 讀取資源的度量。Read metrics for a resource.
Microsoft.Insights/Register/ActionMicrosoft.Insights/Register/Action 註冊 Microsoft Insights 提供者Register the Microsoft Insights provider
Microsoft.Insights/scheduledqueryrules/*Microsoft.Insights/scheduledqueryrules/*
Microsoft.Insights/webtests/*Microsoft.Insights/webtests/* 讀取/寫入/刪除 Application Insights Web 測試。Read/write/delete Application Insights web tests.
Microsoft Insights/活頁簿/*Microsoft.Insights/workbooks/*
Microsoft.OperationalInsights/workspaces/intelligencepacks/*Microsoft.OperationalInsights/workspaces/intelligencepacks/* 讀取/寫入/刪除 log analytics 解決方案套件。Read/write/delete log analytics solution packs.
Microsoft.OperationalInsights/workspaces/savedSearches/*Microsoft.OperationalInsights/workspaces/savedSearches/* 讀取/寫入/刪除 log analytics 儲存的搜尋。Read/write/delete log analytics saved searches.
Microsoft.OperationalInsights/workspaces/search/actionMicrosoft.OperationalInsights/workspaces/search/action 執行搜尋查詢Executes a search query
Microsoft.OperationalInsights/workspaces/sharedKeys/actionMicrosoft.OperationalInsights/workspaces/sharedKeys/action 擷取工作區的共用金鑰。Retrieves the shared keys for the workspace. 這些金鑰可用來將 Microsoft Operational Insights 代理程式連線到工作區。These keys are used to connect Microsoft Operational Insights agents to the workspace.
Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*Microsoft.OperationalInsights/workspaces/storageinsightconfigs/* 讀取/寫入/刪除 log analytics 儲存體深入解析設定。Read/write/delete log analytics storage insight configurations.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.WorkloadMonitor/monitors/*Microsoft.WorkloadMonitor/monitors/*
Microsoft.WorkloadMonitor/notificationSettings/*Microsoft.WorkloadMonitor/notificationSettings/*
Microsoft.alertsmanagement/smartDetectorAlertRules/*Microsoft.AlertsManagement/smartDetectorAlertRules/*
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

監視計量發行者Monitoring Metrics Publisher

說明Description 針對 Azure 資源啟用發佈計量Enables publishing metrics against Azure resources
IdId 3913510d-42f4-4e42-8a64-420c390055eb3913510d-42f4-4e42-8a64-420c390055eb
動作Actions
Microsoft.Insights/Register/ActionMicrosoft.Insights/Register/Action 註冊 Microsoft Insights 提供者Register the Microsoft Insights provider
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Insights/Metrics/WriteMicrosoft.Insights/Metrics/Write 寫入計量Write metrics
NotDataActionsNotDataActions
none

監視讀取器Monitoring Reader

說明Description 可以讀取所有監視資料 (計量、記錄等等)。Can read all monitoring data (metrics, logs, etc.). 請參閱開始使用 Azure 監視器的角色、權限和安全性See also Get started with roles, permissions, and security with Azure Monitor.
IdId 43d0d8ad-25c7-4714-9337-8ba259a9fe0543d0d8ad-25c7-4714-9337-8ba259a9fe05
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
Microsoft.OperationalInsights/workspaces/search/actionMicrosoft.OperationalInsights/workspaces/search/action 執行搜尋查詢Executes a search query
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

網路參與者Network Contributor

說明Description 可讓您管理網路,但無法存取它們。Lets you manage networks, but not access to them.
IdId 4d97b98b-1d4f-4787-a291-c67834d212e74d97b98b-1d4f-4787-a291-c67834d212e7
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.Network/*Microsoft.Network/* 建立和管理網路Create and manage networks
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

New Relic APM 帳戶參與者New Relic APM Account Contributor

說明Description 可讓您管理 New Relic Application Performance Management 帳戶及應用程式,但無法存取它們。Lets you manage New Relic Application Performance Management accounts and applications, but not access to them.
IdId 5d28c62d-5b37-4476-8438-e587778df2375d28c62d-5b37-4476-8438-e587778df237
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NewRelic.APM/accounts/*NewRelic.APM/accounts/*
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

讀取者及資料存取Reader and Data Access

說明Description 可讓您檢視所有內容,但無法讓您刪除或建立儲存體帳戶或內含的資源。Lets you view everything but will not let you delete or create a storage account or contained resource. 也可透過存取儲存體帳戶金鑰,對儲存體帳戶中內含的所有資料進行讀取/寫入存取。It will also allow read/write access to all data contained in a storage account via access to storage account keys.
IdId c12c1c16-33a1-487b-954d-41c89c60f349c12c1c16-33a1-487b-954d-41c89c60f349
動作Actions
Microsoft.Storage/storageAccounts/listKeys/actionMicrosoft.Storage/storageAccounts/listKeys/action 傳回指定儲存體帳戶的存取金鑰。Returns the access keys for the specified storage account.
Microsoft. Storage/storageAccounts/ListAccountSas/actionMicrosoft.Storage/storageAccounts/ListAccountSas/action 傳回指定儲存體帳戶的帳戶 SAS 權杖。Returns the Account SAS token for the specified storage account.
Microsoft.Storage/storageAccounts/readMicrosoft.Storage/storageAccounts/read 傳回儲存體帳戶清單,或取得指定儲存體帳戶的屬性。Returns the list of storage accounts or gets the properties for the specified storage account.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Redis 快取參與者Redis Cache Contributor

說明Description 可讓您管理 Redis 快取,但無法存取它們。Lets you manage Redis caches, but not access to them.
IdId e0f68234-74aa-48ed-b826-c38b57376e17e0f68234-74aa-48ed-b826-c38b57376e17
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.Cache/redis/*Microsoft.Cache/redis/* 建立和管理 Redis 快取Create and manage Redis caches
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

資源原則參與者 (預覽)Resource Policy Contributor (Preview)

說明Description (預覽) 從 EA 回填的使用者,有權建立/修改資源原則、建立支援票證及讀取資源/階層。(Preview) Backfilled users from EA, with rights to create/modify resource policy, create support ticket and read resources/hierarchy.
IdId 36243c78-bf99-498c-9df9-86d9f8d2860836243c78-bf99-498c-9df9-86d9f8d28608
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all types, except secrets.
Microsoft.Authorization/policyassignments/*Microsoft.Authorization/policyassignments/* 建立及管理原則指派Create and manage policy assignments
Microsoft.Authorization/policydefinitions/*Microsoft.Authorization/policydefinitions/* 建立及管理原則定義Create and manage policy definitions
Microsoft.Authorization/policysetdefinitions/*Microsoft.Authorization/policysetdefinitions/* 建立及管理原則集合Create and manage policy sets
Microsoft.PolicyInsights/*Microsoft.PolicyInsights/*
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

排程器工作集合參與者Scheduler Job Collections Contributor

說明Description 可讓您管理「排程器」工作集合,但無法存取它們。Lets you manage Scheduler job collections, but not access to them.
IdId 188a0f2f-5c9e-469b-ae67-2aa5ce574b94188a0f2f-5c9e-469b-ae67-2aa5ce574b94
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Scheduler/jobcollections/*Microsoft.Scheduler/jobcollections/* 建立和管理工作集合Create and manage job collections
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

搜尋服務參與者Search Service Contributor

說明Description 可讓您管理「搜尋」服務,但無法存取它們。Lets you manage Search services, but not access to them.
IdId 7ca78c08-252a-4471-8644-bb5ff32d4ba07ca78c08-252a-4471-8644-bb5ff32d4ba0
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Search/searchServices/*Microsoft.Search/searchServices/* 建立和管理搜尋服務Create and manage search services
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

安全性系統管理員Security Admin

說明Description 僅限資訊安全中心:可檢視安全性原則、檢視安全性狀態、編輯安全性原則、檢視警示和建議、關閉警示和建議In Security Center only: Can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations
IdId fb1c8493-542b-48eb-b624-b4c8fea62acdfb1c8493-542b-48eb-b624-b4c8fea62acd
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Authorization/policyAssignments/*Microsoft.Authorization/policyAssignments/* 建立及管理原則指派Create and manage policy assignments
Microsoft.Authorization/policyDefinitions/*Microsoft.Authorization/policyDefinitions/* 建立及管理原則定義Create and manage policy definitions
Microsoft.Authorization/policySetDefinitions/*Microsoft.Authorization/policySetDefinitions/* 建立及管理原則集合Create and manage policy sets
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.Management/managementGroups/readMicrosoft.Management/managementGroups/read 列出已驗證之使用者的管理群組。List management groups for the authenticated user.
Microsoft.operationalInsights/workspaces/*/readMicrosoft.operationalInsights/workspaces/*/read 查看 log analytics 資料View log analytics data
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Security/*Microsoft.Security/*
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

安全性管理員 (舊版)Security Manager (Legacy)

說明Description 此為舊版角色。This is a legacy role. 請改用安全性系統管理員Please use Security Administrator instead
IdId e3d13bf0-dd5a-482e-ba6b-9b8433878d10e3d13bf0-dd5a-482e-ba6b-9b8433878d10
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.ClassicCompute/*/readMicrosoft.ClassicCompute/*/read 讀取傳統虛擬機器的設定資訊Read configuration information classic virtual machines
Microsoft.ClassicCompute/virtualMachines/*/writeMicrosoft.ClassicCompute/virtualMachines/*/write 撰寫傳統虛擬機器的設定Write configuration for classic virtual machines
Microsoft.ClassicNetwork/*/readMicrosoft.ClassicNetwork/*/read 讀取傳統網路的組態資訊Read configuration information about classic network
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Security/*Microsoft.Security/* 建立和管理安全性元件和原則Create and manage security components and policies
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

安全性讀取者Security Reader

說明Description 僅限資訊安全中心:可檢視建議和警示、檢視安全性原則、檢視安全性狀態,但無法進行變更In Security Center only: Can view recommendations and alerts, view security policies, view security states, but cannot make changes
IdId 39bc4728-0917-49c7-9d2c-d95423bc2eb439bc4728-0917-49c7-9d2c-d95423bc2eb4
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.operationalInsights/workspaces/*/readMicrosoft.operationalInsights/workspaces/*/read 查看 log analytics 資料View log analytics data
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Security/*/readMicrosoft.Security/*/read 讀取安全性元件和原則Read security components and policies
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Management/managementGroups/readMicrosoft.Management/managementGroups/read 列出已驗證之使用者的管理群組。List management groups for the authenticated user.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Site Recovery 參與者Site Recovery Contributor

說明Description 可讓您管理 Site Recovery 服務,但無法建立保存庫和指派角色Lets you manage Site Recovery service except vault creation and role assignment
IdId 6670b86e-a3f7-4917-ac9b-5d6ab1be45676670b86e-a3f7-4917-ac9b-5d6ab1be4567
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.RecoveryServices/locations/allocatedStamp/readMicrosoft.RecoveryServices/locations/allocatedStamp/read GetAllocatedStamp 是服務所使用的內部作業GetAllocatedStamp is internal operation used by service
Microsoft.RecoveryServices/locations/allocateStamp/actionMicrosoft.RecoveryServices/locations/allocateStamp/action AllocateStamp 是服務所使用的內部作業AllocateStamp is internal operation used by service
Microsoft.RecoveryServices/Vaults/certificates/writeMicrosoft.RecoveryServices/Vaults/certificates/write 「更新資源憑證」作業會更新資源/保存庫的認證憑證。The Update Resource Certificate operation updates the resource/vault credential certificate.
Microsoft.RecoveryServices/Vaults/extendedInformation/*Microsoft.RecoveryServices/Vaults/extendedInformation/* 建立和管理與保存庫相關的擴充資訊Create and manage extended info related to vault
Microsoft.RecoveryServices/Vaults/readMicrosoft.RecoveryServices/Vaults/read 「取得保存庫」作業會取得物件,此物件代表 'vault' 類型的 Azure 資源The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/refreshContainers/readMicrosoft.RecoveryServices/Vaults/refreshContainers/read
Microsoft.RecoveryServices/Vaults/registeredIdentities/*Microsoft.RecoveryServices/Vaults/registeredIdentities/* 建立和管理註冊的身分識別Create and manage registered identities
Microsoft.RecoveryServices/vaults/replicationAlertSettings/*Microsoft.RecoveryServices/vaults/replicationAlertSettings/* 建立或更新複寫警示設定Create or Update replication alert settings
Microsoft.RecoveryServices/vaults/replicationEvents/readMicrosoft.RecoveryServices/vaults/replicationEvents/read 讀取任何事件Read any Events
Microsoft.RecoveryServices/vaults/replicationFabrics/*Microsoft.RecoveryServices/vaults/replicationFabrics/* 建立和管理複寫網狀架構Create and manage replication fabrics
Microsoft.RecoveryServices/vaults/replicationJobs/*Microsoft.RecoveryServices/vaults/replicationJobs/* 建立和管理複寫作業Create and manage replication jobs
Microsoft.RecoveryServices/vaults/replicationPolicies/*Microsoft.RecoveryServices/vaults/replicationPolicies/* 建立和管理複寫原則Create and manage replication policies
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/*Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/* 建立和管理復原計劃Create and manage recovery plans
Microsoft.RecoveryServices/Vaults/storageConfig/*Microsoft.RecoveryServices/Vaults/storageConfig/* 建立和管理復原服務保存庫的儲存體設定Create and manage storage configuration of Recovery Services vault
Microsoft.RecoveryServices/Vaults/tokenInfo/readMicrosoft.RecoveryServices/Vaults/tokenInfo/read
Microsoft.RecoveryServices/Vaults/usages/readMicrosoft.RecoveryServices/Vaults/usages/read 傳回復原服務保存庫的使用量詳細資料。Returns usage details for a Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/vaultTokens/readMicrosoft.RecoveryServices/Vaults/vaultTokens/read 「保存庫權杖」作業可用來取得保存庫層級後端作業的保存庫權杖。The Vault Token operation can be used to get Vault Token for vault level backend operations.
Microsoft.RecoveryServices/Vaults/monitoringAlerts/*Microsoft.RecoveryServices/Vaults/monitoringAlerts/* 讀取復原服務保存庫的警示Read alerts for the Recovery services vault
Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/readMicrosoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/readMicrosoft.Storage/storageAccounts/read 傳回儲存體帳戶清單,或取得指定儲存體帳戶的屬性。Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Site Recovery 操作員Site Recovery Operator

說明Description 可讓您容錯移轉及容錯回復,但無法執行其他 Site Recovery 管理作業Lets you failover and failback but not perform other Site Recovery management operations
IdId 494ae006-db33-4328-bf46-533a6560a3ca494ae006-db33-4328-bf46-533a6560a3ca
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.RecoveryServices/locations/allocatedStamp/readMicrosoft.RecoveryServices/locations/allocatedStamp/read GetAllocatedStamp 是服務所使用的內部作業GetAllocatedStamp is internal operation used by service
Microsoft.RecoveryServices/locations/allocateStamp/actionMicrosoft.RecoveryServices/locations/allocateStamp/action AllocateStamp 是服務所使用的內部作業AllocateStamp is internal operation used by service
Microsoft.RecoveryServices/Vaults/extendedInformation/readMicrosoft.RecoveryServices/Vaults/extendedInformation/read 「取得延伸資訊」作業會取得物件的延伸資訊,此延伸資訊代表 'vault' 類型的 Azure 資源The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft.RecoveryServices/Vaults/readMicrosoft.RecoveryServices/Vaults/read 「取得保存庫」作業會取得物件,此物件代表 'vault' 類型的 Azure 資源The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/refreshContainers/readMicrosoft.RecoveryServices/Vaults/refreshContainers/read
Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read 「取得作業結果」作業可用來取得以非同步方式提交之作業的作業狀態和結果The Get Operation Results operation can be used get the operation status and result for the asynchronously submitted operation
Microsoft.RecoveryServices/Vaults/registeredIdentities/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/read 「取得容器」作業可用來取得為資源註冊的容器。The Get Containers operation can be used get the containers registered for a resource.
Microsoft.RecoveryServices/vaults/replicationAlertSettings/readMicrosoft.RecoveryServices/vaults/replicationAlertSettings/read 讀取任何警示設定Read any Alerts Settings
Microsoft.RecoveryServices/vaults/replicationEvents/readMicrosoft.RecoveryServices/vaults/replicationEvents/read 讀取任何事件Read any Events
Microsoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/checkConsistency/action 檢查網狀架構的一致性Checks Consistency of the Fabric
Microsoft.RecoveryServices/vaults/replicationFabrics/readMicrosoft.RecoveryServices/vaults/replicationFabrics/read 讀取任何網狀架構Read any Fabrics
Microsoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/reassociateGateway/action 重新關聯閘道Reassociate Gateway
Microsoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/renewcertificate/action 更新網狀架構的憑證Renew Certificate for Fabric
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read 讀取任何網路Read any Networks
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read 讀取任何網路對應Read any Network Mappings
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read 讀取任何保護容器Read any Protection Containers
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read 讀取任何可保護的項目Read any Protectable Items
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/applyRecoveryPoint/action 套用復原點Apply Recovery Point
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/failoverCommit/action 容錯移轉認可Failover Commit
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/plannedFailover/action 計劃性容錯移轉Planned Failover
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read 讀取任何受保護的項目Read any Protected Items
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read 讀取任何複寫復原點Read any Replication Recovery Points
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/repairReplication/action 修復複寫Repair replication
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/reProtect/action 重新保護受保護的項目ReProtect Protected Item
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/switchprotection/action 切換保護容器Switch Protection Container
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailover/action Test FailoverTest Failover
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/testFailoverCleanup/action 測試容錯移轉清理Test Failover Cleanup
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/unplannedFailover/action 容錯移轉Failover
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/updateMobilityService/action 更新行動服務Update Mobility Service
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read 讀取任何保護容器對應Read any Protection Container Mappings
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read 讀取任何復原服務提供者Read any Recovery Services Providers
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/actionMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/refreshProvider/action 重新整理提供者Refresh Provider
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read 讀取任何存放裝置分類Read any Storage Classifications
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read 讀取任何存放裝置分類對應Read any Storage Classification Mappings
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read 讀取任何 vCenterRead any vCenters
Microsoft.RecoveryServices/vaults/replicationJobs/*Microsoft.RecoveryServices/vaults/replicationJobs/* 建立和管理複寫作業Create and manage replication jobs
Microsoft.RecoveryServices/vaults/replicationPolicies/readMicrosoft.RecoveryServices/vaults/replicationPolicies/read 讀取任何原則Read any Policies
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/actionMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/failoverCommit/action 容錯移轉認可復原方案Failover Commit Recovery Plan
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/actionMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/plannedFailover/action 計劃性容錯移轉復原方案Planned Failover Recovery Plan
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/readMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/read 讀取任何復原方案Read any Recovery Plans
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/actionMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/reProtect/action 重新保護復原方案ReProtect Recovery Plan
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/actionMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailover/action 測試容錯移轉復原方案Test Failover Recovery Plan
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/actionMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/testFailoverCleanup/action 測試容錯移轉清理復原方案Test Failover Cleanup Recovery Plan
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/actionMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/unplannedFailover/action 容錯移轉復原方案Failover Recovery Plan
Microsoft.RecoveryServices/Vaults/monitoringAlerts/*Microsoft.RecoveryServices/Vaults/monitoringAlerts/* 讀取復原服務保存庫的警示Read alerts for the Recovery services vault
Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/readMicrosoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read
Microsoft.RecoveryServices/Vaults/storageConfig/readMicrosoft.RecoveryServices/Vaults/storageConfig/read
Microsoft.RecoveryServices/Vaults/tokenInfo/readMicrosoft.RecoveryServices/Vaults/tokenInfo/read
Microsoft.RecoveryServices/Vaults/usages/readMicrosoft.RecoveryServices/Vaults/usages/read 傳回復原服務保存庫的使用量詳細資料。Returns usage details for a Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/vaultTokens/readMicrosoft.RecoveryServices/Vaults/vaultTokens/read 「保存庫權杖」作業可用來取得保存庫層級後端作業的保存庫權杖。The Vault Token operation can be used to get Vault Token for vault level backend operations.
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/readMicrosoft.Storage/storageAccounts/read 傳回儲存體帳戶清單,或取得指定儲存體帳戶的屬性。Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

Site Recovery 讀取者Site Recovery Reader

說明Description 可讓您檢視 Site Recovery 狀態,但無法執行其他管理作業Lets you view Site Recovery status but not perform other management operations
IdId dbaa88c4-0c30-4179-9fb3-46319faa6149dbaa88c4-0c30-4179-9fb3-46319faa6149
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.RecoveryServices/locations/allocatedStamp/readMicrosoft.RecoveryServices/locations/allocatedStamp/read GetAllocatedStamp 是服務所使用的內部作業GetAllocatedStamp is internal operation used by service
Microsoft.RecoveryServices/Vaults/extendedInformation/readMicrosoft.RecoveryServices/Vaults/extendedInformation/read 「取得延伸資訊」作業會取得物件的延伸資訊,此延伸資訊代表 'vault' 類型的 Azure 資源The Get Extended Info operation gets an object's Extended Info representing the Azure resource of type ?vault?
Microsoft.RecoveryServices/Vaults/monitoringAlerts/readMicrosoft.RecoveryServices/Vaults/monitoringAlerts/read 取得復原服務保存庫的警示。Gets the alerts for the Recovery services vault.
Microsoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/readMicrosoft.RecoveryServices/Vaults/monitoringConfigurations/notificationConfiguration/read
Microsoft.RecoveryServices/Vaults/readMicrosoft.RecoveryServices/Vaults/read 「取得保存庫」作業會取得物件,此物件代表 'vault' 類型的 Azure 資源The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/refreshContainers/readMicrosoft.RecoveryServices/Vaults/refreshContainers/read
Microsoft.RecoveryServices/Vaults/registeredIdentities/operationResults/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/operationResults/read 「取得作業結果」作業可用來取得以非同步方式提交之作業的作業狀態和結果The Get Operation Results operation can be used get the operation status and result for the asynchronously submitted operation
Microsoft.RecoveryServices/Vaults/registeredIdentities/readMicrosoft.RecoveryServices/Vaults/registeredIdentities/read 「取得容器」作業可用來取得為資源註冊的容器。The Get Containers operation can be used get the containers registered for a resource.
Microsoft.RecoveryServices/vaults/replicationAlertSettings/readMicrosoft.RecoveryServices/vaults/replicationAlertSettings/read 讀取任何警示設定Read any Alerts Settings
Microsoft.RecoveryServices/vaults/replicationEvents/readMicrosoft.RecoveryServices/vaults/replicationEvents/read 讀取任何事件Read any Events
Microsoft.RecoveryServices/vaults/replicationFabrics/readMicrosoft.RecoveryServices/vaults/replicationFabrics/read 讀取任何網狀架構Read any Fabrics
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/read 讀取任何網路Read any Networks
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationNetworks/replicationNetworkMappings/read 讀取任何網路對應Read any Network Mappings
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/read 讀取任何保護容器Read any Protection Containers
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectableItems/read 讀取任何可保護的項目Read any Protectable Items
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/read 讀取任何受保護的項目Read any Protected Items
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectedItems/recoveryPoints/read 讀取任何複寫復原點Read any Replication Recovery Points
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationProtectionContainers/replicationProtectionContainerMappings/read 讀取任何保護容器對應Read any Protection Container Mappings
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationRecoveryServicesProviders/read 讀取任何復原服務提供者Read any Recovery Services Providers
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/read 讀取任何存放裝置分類Read any Storage Classifications
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationStorageClassifications/replicationStorageClassificationMappings/read 讀取任何存放裝置分類對應Read any Storage Classification Mappings
Microsoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/readMicrosoft.RecoveryServices/vaults/replicationFabrics/replicationvCenters/read 讀取任何 vCenterRead any vCenters
Microsoft.RecoveryServices/vaults/replicationJobs/readMicrosoft.RecoveryServices/vaults/replicationJobs/read 讀取任何作業Read any Jobs
Microsoft.RecoveryServices/vaults/replicationPolicies/readMicrosoft.RecoveryServices/vaults/replicationPolicies/read 讀取任何原則Read any Policies
Microsoft.RecoveryServices/vaults/replicationRecoveryPlans/readMicrosoft.RecoveryServices/vaults/replicationRecoveryPlans/read 讀取任何復原方案Read any Recovery Plans
Microsoft.RecoveryServices/Vaults/storageConfig/readMicrosoft.RecoveryServices/Vaults/storageConfig/read
Microsoft.RecoveryServices/Vaults/tokenInfo/readMicrosoft.RecoveryServices/Vaults/tokenInfo/read
Microsoft.RecoveryServices/Vaults/usages/readMicrosoft.RecoveryServices/Vaults/usages/read 傳回復原服務保存庫的使用量詳細資料。Returns usage details for a Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/vaultTokens/readMicrosoft.RecoveryServices/Vaults/vaultTokens/read 「保存庫權杖」作業可用來取得保存庫層級後端作業的保存庫權杖。The Vault Token operation can be used to get Vault Token for vault level backend operations.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

空間錨點帳戶參與者Spatial Anchors Account Contributor

說明Description 可讓您管理帳戶中的空間錨點,但不能將其刪除Lets you manage spatial anchors in your account, but not delete them
IdId 8bbe83f1-e2a6-4df7-8cb4-4e04d4e5c8278bbe83f1-e2a6-4df7-8cb4-4e04d4e5c827
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
MixedReality/SpatialAnchorsAccounts/create/actionMicrosoft.MixedReality/SpatialAnchorsAccounts/create/action 建立空間錨點Create spatial anchors
MixedReality/SpatialAnchorsAccounts/探索/讀取Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read 探索附近的空間錨點Discover nearby spatial anchors
MixedReality/SpatialAnchorsAccounts/properties/readMicrosoft.MixedReality/SpatialAnchorsAccounts/properties/read 取得空間錨點的屬性Get properties of spatial anchors
MixedReality/SpatialAnchorsAccounts/查詢/讀取Microsoft.MixedReality/SpatialAnchorsAccounts/query/read 找出空間錨點Locate spatial anchors
MixedReality/SpatialAnchorsAccounts/submitdiag/readMicrosoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read 提交診斷資料,以協助改善 Azure 空間錨點服務的品質Submit diagnostics data to help improve the quality of the Azure Spatial Anchors service
MixedReality/SpatialAnchorsAccounts/writeMicrosoft.MixedReality/SpatialAnchorsAccounts/write 更新空間錨點屬性Update spatial anchors properties
NotDataActionsNotDataActions
none

空間錨點帳戶擁有者Spatial Anchors Account Owner

說明Description 可讓您管理帳戶中的空間錨點,包括刪除它們Lets you manage spatial anchors in your account, including deleting them
IdId 70bbe301-9835-447d-afdd-19eb3167307c70bbe301-9835-447d-afdd-19eb3167307c
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
MixedReality/SpatialAnchorsAccounts/create/actionMicrosoft.MixedReality/SpatialAnchorsAccounts/create/action 建立空間錨點Create spatial anchors
MixedReality/SpatialAnchorsAccounts/deleteMicrosoft.MixedReality/SpatialAnchorsAccounts/delete 刪除空間錨點Delete spatial anchors
MixedReality/SpatialAnchorsAccounts/探索/讀取Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read 探索附近的空間錨點Discover nearby spatial anchors
MixedReality/SpatialAnchorsAccounts/properties/readMicrosoft.MixedReality/SpatialAnchorsAccounts/properties/read 取得空間錨點的屬性Get properties of spatial anchors
MixedReality/SpatialAnchorsAccounts/查詢/讀取Microsoft.MixedReality/SpatialAnchorsAccounts/query/read 找出空間錨點Locate spatial anchors
MixedReality/SpatialAnchorsAccounts/submitdiag/readMicrosoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read 提交診斷資料,以協助改善 Azure 空間錨點服務的品質Submit diagnostics data to help improve the quality of the Azure Spatial Anchors service
MixedReality/SpatialAnchorsAccounts/writeMicrosoft.MixedReality/SpatialAnchorsAccounts/write 更新空間錨點屬性Update spatial anchors properties
NotDataActionsNotDataActions
none

空間錨點帳戶讀者Spatial Anchors Account Reader

說明Description 可讓您找出並讀取您帳戶中的空間錨點屬性Lets you locate and read properties of spatial anchors in your account
IdId 5d51204f-eb77-4b1c-b86a-2ec626c494135d51204f-eb77-4b1c-b86a-2ec626c49413
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
MixedReality/SpatialAnchorsAccounts/探索/讀取Microsoft.MixedReality/SpatialAnchorsAccounts/discovery/read 探索附近的空間錨點Discover nearby spatial anchors
MixedReality/SpatialAnchorsAccounts/properties/readMicrosoft.MixedReality/SpatialAnchorsAccounts/properties/read 取得空間錨點的屬性Get properties of spatial anchors
MixedReality/SpatialAnchorsAccounts/查詢/讀取Microsoft.MixedReality/SpatialAnchorsAccounts/query/read 找出空間錨點Locate spatial anchors
MixedReality/SpatialAnchorsAccounts/submitdiag/readMicrosoft.MixedReality/SpatialAnchorsAccounts/submitdiag/read 提交診斷資料,以協助改善 Azure 空間錨點服務的品質Submit diagnostics data to help improve the quality of the Azure Spatial Anchors service
NotDataActionsNotDataActions
none

SQL DB 參與者SQL DB Contributor

說明Description 可讓您管理 SQL 資料庫,但無法存取它們。Lets you manage SQL databases, but not access to them. 此外,您也無法管理其安全性相關原則或其父 SQL 伺服器。Also, you can't manage their security-related policies or their parent SQL servers.
IdId 9b7fa17d-e63e-47b0-bb0a-15c516ac86ec9b7fa17d-e63e-47b0-bb0a-15c516ac86ec
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role Assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立及管理警示規則Create and manage alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Sql/locations/*/readMicrosoft.Sql/locations/*/read
Microsoft.Sql/servers/databases/*Microsoft.Sql/servers/databases/* 建立和管理 SQL 資料庫Create and manage SQL databases
Microsoft.Sql/servers/readMicrosoft.Sql/servers/read 傳回伺服器清單,或取得指定伺服器的屬性。Return the list of servers or gets the properties for the specified server.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Insights/metrics/readMicrosoft.Insights/metrics/read 讀取計量Read metrics
Microsoft.Insights/metricDefinitions/readMicrosoft.Insights/metricDefinitions/read 讀取計量定義Read metric definitions
NotActionsNotActions
Microsoft .Sql/managedInstances/資料庫/currentSensitivityLabels/*Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/recommendedSensitivityLabels/*Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/架構/資料表/資料行/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/securityAlertPolicies/*Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*
Microsoft .Sql/managedInstances/資料庫/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/sensitivityLabels/*
Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*
Microsoft Sql/managedInstances/securityAlertPolicies/*Microsoft.Sql/managedInstances/securityAlertPolicies/*
Microsoft.Sql/managedInstances/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/vulnerabilityAssessments/*
Microsoft.Sql/servers/databases/auditingPolicies/*Microsoft.Sql/servers/databases/auditingPolicies/* 編輯稽核原則Edit audit policies
Microsoft.Sql/servers/databases/auditingSettings/*Microsoft.Sql/servers/databases/auditingSettings/* 編輯稽核設定Edit audit settings
Microsoft.Sql/servers/databases/auditRecords/readMicrosoft.Sql/servers/databases/auditRecords/read 擷取資料庫 Blob 稽核記錄Retrieve the database blob audit records
Microsoft.Sql/servers/databases/connectionPolicies/*Microsoft.Sql/servers/databases/connectionPolicies/* 編輯連接原則Edit connection policies
Microsoft .Sql/servers/資料庫/currentSensitivityLabels/*Microsoft.Sql/servers/databases/currentSensitivityLabels/*
Microsoft.Sql/servers/databases/dataMaskingPolicies/*Microsoft.Sql/servers/databases/dataMaskingPolicies/* 編輯資料遮罩原則Edit data masking policies
Microsoft.Sql/servers/databases/extendedAuditingSettings/*Microsoft.Sql/servers/databases/extendedAuditingSettings/*
Microsoft .Sql/servers/資料庫/recommendedSensitivityLabels/*Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*
Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft.Sql/servers/databases/securityAlertPolicies/*Microsoft.Sql/servers/databases/securityAlertPolicies/* 編輯安全性警示原則Edit security alert policies
Microsoft.Sql/servers/databases/securityMetrics/*Microsoft.Sql/servers/databases/securityMetrics/* 編輯安全性計量Edit security metrics
Microsoft.Sql/servers/databases/sensitivityLabels/*Microsoft.Sql/servers/databases/sensitivityLabels/*
Microsoft.Sql/servers/databases/vulnerabilityAssessments/*Microsoft.Sql/servers/databases/vulnerabilityAssessments/*
Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*
Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*
Microsoft.Sql/servers/vulnerabilityAssessments/*Microsoft.Sql/servers/vulnerabilityAssessments/*
DataActionsDataActions
none
NotDataActionsNotDataActions
none

SQL 受控執行個體參與者SQL Managed Instance Contributor

說明Description 可讓您管理 SQL 受控實例和必要的網路設定,但無法將存取權授與其他人。Lets you manage SQL Managed Instances and required network configuration, but can’t give access to others.
IdId 4939a1f6-9ae0-4e48-a1e0-f2cbe897382d4939a1f6-9ae0-4e48-a1e0-f2cbe897382d
動作Actions
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft. Network/networkSecurityGroups/*Microsoft.Network/networkSecurityGroups/*
Microsoft. Network/routeTables/*Microsoft.Network/routeTables/*
Microsoft.Sql/locations/*/readMicrosoft.Sql/locations/*/read
Microsoft Sql/managedInstances/*Microsoft.Sql/managedInstances/*
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft 網路/virtualNetworks/子網/*Microsoft.Network/virtualNetworks/subnets/*
Microsoft. Network/virtualNetworks/*Microsoft.Network/virtualNetworks/*
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Insights/metrics/readMicrosoft.Insights/metrics/read 讀取計量Read metrics
Microsoft.Insights/metricDefinitions/readMicrosoft.Insights/metricDefinitions/read 讀取計量定義Read metric definitions
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

SQL 安全性管理員SQL Security Manager

說明Description 可讓您管理 SQL 伺服器及資料庫的安全性相關原則,但無法存取它們。Lets you manage the security-related policies of SQL servers and databases, but not access to them.
IdId 056cd41c-7e88-42e1-933e-88ba6a50c9c3056cd41c-7e88-42e1-933e-88ba6a50c9c3
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取 Microsoft 授權Read Microsoft authorization
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/actionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action 將資源 (例如,儲存體帳戶或 SQL Database) 加入至子網路。Joins resource such as storage account or SQL database to a subnet. 未打斷。Not alertable.
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft .Sql/managedInstances/資料庫/currentSensitivityLabels/*Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/recommendedSensitivityLabels/*Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/架構/資料表/資料行/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/securityAlertPolicies/*Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*
Microsoft .Sql/managedInstances/資料庫/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/sensitivityLabels/*
Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*
Microsoft Sql/managedInstances/securityAlertPolicies/*Microsoft.Sql/managedInstances/securityAlertPolicies/*
Microsoft .Sql/managedInstances/資料庫/transparentDataEncryption/*Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*
Microsoft.Sql/managedInstances/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/vulnerabilityAssessments/*
Microsoft.Sql/servers/auditingPolicies/*Microsoft.Sql/servers/auditingPolicies/* 建立和管理 SQL Server 稽核原則Create and manage SQL server auditing policies
Microsoft.Sql/servers/auditingSettings/*Microsoft.Sql/servers/auditingSettings/* 建立和管理 SQL Server 稽核設定Create and manage SQL server auditing setting
Microsoft.Sql/servers/extendedAuditingSettings/readMicrosoft.Sql/servers/extendedAuditingSettings/read 擷取指定伺服器上所設定之擴充伺服器 Blob 稽核原則的詳細資料Retrieve details of the extended server blob auditing policy configured on a given server
Microsoft.Sql/servers/databases/auditingPolicies/*Microsoft.Sql/servers/databases/auditingPolicies/* 建立和管理 SQL Server 資料庫稽核原則Create and manage SQL server database auditing policies
Microsoft.Sql/servers/databases/auditingSettings/*Microsoft.Sql/servers/databases/auditingSettings/* 建立和管理 SQL Server 資料庫稽核設定Create and manage SQL server database auditing settings
Microsoft.Sql/servers/databases/auditRecords/readMicrosoft.Sql/servers/databases/auditRecords/read 讀取稽核記錄Read audit records
Microsoft.Sql/servers/databases/connectionPolicies/*Microsoft.Sql/servers/databases/connectionPolicies/* 建立和管理 SQL Server 資料庫連接原則Create and manage SQL server database connection policies
Microsoft .Sql/servers/資料庫/currentSensitivityLabels/*Microsoft.Sql/servers/databases/currentSensitivityLabels/*
Microsoft.Sql/servers/databases/dataMaskingPolicies/*Microsoft.Sql/servers/databases/dataMaskingPolicies/* 建立和管理 SQL Server 資料庫資料遮罩原則Create and manage SQL server database data masking policies
Microsoft.Sql/servers/databases/extendedAuditingSettings/readMicrosoft.Sql/servers/databases/extendedAuditingSettings/read 擷取指定資料庫上所設定之擴充 Blob 稽核原則的詳細資料Retrieve details of the extended blob auditing policy configured on a given database
Microsoft.Sql/servers/databases/readMicrosoft.Sql/servers/databases/read 傳回資料庫清單,或取得指定資料庫的屬性。Return the list of databases or gets the properties for the specified database.
Microsoft .Sql/servers/資料庫/recommendedSensitivityLabels/*Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*
Microsoft.Sql/servers/databases/schemas/readMicrosoft.Sql/servers/databases/schemas/read 取得資料庫架構。Get a database schema.
Microsoft.Sql/servers/databases/schemas/tables/columns/readMicrosoft.Sql/servers/databases/schemas/tables/columns/read 取得資料庫資料行。Get a database column.
Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft.Sql/servers/databases/schemas/tables/readMicrosoft.Sql/servers/databases/schemas/tables/read 取得資料庫資料表。Get a database table.
Microsoft.Sql/servers/databases/securityAlertPolicies/*Microsoft.Sql/servers/databases/securityAlertPolicies/* 建立和管理 SQL Server 資料庫安全性警示原則Create and manage SQL server database security alert policies
Microsoft.Sql/servers/databases/securityMetrics/*Microsoft.Sql/servers/databases/securityMetrics/* 建立和管理 SQL Server 資料庫安全性度量Create and manage SQL server database security metrics
Microsoft.Sql/servers/databases/sensitivityLabels/*Microsoft.Sql/servers/databases/sensitivityLabels/*
Microsoft .Sql/servers/資料庫/transparentDataEncryption/*Microsoft.Sql/servers/databases/transparentDataEncryption/*
Microsoft.Sql/servers/databases/vulnerabilityAssessments/*Microsoft.Sql/servers/databases/vulnerabilityAssessments/*
Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*
Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*
Microsoft.Sql/servers/firewallRules/*Microsoft.Sql/servers/firewallRules/*
Microsoft.Sql/servers/readMicrosoft.Sql/servers/read 傳回伺服器清單,或取得指定伺服器的屬性。Return the list of servers or gets the properties for the specified server.
Microsoft.Sql/servers/securityAlertPolicies/*Microsoft.Sql/servers/securityAlertPolicies/* 建立和管理 SQL Server 安全性警示原則Create and manage SQL server security alert policies
Microsoft.Sql/servers/vulnerabilityAssessments/*Microsoft.Sql/servers/vulnerabilityAssessments/*
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

SQL Server 參與者SQL Server Contributor

說明Description 可讓您管理 SQL 伺服器及資料庫,但無法存取它們,也無法存取其安全性相關原則。Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.
IdId 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b4376d8ee4ec-f05a-4a1d-8b00-a9b17e38b437
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Sql/locations/*/readMicrosoft.Sql/locations/*/read
Microsoft.Sql/servers/*Microsoft.Sql/servers/* 建立和管理 SQL ServerCreate and manage SQL servers
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Insights/metrics/readMicrosoft.Insights/metrics/read 讀取計量Read metrics
Microsoft.Insights/metricDefinitions/readMicrosoft.Insights/metricDefinitions/read 讀取計量定義Read metric definitions
NotActionsNotActions
Microsoft .Sql/managedInstances/資料庫/currentSensitivityLabels/*Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/recommendedSensitivityLabels/*Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/架構/資料表/資料行/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft .Sql/managedInstances/資料庫/securityAlertPolicies/*Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*
Microsoft .Sql/managedInstances/資料庫/sensitivityLabels/*Microsoft.Sql/managedInstances/databases/sensitivityLabels/*
Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*
Microsoft Sql/managedInstances/securityAlertPolicies/*Microsoft.Sql/managedInstances/securityAlertPolicies/*
Microsoft.Sql/managedInstances/vulnerabilityAssessments/*Microsoft.Sql/managedInstances/vulnerabilityAssessments/*
Microsoft.Sql/servers/auditingPolicies/*Microsoft.Sql/servers/auditingPolicies/* 編輯 SQL Server 稽核原則Edit SQL server auditing policies
Microsoft.Sql/servers/auditingSettings/*Microsoft.Sql/servers/auditingSettings/* 編輯 SQL Server 稽核設定Edit SQL server auditing settings
Microsoft.Sql/servers/databases/auditingPolicies/*Microsoft.Sql/servers/databases/auditingPolicies/* 編輯 SQL Server 資料庫稽核原則Edit SQL server database auditing policies
Microsoft.Sql/servers/databases/auditingSettings/*Microsoft.Sql/servers/databases/auditingSettings/* 編輯 SQL Server 資料庫稽核設定Edit SQL server database auditing settings
Microsoft.Sql/servers/databases/auditRecords/readMicrosoft.Sql/servers/databases/auditRecords/read 讀取稽核記錄Read audit records
Microsoft.Sql/servers/databases/connectionPolicies/*Microsoft.Sql/servers/databases/connectionPolicies/* 編輯 SQL Server 資料庫連接原則Edit SQL server database connection policies
Microsoft .Sql/servers/資料庫/currentSensitivityLabels/*Microsoft.Sql/servers/databases/currentSensitivityLabels/*
Microsoft.Sql/servers/databases/dataMaskingPolicies/*Microsoft.Sql/servers/databases/dataMaskingPolicies/* 編輯 SQL Server 資料庫資料遮罩原則Edit SQL server database data masking policies
Microsoft.Sql/servers/databases/extendedAuditingSettings/*Microsoft.Sql/servers/databases/extendedAuditingSettings/*
Microsoft .Sql/servers/資料庫/recommendedSensitivityLabels/*Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*
Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*
Microsoft.Sql/servers/databases/securityAlertPolicies/*Microsoft.Sql/servers/databases/securityAlertPolicies/* 編輯 SQL Server 資料庫安全性警示原則Edit SQL server database security alert policies
Microsoft.Sql/servers/databases/securityMetrics/*Microsoft.Sql/servers/databases/securityMetrics/* 編輯 SQL Server 資料庫安全性度量Edit SQL server database security metrics
Microsoft.Sql/servers/databases/sensitivityLabels/*Microsoft.Sql/servers/databases/sensitivityLabels/*
Microsoft.Sql/servers/databases/vulnerabilityAssessments/*Microsoft.Sql/servers/databases/vulnerabilityAssessments/*
Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*
Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*
Microsoft.Sql/servers/extendedAuditingSettings/*Microsoft.Sql/servers/extendedAuditingSettings/*
Microsoft.Sql/servers/securityAlertPolicies/*Microsoft.Sql/servers/securityAlertPolicies/* 編輯 SQL Server 安全性警示原則Edit SQL server security alert policies
Microsoft.Sql/servers/vulnerabilityAssessments/*Microsoft.Sql/servers/vulnerabilityAssessments/*
DataActionsDataActions
none
NotDataActionsNotDataActions
none

儲存體帳戶參與者Storage Account Contributor

說明Description 允許管理儲存體帳戶。Permits management of storage accounts. 提供帳戶金鑰的存取權,其可用來透過共用金鑰授權存取資料。Provides access to the account key, which can be used to access data via Shared Key authorization.
IdId 17d1049b-9a84-46fb-8f53-869881c3d3ab17d1049b-9a84-46fb-8f53-869881c3d3ab
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取所有授權Read all authorization
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Insights/diagnosticSettings/*Microsoft.Insights/diagnosticSettings/* 管理診斷設定Manage diagnostic settings
Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/actionMicrosoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action 將資源 (例如,儲存體帳戶或 SQL Database) 加入至子網路。Joins resource such as storage account or SQL database to a subnet. 未打斷。Not alertable.
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Storage/storageAccounts/*Microsoft.Storage/storageAccounts/* 建立及管理儲存體帳戶Create and manage storage accounts
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

儲存體帳戶金鑰操作員服務角色Storage Account Key Operator Service Role

說明Description 允許列出及重新產生儲存體帳戶存取金鑰。Permits listing and regenerating storage account access keys.
IdId 81a9662b-bebf-436f-a333-f67b29880f1281a9662b-bebf-436f-a333-f67b29880f12
動作Actions
Microsoft.Storage/storageAccounts/listkeys/actionMicrosoft.Storage/storageAccounts/listkeys/action 傳回指定儲存體帳戶的存取金鑰。Returns the access keys for the specified storage account.
Microsoft.Storage/storageAccounts/regeneratekey/actionMicrosoft.Storage/storageAccounts/regeneratekey/action 重新產生指定儲存體帳戶的存取金鑰。Regenerates the access keys for the specified storage account.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

儲存體 Blob 資料參與者Storage Blob Data Contributor

說明Description 讀取、寫入和刪除 Azure 儲存體的容器和 blob。Read, write, and delete Azure Storage containers and blobs. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
IdId ba92f5b4-2d11-453d-a403-e96b0029c9feba92f5b4-2d11-453d-a403-e96b0029c9fe
動作Actions
Microsoft.Storage/storageAccounts/blobServices/containers/deleteMicrosoft.Storage/storageAccounts/blobServices/containers/delete 刪除容器。Delete a container.
Microsoft.Storage/storageAccounts/blobServices/containers/readMicrosoft.Storage/storageAccounts/blobServices/containers/read 傳回容器或容器清單。Return a container or a list of containers.
Microsoft.Storage/storageAccounts/blobServices/containers/writeMicrosoft.Storage/storageAccounts/blobServices/containers/write 修改容器的中繼資料或屬性。Modify a container's metadata or properties.
Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/actionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action 傳回 Blob 服務的使用者委派金鑰。Returns a user delegation key for the Blob service.
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/deleteMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/delete 刪除 Blob。Delete a blob.
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/readMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read 傳回 blob 或 blob 清單。Return a blob or a list of blobs.
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/writeMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/write 寫入 blob。Write to a blob.
NotDataActionsNotDataActions
none

儲存體 Blob 資料擁有者Storage Blob Data Owner

說明Description 提供 Azure 儲存體 blob 容器和資料的完整存取權,包括指派 POSIX 存取控制。Provides full access to Azure Storage blob containers and data, including assigning POSIX access control. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
IdId b7e6dc6d-f1e8-4753-8033-0f276bb0955bb7e6dc6d-f1e8-4753-8033-0f276bb0955b
動作Actions
Microsoft.Storage/storageAccounts/blobServices/containers/*Microsoft.Storage/storageAccounts/blobServices/containers/* 容器的完整許可權。Full permissions on containers.
Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/actionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action 傳回 Blob 服務的使用者委派金鑰。Returns a user delegation key for the Blob service.
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*Microsoft.Storage/storageAccounts/blobServices/containers/blobs/* Blob 的完整許可權。Full permissions on blobs.
NotDataActionsNotDataActions
none

儲存體 Blob 資料讀取器Storage Blob Data Reader

說明Description 讀取並列出 Azure 儲存體的容器和 blob。Read and list Azure Storage containers and blobs. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
IdId 2a2b9908-6ea1-4ae2-8e65-a410df84e7d12a2b9908-6ea1-4ae2-8e65-a410df84e7d1
動作Actions
Microsoft.Storage/storageAccounts/blobServices/containers/readMicrosoft.Storage/storageAccounts/blobServices/containers/read 傳回容器或容器清單。Return a container or a list of containers.
Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/actionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action 傳回 Blob 服務的使用者委派金鑰。Returns a user delegation key for the Blob service.
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/readMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read 傳回 blob 或 blob 清單。Return a blob or a list of blobs.
NotDataActionsNotDataActions
none

儲存體 Blob DelegatorStorage Blob Delegator

說明Description 取得使用者委派金鑰,然後可以用來為使用 Azure AD 認證簽署的容器或 blob 建立共用存取簽章。Get a user delegation key, which can then be used to create a shared access signature for a container or blob that is signed with Azure AD credentials. 如需詳細資訊,請參閱建立使用者委派 SASFor more information, see Create a user delegation SAS.
IdId db58b8e5-c6ad-4a2a-8342-4190687cbf4adb58b8e5-c6ad-4a2a-8342-4190687cbf4a
動作Actions
Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/actionMicrosoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action 傳回 Blob 服務的使用者委派金鑰。Returns a user delegation key for the Blob service.
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

儲存體檔案資料 SMB 共用參與者Storage File Data SMB Share Contributor

說明Description 允許透過 SMB 在 Azure 儲存體檔案共用中進行讀取、寫入和刪除存取Allows for read, write, and delete access in Azure Storage file shares over SMB
IdId 0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/readMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/read 傳回檔案/資料夾或檔案/資料夾的清單。Returns a file/folder or a list of files/folders.
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/writeMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/write 傳回寫入檔案或建立資料夾的結果。Returns the result of writing a file or creating a folder.
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/deleteMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/delete 傳回刪除檔案/資料夾的結果。Returns the result of deleting a file/folder.
NotDataActionsNotDataActions
none

儲存體檔案資料 SMB 共用提高許可權參與者Storage File Data SMB Share Elevated Contributor

說明Description 允許透過 SMB 在 Azure 儲存體檔案共用中進行讀取、寫入、刪除及修改 NTFS 許可權存取Allows for read, write, delete and modify NTFS permission access in Azure Storage file shares over SMB
IdId a7264617-510b-434b-a828-9731dc254ea7a7264617-510b-434b-a828-9731dc254ea7
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/readMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/read 傳回檔案/資料夾或檔案/資料夾的清單。Returns a file/folder or a list of files/folders.
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/writeMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/write 傳回寫入檔案或建立資料夾的結果。Returns the result of writing a file or creating a folder.
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/deleteMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/delete 傳回刪除檔案/資料夾的結果。Returns the result of deleting a file/folder.
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/modifypermissions/actionMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action 傳回修改檔案/資料夾之許可權的結果。Returns the result of modifying permission on a file/folder.
NotDataActionsNotDataActions
none

儲存體檔案資料 SMB 共用讀取器Storage File Data SMB Share Reader

說明Description 允許透過 SMB 讀取對 Azure 檔案共用的存取Allows for read access to Azure File Share over SMB
IdId aba4ae5f-2193-4029-9191-0cb91df5e314aba4ae5f-2193-4029-9191-0cb91df5e314
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
Microsoft. Storage/storageAccounts/fileServices/檔案共用/files/readMicrosoft.Storage/storageAccounts/fileServices/fileshares/files/read 傳回檔案/資料夾或檔案/資料夾的清單。Returns a file/folder or a list of files/folders.
NotDataActionsNotDataActions
none

儲存體佇列資料參與者Storage Queue Data Contributor

說明Description 讀取、寫入和刪除 Azure 儲存體的佇列和佇列訊息。Read, write, and delete Azure Storage queues and queue messages. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
IdId 974c5e8b-45b9-4653-ba55-5f855dd0fb88974c5e8b-45b9-4653-ba55-5f855dd0fb88
動作Actions
Microsoft.Storage/storageAccounts/queueServices/queues/deleteMicrosoft.Storage/storageAccounts/queueServices/queues/delete 刪除佇列。Delete a queue.
Microsoft.Storage/storageAccounts/queueServices/queues/readMicrosoft.Storage/storageAccounts/queueServices/queues/read 傳回佇列或佇列清單。Return a queue or a list of queues.
Microsoft.Storage/storageAccounts/queueServices/queues/writeMicrosoft.Storage/storageAccounts/queueServices/queues/write 修改佇列中繼資料或屬性。Modify queue metadata or properties.
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/queueServices/queues/messages/deleteMicrosoft.Storage/storageAccounts/queueServices/queues/messages/delete 從佇列中刪除一或多個訊息。Delete one or more messages from a queue.
Microsoft.Storage/storageAccounts/queueServices/queues/messages/readMicrosoft.Storage/storageAccounts/queueServices/queues/messages/read 查看或取出佇列中的一或多個訊息。Peek or retrieve one or more messages from a queue.
Microsoft.Storage/storageAccounts/queueServices/queues/messages/writeMicrosoft.Storage/storageAccounts/queueServices/queues/messages/write 將訊息新增至佇列。Add a message to a queue.
NotDataActionsNotDataActions
none

儲存體佇列資料訊息處理器Storage Queue Data Message Processor

說明Description 查看、取出和刪除 Azure 儲存體佇列中的訊息。Peek, retrieve, and delete a message from an Azure Storage queue. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
IdId 8a0f0c08-91a1-4084-bc3d-661d67233fed8a0f0c08-91a1-4084-bc3d-661d67233fed
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/queueServices/queues/messages/readMicrosoft.Storage/storageAccounts/queueServices/queues/messages/read 查看訊息。Peek a message.
Microsoft.Storage/storageAccounts/queueServices/queues/messages/process/actionMicrosoft.Storage/storageAccounts/queueServices/queues/messages/process/action 取出和刪除訊息。Retrieve and delete a message.
NotDataActionsNotDataActions
none

儲存體佇列資料訊息寄件者Storage Queue Data Message Sender

說明Description 將訊息新增至 Azure 儲存體的佇列。Add messages to an Azure Storage queue. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
IdId c6a89b2d-59bc-44d0-9896-0f6e12d7b80ac6a89b2d-59bc-44d0-9896-0f6e12d7b80a
動作Actions
none
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/queueServices/queues/messages/add/actionMicrosoft.Storage/storageAccounts/queueServices/queues/messages/add/action 將訊息新增至佇列。Add a message to a queue.
NotDataActionsNotDataActions
none

儲存體佇列資料讀取器Storage Queue Data Reader

說明Description 讀取和列出 Azure 儲存體的佇列和佇列訊息。Read and list Azure Storage queues and queue messages. 若要瞭解特定資料作業所需的動作,請參閱呼叫 blob 和佇列資料作業的許可權To learn which actions are required for a given data operation, see Permissions for calling blob and queue data operations.
IdId 19e7f393-937e-4f77-808e-94535e29792519e7f393-937e-4f77-808e-94535e297925
動作Actions
Microsoft.Storage/storageAccounts/queueServices/queues/readMicrosoft.Storage/storageAccounts/queueServices/queues/read 傳回佇列或佇列清單。Returns a queue or a list of queues.
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Storage/storageAccounts/queueServices/queues/messages/readMicrosoft.Storage/storageAccounts/queueServices/queues/messages/read 查看或取出佇列中的一或多個訊息。Peek or retrieve one or more messages from a queue.
NotDataActionsNotDataActions
none

支援要求參與者Support Request Contributor

說明Description 可讓您建立及管理支援要求Lets you create and manage Support requests
IdId cfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24ecfd33db0-3dd1-45e3-aa9d-cdbdf3b6f24e
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

流量管理員參與者Traffic Manager Contributor

說明Description 可讓您管理「流量管理員」設定檔,但無法控制誰可以存取它們。Lets you manage Traffic Manager profiles, but does not let you control who has access to them.
IdId a4b10055-b0c7-44c2-b00f-c7b5b3550cf7a4b10055-b0c7-44c2-b00f-c7b5b3550cf7
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取角色和角色指派Read roles and role assignments
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Network/trafficManagerProfiles/*Microsoft.Network/trafficManagerProfiles/*
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

使用者存取系統管理員User Access Administrator

說明Description 可讓您管理 Azure 資源的使用者存取。Lets you manage user access to Azure resources.
IdId 18d7d88d-d35e-4fb5-a5c3-7773c20a72d918d7d88d-d35e-4fb5-a5c3-7773c20a72d9
動作Actions
*/read*/read 讀取密碼以外的所有類型的資源。Read resources of all Types, except secrets.
Microsoft.Authorization/*Microsoft.Authorization/* 管理授權Manage authorization
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

虛擬機器系統管理員登入Virtual Machine Administrator Login

說明Description 在入口網站中檢視虛擬機器並以系統管理員身分登入View Virtual Machines in the portal and login as administrator
IdId 1c0163c0-47e6-4577-8991-ea5c82e286e41c0163c0-47e6-4577-8991-ea5c82e286e4
動作Actions
Microsoft.Network/publicIPAddresses/readMicrosoft.Network/publicIPAddresses/read 取得公用 IP 位址定義。Gets a public ip address definition.
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.Network/loadBalancers/readMicrosoft.Network/loadBalancers/read 取得負載平衡器定義Gets a load balancer definition
Microsoft.Network/networkInterfaces/readMicrosoft.Network/networkInterfaces/read 取得網路介面定義。Gets a network interface definition.
Microsoft.Compute/virtualMachines/*/readMicrosoft.Compute/virtualMachines/*/read
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Compute/virtualMachines/login/actionMicrosoft.Compute/virtualMachines/login/action 以一般使用者身分登入虛擬機器Log in to a virtual machine as a regular user
Microsoft.Compute/virtualMachines/loginAsAdmin/actionMicrosoft.Compute/virtualMachines/loginAsAdmin/action 以 Windows 系統管理員或 Linux 根使用者權限登入虛擬機器Log in to a virtual machine with Windows administrator or Linux root user privileges
NotDataActionsNotDataActions
none

虛擬機器參與者Virtual Machine Contributor

說明Description 可讓您管理虛擬機器 (不含虛擬機器所連接的虛擬網路或儲存體帳戶),但無法存取它們。Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.
IdId 9980e02c-c2be-4d73-94e8-173b1dc7cf3c9980e02c-c2be-4d73-94e8-173b1dc7cf3c
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.Compute/availabilitySets/*Microsoft.Compute/availabilitySets/* 建立和管理運算可用性集合Create and manage compute availability sets
Microsoft.Compute/locations/*Microsoft.Compute/locations/* 建立和管理運算位置Create and manage compute locations
Microsoft.Compute/virtualMachines/*Microsoft.Compute/virtualMachines/* 建立和管理虛擬機器Create and manage virtual machines
Microsoft.Compute/virtualMachineScaleSets/*Microsoft.Compute/virtualMachineScaleSets/* 建立和管理虛擬機器擴展集Create and manage virtual machine scale sets
Microsoft.DevTestLab/schedules/*Microsoft.DevTestLab/schedules/*
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Network/applicationGateways/backendAddressPools/join/actionMicrosoft.Network/applicationGateways/backendAddressPools/join/action 加入應用程式閘道後端位址集區。Joins an application gateway backend address pool. 未打斷。Not Alertable.
Microsoft.Network/loadBalancers/backendAddressPools/join/actionMicrosoft.Network/loadBalancers/backendAddressPools/join/action 加入負載平衡器後端位址集區。Joins a load balancer backend address pool. 未打斷。Not Alertable.
Microsoft.Network/loadBalancers/inboundNatPools/join/actionMicrosoft.Network/loadBalancers/inboundNatPools/join/action 加入負載平衡器輸入 NAT 集區。Joins a load balancer inbound NAT pool. 未打斷。Not alertable.
Microsoft.Network/loadBalancers/inboundNatRules/join/actionMicrosoft.Network/loadBalancers/inboundNatRules/join/action 加入負載平衡器輸入 nat 規則。Joins a load balancer inbound nat rule. 未打斷。Not Alertable.
Microsoft.Network/loadBalancers/probes/join/actionMicrosoft.Network/loadBalancers/probes/join/action 允許使用負載平衡器的探查。Allows using probes of a load balancer. 例如,使用此權限,VM 擴展集的 healthProbe 屬性就可以參考探查。For example, with this permission healthProbe property of VM scale set can reference the probe. 未打斷。Not alertable.
Microsoft.Network/loadBalancers/readMicrosoft.Network/loadBalancers/read 取得負載平衡器定義Gets a load balancer definition
Microsoft.Network/locations/*Microsoft.Network/locations/* 建立和管理網路位置Create and manage network locations
Microsoft.Network/networkInterfaces/*Microsoft.Network/networkInterfaces/* 建立和管理網路介面Create and manage network interfaces
Microsoft.Network/networkSecurityGroups/join/actionMicrosoft.Network/networkSecurityGroups/join/action 加入網路安全性群組。Joins a network security group. 未打斷。Not Alertable.
Microsoft.Network/networkSecurityGroups/readMicrosoft.Network/networkSecurityGroups/read 取得網路安全性群組定義Gets a network security group definition
Microsoft.Network/publicIPAddresses/join/actionMicrosoft.Network/publicIPAddresses/join/action 加入公用 ip 位址。Joins a public ip address. 未打斷。Not Alertable.
Microsoft.Network/publicIPAddresses/readMicrosoft.Network/publicIPAddresses/read 取得公用 IP 位址定義。Gets a public ip address definition.
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.Network/virtualNetworks/subnets/join/actionMicrosoft.Network/virtualNetworks/subnets/join/action 加入虛擬網路。Joins a virtual network. 未打斷。Not Alertable.
Microsoft.RecoveryServices/locations/*Microsoft.RecoveryServices/locations/*
Microsoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/writeMicrosoft.RecoveryServices/Vaults/backupFabrics/backupProtectionIntent/write 建立備份保護用途Create a backup Protection Intent
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/*/read
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/readMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/read 傳回受保護項目的物件詳細資料Returns object details of the Protected Item
Microsoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/writeMicrosoft.RecoveryServices/Vaults/backupFabrics/protectionContainers/protectedItems/write 建立備用的受保護項目Create a backup Protected Item
Microsoft.RecoveryServices/Vaults/backupPolicies/readMicrosoft.RecoveryServices/Vaults/backupPolicies/read 傳回所有保護原則Returns all Protection Policies
Microsoft.RecoveryServices/Vaults/backupPolicies/writeMicrosoft.RecoveryServices/Vaults/backupPolicies/write 建立保護原則Creates Protection Policy
Microsoft.RecoveryServices/Vaults/readMicrosoft.RecoveryServices/Vaults/read 「取得保存庫」作業會取得物件,此物件代表 'vault' 類型的 Azure 資源The Get Vault operation gets an object representing the Azure resource of type 'vault'
Microsoft.RecoveryServices/Vaults/usages/readMicrosoft.RecoveryServices/Vaults/usages/read 傳回復原服務保存庫的使用量詳細資料。Returns usage details for a Recovery Services Vault.
Microsoft.RecoveryServices/Vaults/writeMicrosoft.RecoveryServices/Vaults/write 「建立保存庫」作業會建立 'vault' 類型的 Azure 資源Create Vault operation creates an Azure resource of type 'vault'
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.SqlVirtualMachine/*Microsoft.SqlVirtualMachine/*
Microsoft.Storage/storageAccounts/listKeys/actionMicrosoft.Storage/storageAccounts/listKeys/action 傳回指定儲存體帳戶的存取金鑰。Returns the access keys for the specified storage account.
Microsoft.Storage/storageAccounts/readMicrosoft.Storage/storageAccounts/read 傳回儲存體帳戶清單,或取得指定儲存體帳戶的屬性。Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

虛擬機器使用者登入Virtual Machine User Login

說明Description 在入口網站中檢視虛擬機器並以一般使用者身分登入。View Virtual Machines in the portal and login as a regular user.
IdId fb879df8-f326-4884-b1cf-06f3ad86be52fb879df8-f326-4884-b1cf-06f3ad86be52
動作Actions
Microsoft.Network/publicIPAddresses/readMicrosoft.Network/publicIPAddresses/read 取得公用 IP 位址定義。Gets a public ip address definition.
Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read 取得虛擬網路定義Get the virtual network definition
Microsoft.Network/loadBalancers/readMicrosoft.Network/loadBalancers/read 取得負載平衡器定義Gets a load balancer definition
Microsoft.Network/networkInterfaces/readMicrosoft.Network/networkInterfaces/read 取得網路介面定義。Gets a network interface definition.
Microsoft.Compute/virtualMachines/*/readMicrosoft.Compute/virtualMachines/*/read
NotActionsNotActions
none
DataActionsDataActions
Microsoft.Compute/virtualMachines/login/actionMicrosoft.Compute/virtualMachines/login/action 以一般使用者身分登入虛擬機器Log in to a virtual machine as a regular user
NotDataActionsNotDataActions
none

Web 方案參與者Web Plan Contributor

說明Description 可讓您管理網站的 Web 方案,但無法存取它們。Lets you manage the web plans for websites, but not access to them.
IdId 2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Web/serverFarms/*Microsoft.Web/serverFarms/* 建立和管理伺服器陣列Create and manage server farms
Microsoft Web/hostingEnvironments/Join/ActionMicrosoft.Web/hostingEnvironments/Join/Action 加入 App Service 環境Joins an App Service Environment
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

網站參與者Website Contributor

說明Description 可讓您管理網站 (非 Web 方案),但無法存取它們。Lets you manage websites (not web plans), but not access to them.
IdId de139f84-1756-47ae-9be6-808fbbe84772de139f84-1756-47ae-9be6-808fbbe84772
動作Actions
Microsoft.Authorization/*/readMicrosoft.Authorization/*/read 讀取授權Read authorization
Microsoft.Insights/alertRules/*Microsoft.Insights/alertRules/* 建立和管理 Insights 警示規則Create and manage Insights alert rules
Microsoft.Insights/components/*Microsoft.Insights/components/* 建立和管理 Insights 元件Create and manage Insights components
Microsoft.ResourceHealth/availabilityStatuses/readMicrosoft.ResourceHealth/availabilityStatuses/read 取得指定範圍中所有資源的可用性狀態Gets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*Microsoft.Resources/deployments/* 建立和管理資源群組部署Create and manage resource group deployments
Microsoft.Resources/subscriptions/resourceGroups/readMicrosoft.Resources/subscriptions/resourceGroups/read 取得或列出資源群組。Gets or lists resource groups.
Microsoft.Support/*Microsoft.Support/* 建立和管理支援票證Create and manage support tickets
Microsoft.Web/certificates/*Microsoft.Web/certificates/* 建立和管理網站憑證Create and manage website certificates
Microsoft.Web/listSitesAssignedToHostName/readMicrosoft.Web/listSitesAssignedToHostName/read 取得指派給主機名稱之網站的名稱。Get names of sites assigned to hostname.
Microsoft.Web/serverFarms/join/actionMicrosoft.Web/serverFarms/join/action
Microsoft.Web/serverFarms/readMicrosoft.Web/serverFarms/read 取得 App Service 方案的屬性Get the properties on an App Service Plan
Microsoft.Web/sites/*Microsoft.Web/sites/* 建立和管理網站 (建立網站也需要相關聯應用程式服務方案的寫入權限)Create and manage websites (site creation also requires write permissions to the associated App Service Plan)
NotActionsNotActions
none
DataActionsDataActions
none
NotDataActionsNotDataActions
none

後續步驟Next steps