Nota
El acceso a esta página requiere autorización. Puede intentar iniciar sesión o cambiar directorios.
El acceso a esta página requiere autorización. Puede intentar cambiar los directorios.
En este artículo se enumeran los roles integrados de Azure en la categoría Web y Mobile.
Colaborador de datos de Azure Maps
Conde acceso para leer, escribir y eliminar datos relacionados con mapas desde una cuenta de mapas de Azure.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.Maps/accounts/*/read | |
| Microsoft.Maps/accounts/*/write | |
| Microsoft.Maps/accounts/*/delete | |
| Microsoft.Maps/accounts/*/action | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Grants access to read, write, and delete access to map related data from an Azure maps account.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204",
"name": "8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Maps/accounts/*/read",
"Microsoft.Maps/accounts/*/write",
"Microsoft.Maps/accounts/*/delete",
"Microsoft.Maps/accounts/*/action"
],
"notDataActions": []
}
],
"roleName": "Azure Maps Data Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lector de datos de Azure Maps
Concede acceso de lectura a los datos de los mapas de una cuenta de Azure Maps.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.Maps/accounts/*/read | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Grants access to read map related data from an Azure maps account.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/423170ca-a8f6-4b0f-8487-9e4eb8f49bfa",
"name": "423170ca-a8f6-4b0f-8487-9e4eb8f49bfa",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Maps/accounts/*/read"
],
"notDataActions": []
}
],
"roleName": "Azure Maps Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lector de datos de búsqueda y representación de Azure Maps
Concede acceso a un conjunto muy limitado de API de datos para escenarios comunes del SDK web visual. En concreto, represente y busque las API de datos.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.Maps/cuentas/servicios/renderizar/leer | Permite la lectura de datos para los servicios Render. |
| Microsoft.Maps/cuentas/servicios/búsqueda/lectura | Permite la lectura de datos para los servicios Search. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6be48352-4f82-47c9-ad5e-0acacefdb005",
"name": "6be48352-4f82-47c9-ad5e-0acacefdb005",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Maps/accounts/services/render/read",
"Microsoft.Maps/accounts/services/search/read"
],
"notDataActions": []
}
],
"roleName": "Azure Maps Search and Render Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Rol lector de patrones de archivo de configuración del servicio De configuración de aplicaciones de Azure Spring Apps
Lee el contenido del patrón de archivo de configuración del servicio de configuración de aplicaciones en Azure Spring Apps.
| Acciones | Descripción |
|---|---|
| Microsoft.AppPlatform/Spring/read | Obtiene las instancias del servicio Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/configurationServices/read | Obtiene los servicios de configuración de aplicaciones para una instancia específica de servicio de Azure Spring Apps. |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read | Lea el contenido de configuración (por ejemplo, application-prod.yaml) extraído por Application Configuration Service para una instancia de servicio específica de Azure Spring Apps. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Read content of config file pattern for Application Configuration Service in Azure Spring Apps",
"id": "/providers/Microsoft.Authorization/roleDefinitions/25211fc6-dc78-40b6-b205-e4ac934fd9fd",
"name": "25211fc6-dc78-40b6-b205-e4ac934fd9fd",
"permissions": [
{
"actions": [
"Microsoft.AppPlatform/Spring/read",
"Microsoft.AppPlatform/Spring/configurationServices/read"
],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Apps Application Configuration Service Config File Pattern Reader Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Rol lector de registro del servicio de configuración de aplicaciones de Azure Spring Apps
Lee los registros en tiempo real del servicio de configuración de aplicaciones en Azure Spring Apps.
| Acciones | Descripción |
|---|---|
| Microsoft.AppPlatform/Spring/read | Obtiene las instancias del servicio Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/configurationServices/read | Obtiene los servicios de configuración de aplicaciones para una instancia específica de servicio de Azure Spring Apps. |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action | Lea el registro de streaming de todos los subcomponentes en Application Configuration Service desde una instancia de servicio específica de Azure Spring Apps. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Read real-time logs for Application Configuration Service in Azure Spring Apps",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6593e776-2a30-40f9-8a32-4fe28b77655d",
"name": "6593e776-2a30-40f9-8a32-4fe28b77655d",
"permissions": [
{
"actions": [
"Microsoft.AppPlatform/Spring/read",
"Microsoft.AppPlatform/Spring/configurationServices/read"
],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Apps Application Configuration Service Log Reader Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Rol de Conexión de Azure Spring Apps
Rol de Conexión de Azure Spring Apps
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/apps/deployments/connect/action | Conecta una instancia a una aplicación específica. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Azure Spring Apps Connect Role",
"id": "/providers/Microsoft.Authorization/roleDefinitions/80558df3-64f9-4c0f-b32d-e5094b036b0b",
"name": "80558df3-64f9-4c0f-b32d-e5094b036b0b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/apps/deployments/connect/action"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Apps Connect Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Rol de lector de registros de trabajos de Azure Spring Apps
Lectura de registros en tiempo real para trabajos en Azure Spring Apps
| Acciones | Descripción |
|---|---|
| Microsoft.AppPlatform/Spring/read | Obtiene las instancias del servicio Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/jobs/read | Obtención del trabajo para una instancia de servicio específica de Azure Spring Apps |
| Microsoft.AppPlatform/Spring/jobs/executions/read | Obtención de la ejecución del trabajo para una instancia de servicio específica de Azure Spring Apps |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/jobs/executions/logstream/action | Obtención del registro de streaming de ejecuciones de trabajos para una instancia de servicio específica de Azure Spring Apps |
| Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action | Enumeración de instancias de una ejecución de trabajo específica para una instancia de servicio específica de Azure Spring Apps |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Read real-time logs for jobs in Azure Spring Apps",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b459aa1d-e3c8-436f-ae21-c0531140f43e",
"name": "b459aa1d-e3c8-436f-ae21-c0531140f43e",
"permissions": [
{
"actions": [
"Microsoft.AppPlatform/Spring/read",
"Microsoft.AppPlatform/Spring/jobs/read",
"Microsoft.AppPlatform/Spring/jobs/executions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/jobs/executions/logstream/action",
"Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Apps Job Log Reader Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Rol de depuración remota de Azure Spring Apps
Rol de depuración remota de Azure Spring Apps
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action | Instancia de aplicación de depuración remota para una aplicación específica. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Azure Spring Apps Remote Debugging Role",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a99b0159-1064-4c22-a57b-c9b3caa1c054",
"name": "a99b0159-1064-4c22-a57b-c9b3caa1c054",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/apps/deployments/remotedebugging/action"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Apps Remote Debugging Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Rol de lector de registros de Spring Cloud Gateway de Azure Spring Apps
Lectura de registros en tiempo real de Spring Cloud Gateway en Azure Spring Apps
| Acciones | Descripción |
|---|---|
| Microsoft.AppPlatform/Spring/read | Obtiene las instancias del servicio Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/gateways/read | Obtiene las puertas de enlace de Spring Cloud para una instancia específica de servicio de Azure Spring Apps. |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action | Lea el registro de streaming de Spring Cloud Gateway desde una instancia de servicio específica de Azure Spring Apps. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps",
"id": "/providers/Microsoft.Authorization/roleDefinitions/4301dc2a-25a9-44b0-ae63-3636cf7f2bd2",
"name": "4301dc2a-25a9-44b0-ae63-3636cf7f2bd2",
"permissions": [
{
"actions": [
"Microsoft.AppPlatform/Spring/read",
"Microsoft.AppPlatform/Spring/gateways/read"
],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Apps Spring Cloud Gateway Log Reader Role",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador en Config Server de Azure Spring Cloud
Permite el acceso de lectura, escritura y eliminación en Config Server en Azure Spring Cloud.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/configService/read | Lee el contenido de la configuración (por ejemplo, application.yaml) para una instancia específica de servicio de Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/configService/write | Escribe el contenido del servidor de configuración para una instancia específica de servicio de Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/configService/delete | Elimina el contenido del servidor de configuración para una instancia específica de servicio de Azure Spring Apps. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Allow read, write and delete access to Azure Spring Cloud Config Server",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b",
"name": "a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/configService/read",
"Microsoft.AppPlatform/Spring/configService/write",
"Microsoft.AppPlatform/Spring/configService/delete"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Cloud Config Server Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lectura en Config Server de Azure Spring Cloud
Permite el acceso de lectura a Config Server en Azure Spring Cloud.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/configService/read | Lee el contenido de la configuración (por ejemplo, application.yaml) para una instancia específica de servicio de Azure Spring Apps. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Allow read access to Azure Spring Cloud Config Server",
"id": "/providers/Microsoft.Authorization/roleDefinitions/d04c6db6-4947-4782-9e91-30a88feb7be7",
"name": "d04c6db6-4947-4782-9e91-30a88feb7be7",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/configService/read"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Cloud Config Server Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lector de datos de Azure Spring Cloud
Permite el acceso de lectura a los datos de Azure Spring Cloud.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/*/read | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Allow read access to Azure Spring Cloud Data",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b5537268-8956-4941-a8f0-646150406f0c",
"name": "b5537268-8956-4941-a8f0-646150406f0c",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/*/read"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Cloud Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador en Service Registry de Azure Spring Cloud
Permite el acceso de lectura, escritura y eliminación en el registro de servicios de Azure Spring Cloud.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/eurekaService/read | Lee la información de registro de aplicaciones de usuario para una instancia específica de servicio de Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/eurekaService/write | Escribe la información de registro de aplicaciones de usuario para una instancia específica de servicio de Azure Spring Apps. |
| Microsoft.AppPlatform/Spring/eurekaService/delete | Elimina la información de registro de aplicaciones de usuario para una instancia específica de servicio de Azure Spring Apps. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Allow read, write and delete access to Azure Spring Cloud Service Registry",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f5880b48-c26d-48be-b172-7927bfa1c8f1",
"name": "f5880b48-c26d-48be-b172-7927bfa1c8f1",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/eurekaService/read",
"Microsoft.AppPlatform/Spring/eurekaService/write",
"Microsoft.AppPlatform/Spring/eurekaService/delete"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Cloud Service Registry Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lectura en Service Registry de Azure Spring Cloud
Permite el acceso de lectura en el registro de servicios de Azure Spring Cloud.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.AppPlatform/Spring/eurekaService/read | Lee la información de registro de aplicaciones de usuario para una instancia específica de servicio de Azure Spring Apps. |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Allow read access to Azure Spring Cloud Service Registry",
"id": "/providers/Microsoft.Authorization/roleDefinitions/cff1b556-2399-4e7e-856d-a8f754be7b65",
"name": "cff1b556-2399-4e7e-856d-a8f754be7b65",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AppPlatform/Spring/eurekaService/read"
],
"notDataActions": []
}
],
"roleName": "Azure Spring Cloud Service Registry Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Administrador de cuenta de Media Services
Crear, leer, modificar y eliminar cuentas de Media Services; acceso de solo lectura a otros recursos de Media Services.
| Acciones | Descripción |
|---|---|
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.Insights/métricas/lectura | Lee métricas |
| Microsoft.Insights/metricDefinitions/read | Lee definiciones de métricas |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.ResourceHealth/availabilityStatuses/read | Obtiene los estados de disponibilidad de todos los recursos en el ámbito especificado |
| Microsoft.Media/mediaservices/*/read | |
| Microsoft.Media/mediaservices/assets/listStreamingLocators/action | |
| Microsoft.Media/mediaservices/streamingLocators/listPaths/action | |
| Microsoft.Media/mediaservices/write | |
| Microsoft.Media/mediaservices/delete | |
| Microsoft.Media/mediaservices/privateEndpointConnectionsApproval/action | |
| Microsoft.Media/mediaservices/privateEndpointConnections/* | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Create, read, modify, and delete Media Services accounts; read-only access to other Media Services resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/054126f8-9a2b-4f1c-a9ad-eca461f08466",
"name": "054126f8-9a2b-4f1c-a9ad-eca461f08466",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metrics/read",
"Microsoft.Insights/metricDefinitions/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Media/mediaservices/*/read",
"Microsoft.Media/mediaservices/assets/listStreamingLocators/action",
"Microsoft.Media/mediaservices/streamingLocators/listPaths/action",
"Microsoft.Media/mediaservices/write",
"Microsoft.Media/mediaservices/delete",
"Microsoft.Media/mediaservices/privateEndpointConnectionsApproval/action",
"Microsoft.Media/mediaservices/privateEndpointConnections/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Media Services Account Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Administrador de eventos en directo de Media Services
Crear, leer, modificar y eliminar eventos en directo, recursos, filtros de recursos y localizadores de streaming; acceso de solo lectura a otros recursos de Media Services.
| Acciones | Descripción |
|---|---|
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.Insights/métricas/lectura | Lee métricas |
| Microsoft.Insights/metricDefinitions/read | Lee definiciones de métricas |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.ResourceHealth/availabilityStatuses/read | Obtiene los estados de disponibilidad de todos los recursos en el ámbito especificado |
| Microsoft.Media/mediaservices/*/read | |
| Microsoft.Media/mediaservices/assets/* | |
| Microsoft.Media/mediaservices/assets/assetfilters/* | |
| Microsoft.Media/mediaservices/streamingLocators/* | |
| Microsoft.Media/mediaservices/liveEvents/* | |
| NotActions | |
| Microsoft.Media/mediaservices/assets/getEncryptionKey/action | |
| Microsoft.Media/mediaservices/streamingLocators/listContentKeys/action | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Create, read, modify, and delete Live Events, Assets, Asset Filters, and Streaming Locators; read-only access to other Media Services resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/532bc159-b25e-42c0-969e-a1d439f60d77",
"name": "532bc159-b25e-42c0-969e-a1d439f60d77",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metrics/read",
"Microsoft.Insights/metricDefinitions/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Media/mediaservices/*/read",
"Microsoft.Media/mediaservices/assets/*",
"Microsoft.Media/mediaservices/assets/assetfilters/*",
"Microsoft.Media/mediaservices/streamingLocators/*",
"Microsoft.Media/mediaservices/liveEvents/*"
],
"notActions": [
"Microsoft.Media/mediaservices/assets/getEncryptionKey/action",
"Microsoft.Media/mediaservices/streamingLocators/listContentKeys/action"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Media Services Live Events Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operador multimedia de Media Services
Crear, leer, modificar y eliminar recursos, filtros de recursos, localizadores de streaming y trabajos; acceso de solo lectura a otros recursos de Media Services.
| Acciones | Descripción |
|---|---|
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.Insights/métricas/lectura | Lee métricas |
| Microsoft.Insights/metricDefinitions/read | Lee definiciones de métricas |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.ResourceHealth/availabilityStatuses/read | Obtiene los estados de disponibilidad de todos los recursos en el ámbito especificado |
| Microsoft.Media/mediaservices/*/read | |
| Microsoft.Media/mediaservices/assets/* | |
| Microsoft.Media/mediaservices/assets/assetfilters/* | |
| Microsoft.Media/mediaservices/streamingLocators/* | |
| Microsoft.Media/mediaservices/transforms/jobs/* | |
| NotActions | |
| Microsoft.Media/mediaservices/assets/getEncryptionKey/action | |
| Microsoft.Media/mediaservices/streamingLocators/listContentKeys/action | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Create, read, modify, and delete Assets, Asset Filters, Streaming Locators, and Jobs; read-only access to other Media Services resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e4395492-1534-4db2-bedf-88c14621589c",
"name": "e4395492-1534-4db2-bedf-88c14621589c",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metrics/read",
"Microsoft.Insights/metricDefinitions/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Media/mediaservices/*/read",
"Microsoft.Media/mediaservices/assets/*",
"Microsoft.Media/mediaservices/assets/assetfilters/*",
"Microsoft.Media/mediaservices/streamingLocators/*",
"Microsoft.Media/mediaservices/transforms/jobs/*"
],
"notActions": [
"Microsoft.Media/mediaservices/assets/getEncryptionKey/action",
"Microsoft.Media/mediaservices/streamingLocators/listContentKeys/action"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Media Services Media Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Administrador de directivas de Media Services
Crear, leer, modificar y eliminar filtros de cuenta, directivas de streaming, directivas de clave de contenido y transformaciones; acceso de solo lectura a otros recursos de Media Services. No puede crear trabajos, recursos o recursos de streaming.
| Acciones | Descripción |
|---|---|
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.Insights/métricas/lectura | Lee métricas |
| Microsoft.Insights/metricDefinitions/read | Lee definiciones de métricas |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.ResourceHealth/availabilityStatuses/read | Obtiene los estados de disponibilidad de todos los recursos en el ámbito especificado |
| Microsoft.Media/mediaservices/*/read | |
| Microsoft.Media/mediaservices/assets/listStreamingLocators/action | |
| Microsoft.Media/mediaservices/streamingLocators/listPaths/action | |
| Microsoft.Media/mediaservices/accountFilters/* | |
| Microsoft.Media/mediaservices/streamingPolicies/* | |
| Microsoft.Media/mediaservices/contentKeyPolicies/* | |
| Microsoft.Media/mediaservices/transforms/* | |
| NotActions | |
| Microsoft.Media/mediaservices/contentKeyPolicies/getPolicyPropertiesWithSecrets/action | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Create, read, modify, and delete Account Filters, Streaming Policies, Content Key Policies, and Transforms; read-only access to other Media Services resources. Cannot create Jobs, Assets or Streaming resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c4bba371-dacd-4a26-b320-7250bca963ae",
"name": "c4bba371-dacd-4a26-b320-7250bca963ae",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metrics/read",
"Microsoft.Insights/metricDefinitions/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Media/mediaservices/*/read",
"Microsoft.Media/mediaservices/assets/listStreamingLocators/action",
"Microsoft.Media/mediaservices/streamingLocators/listPaths/action",
"Microsoft.Media/mediaservices/accountFilters/*",
"Microsoft.Media/mediaservices/streamingPolicies/*",
"Microsoft.Media/mediaservices/contentKeyPolicies/*",
"Microsoft.Media/mediaservices/transforms/*"
],
"notActions": [
"Microsoft.Media/mediaservices/contentKeyPolicies/getPolicyPropertiesWithSecrets/action"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Media Services Policy Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Administrador de puntos de conexión de streaming de Media Services
Crear, leer, modificar y eliminar puntos de conexión de streaming; acceso de solo lectura a otros recursos de Media Services.
| Acciones | Descripción |
|---|---|
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.Insights/métricas/lectura | Lee métricas |
| Microsoft.Insights/metricDefinitions/read | Lee definiciones de métricas |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.ResourceHealth/availabilityStatuses/read | Obtiene los estados de disponibilidad de todos los recursos en el ámbito especificado |
| Microsoft.Media/mediaservices/*/read | |
| Microsoft.Media/mediaservices/assets/listStreamingLocators/action | |
| Microsoft.Media/mediaservices/streamingLocators/listPaths/action | |
| Microsoft.Media/mediaservices/streamingEndpoints/* | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Create, read, modify, and delete Streaming Endpoints; read-only access to other Media Services resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/99dba123-b5fe-44d5-874c-ced7199a5804",
"name": "99dba123-b5fe-44d5-874c-ced7199a5804",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/metrics/read",
"Microsoft.Insights/metricDefinitions/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Media/mediaservices/*/read",
"Microsoft.Media/mediaservices/assets/listStreamingLocators/action",
"Microsoft.Media/mediaservices/streamingLocators/listPaths/action",
"Microsoft.Media/mediaservices/streamingEndpoints/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Media Services Streaming Endpoints Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lector AccessKey de SignalR
Lee las claves de acceso de SignalR Service.
| Acciones | Descripción |
|---|---|
| Microsoft.SignalRService/*/read | |
| Microsoft.SignalRService/SignalR/listkeys/action | Visualiza el valor de las claves de acceso de SignalR en el portal de administración o mediante de la API. |
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.Support/* | Creación y actualización de una incidencia de soporte técnico |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Read SignalR Service Access Keys",
"id": "/providers/Microsoft.Authorization/roleDefinitions/04165923-9d83-45d5-8227-78b77b0a687e",
"name": "04165923-9d83-45d5-8227-78b77b0a687e",
"permissions": [
{
"actions": [
"Microsoft.SignalRService/*/read",
"Microsoft.SignalRService/SignalR/listkeys/action",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "SignalR AccessKey Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Servidor de aplicaciones de SignalR
Permite que el servidor de aplicaciones acceda al servicio SignalR con opciones de autenticación de AAD.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.SignalRService/SignalR/auth/accessKey/action | Generación de una clave de acceso para firmar AccessTokens, la clave expirará en 90 minutos de forma predeterminada. |
| Microsoft.SignalRService/SignalR/serverConnection/write | Inicio de una conexión de servidor |
| Microsoft.SignalRService/SignalR/clientConnection/write | Cierre de la conexión de cliente |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Lets your app server access SignalR Service with AAD auth options.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/420fcaa2-552c-430f-98ca-3264be4806c7",
"name": "420fcaa2-552c-430f-98ca-3264be4806c7",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.SignalRService/SignalR/auth/accessKey/action",
"Microsoft.SignalRService/SignalR/serverConnection/write",
"Microsoft.SignalRService/SignalR/clientConnection/write"
],
"notDataActions": []
}
],
"roleName": "SignalR App Server",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Propietario de la API REST de SignalR
Acceso completo a las API REST de Azure SignalR Service.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.SignalRService/SignalR/auth/clientToken/action | Generar un AccessToken para que el cliente se conecte a ASRS, el token expirará en 5 minutos de forma predeterminada. |
| Microsoft.SignalRService/SignalR/hub/* | |
| Microsoft.SignalRService/SignalR/group/* | |
| Microsoft.SignalRService/SignalR/clientConnection/* | |
| Microsoft.SignalRService/SignalR/user/* | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Full access to Azure SignalR Service REST APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/fd53cd77-2268-407a-8f46-7e7863d0f521",
"name": "fd53cd77-2268-407a-8f46-7e7863d0f521",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.SignalRService/SignalR/auth/clientToken/action",
"Microsoft.SignalRService/SignalR/hub/*",
"Microsoft.SignalRService/SignalR/group/*",
"Microsoft.SignalRService/SignalR/clientConnection/*",
"Microsoft.SignalRService/SignalR/user/*"
],
"notDataActions": []
}
],
"roleName": "SignalR REST API Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lector de la API REST de SignalR
Acceso de solo lectura a las API REST de Azure SignalR Service.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.SignalRService/SignalR/group/read | Comprobar la existencia de grupos o la existencia del usuario en el grupo |
| Microsoft.SignalRService/SignalR/clientConnection/read | Comprobación de la existencia de la conexión de cliente |
| Microsoft.SignalRService/SignalR/user/read | Comprobación de la existencia del usuario |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Read-only access to Azure SignalR Service REST APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/ddde6b66-c0df-4114-a159-3618637b3035",
"name": "ddde6b66-c0df-4114-a159-3618637b3035",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.SignalRService/SignalR/group/read",
"Microsoft.SignalRService/SignalR/clientConnection/read",
"Microsoft.SignalRService/SignalR/user/read"
],
"notDataActions": []
}
],
"roleName": "SignalR REST API Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Propietario de SignalR Service
Acceso completo a las API REST de Azure SignalR Service.
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.SignalRService/SignalR/* | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Full access to Azure SignalR Service REST APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/7e4f1700-ea5a-4f59-8f37-079cfe29dce3",
"name": "7e4f1700-ea5a-4f59-8f37-079cfe29dce3",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.SignalRService/SignalR/*"
],
"notDataActions": []
}
],
"roleName": "SignalR Service Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador de SignalR y Web PubSub
Crea, lee, actualiza y elimina recursos del servicio SignalR.
| Acciones | Descripción |
|---|---|
| Microsoft.SignalRService/* | |
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Support/* | Creación y actualización de una incidencia de soporte técnico |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Create, Read, Update, and Delete SignalR service resources",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761",
"name": "8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761",
"permissions": [
{
"actions": [
"Microsoft.SignalRService/*",
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "SignalR/Web PubSub Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador de plan web
Administra los planes web para los sitios web. No le permite asignar roles en RBAC de Azure.
| Acciones | Descripción |
|---|---|
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.ResourceHealth/availabilityStatuses/read | Obtiene los estados de disponibilidad de todos los recursos en el ámbito especificado |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.Support/* | Creación y actualización de una incidencia de soporte técnico |
| Microsoft.Web/serverFarms/* | Crear y administrar granjas de servidores |
| Microsoft.Web/hostingEnvironments/Join/Action | Se une a App Service Environment. |
| Microsoft.Insights/autoscalesettings/* | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage the web plans for websites, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b",
"name": "2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/serverFarms/*",
"Microsoft.Web/hostingEnvironments/Join/Action",
"Microsoft.Insights/autoscalesettings/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Web Plan Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Propietario del servicio Web PubSub
Acceso total a las API REST del servicio Azure Web PubSub
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.SignalRService/WebPubSub/* | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Full access to Azure Web PubSub Service REST APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/12cf5a90-567b-43ae-8102-96cf46c7d9b4",
"name": "12cf5a90-567b-43ae-8102-96cf46c7d9b4",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.SignalRService/WebPubSub/*"
],
"notDataActions": []
}
],
"roleName": "Web PubSub Service Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lector del servicio Web PubSub
Acceso de solo lectura a las API REST del servicio Azure Web PubSub
| Acciones | Descripción |
|---|---|
| ninguno | |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| Microsoft.SignalRService/WebPubSub/*/read | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Read-only access to Azure Web PubSub Service REST APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf",
"name": "bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.SignalRService/WebPubSub/*/read"
],
"notDataActions": []
}
],
"roleName": "Web PubSub Service Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Colaborador de sitio web
Administra sitios web, pero no planes web. No le permite asignar roles en RBAC de Azure.
| Acciones | Descripción |
|---|---|
| Microsoft.Authorization/*/read | Leer roles y asignaciones de roles |
| Microsoft.Insights/alertRules/* | Creación y administración de una alerta de métricas clásica |
| Microsoft.Insights/componentes/* | Crear y administrar componentes de Insights |
| Microsoft.ResourceHealth/availabilityStatuses/read | Obtiene los estados de disponibilidad de todos los recursos en el ámbito especificado |
| Microsoft.Resources/deployments/* | Creación y administración de una implementación |
| Microsoft.Resources/subscriptions/resourceGroups/read | Obtiene o enumera los grupos de recursos. |
| Microsoft.Support/* | Creación y actualización de una incidencia de soporte técnico |
| Microsoft.Web/certificados/* | Crear y administrar certificados de sitios web |
| Microsoft.Web/listSitesAssignedToHostName/read | Obtiene los nombres de sitios asignados al nombre de host. |
| Microsoft.Web/registro/acción | Registra el proveedor de recursos de Microsoft.Web de la suscripción. |
| Microsoft.Web/serverFarms/join/action | Unirse a un plan de App Service |
| Microsoft.Web/serverFarms/read | Obtiene las propiedades de un plan de App Service |
| Microsoft.Web/sitios/* | Crear y administrar sitios web (la creación de sitios también requiere permisos de escritura para el plan de App Service asociado) |
| NotActions | |
| ninguno | |
| Acciones de datos | |
| ninguno | |
| NotDataActions | |
| ninguno |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage websites (not web plans), but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772",
"name": "de139f84-1756-47ae-9be6-808fbbe84772",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/components/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*",
"Microsoft.Web/certificates/*",
"Microsoft.Web/listSitesAssignedToHostName/read",
"Microsoft.Web/register/action",
"Microsoft.Web/serverFarms/join/action",
"Microsoft.Web/serverFarms/read",
"Microsoft.Web/sites/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Website Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}