Ruoli predefiniti di Azure per intelligenza artificiale e Machine Learning
Questo articolo elenca i ruoli predefiniti di Azure nella categoria intelligenza artificiale e Machine Learning.
Collaboratore partner sensore Ag Food Platform
Fornisce l'accesso per gestire le entità correlate ai sensori nel servizio AgFood Platform
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/* | |
NotDataActions | |
Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete | Elimina una risorsa di sensori Ag FoodPlatform esistente limitata all'ambito del partner sensore del chiamante. |
{
"assignableScopes": [
"/"
],
"description": "Provides contribute access to manage sensor related entities in AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67",
"name": "6b77f0a0-0d89-41cc-acd1-579c22c17a67",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*"
],
"notDataActions": [
"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete"
]
}
],
"roleName": "AgFood Platform Sensor Partner Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Amministratore del servizio AgFood Platform
Fornisce l'accesso amministratore al servizio AgFood Platform
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.AgFoodPlatform/* | Creare, aggiornare, leggere ed eliminare tutte le risorse di AgFood Platform. |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Provides admin access to AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3",
"name": "f8da80de-1ff9-4747-ad80-a19b7f6079e3",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/*"
],
"notDataActions": []
}
],
"roleName": "AgFood Platform Service Admin",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Collaboratore al servizio AgFood Platform
Fornisce l'accesso con contributo al servizio AgFood Platform
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.AgFoodPlatform/*/action | |
Microsoft.AgFoodPlatform/*/read | Legge tutte le risorse di Ag Food Platform. |
Microsoft.AgFoodPlatform/*/write | Creare e aggiornare tutte le risorse di Ag Food Platform. |
NotDataActions | |
Microsoft.AgFoodPlatform/farmBeats/farmers/write | Crea o aggiorna gli agricoltori AgFoodPlatform. |
Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write | |
Microsoft.AgFoodPlatform/farmBeats/party/write | Crea o aggiorna le parti AgFoodPlatform. |
Microsoft.AgFoodPlatform/farmBeats/datasets/write | Crea o aggiorna set di dati AgFoodPlatform. |
Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write | Crea o aggiorna i record del set di dati AgFoodPlatform. |
Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action |
{
"assignableScopes": [
"/"
],
"description": "Provides contribute access to AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728",
"name": "8508508a-4469-4e45-963b-2518ee0bb728",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/*/action",
"Microsoft.AgFoodPlatform/*/read",
"Microsoft.AgFoodPlatform/*/write"
],
"notDataActions": [
"Microsoft.AgFoodPlatform/farmBeats/farmers/write",
"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write",
"Microsoft.AgFoodPlatform/farmBeats/parties/write",
"Microsoft.AgFoodPlatform/farmBeats/datasets/write",
"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write",
"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action"
]
}
],
"roleName": "AgFood Platform Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lettore di servizi AgFood Platform
Fornisce l'accesso in lettura al servizio AgFood Platform
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.AgFoodPlatform/*/list/action | |
Microsoft.AgFoodPlatform/*/read | Legge tutte le risorse di Ag Food Platform. |
Microsoft.AgFoodPlatform/*/search/action | |
Microsoft.AgFoodPlatform/*/download/action | |
Microsoft.AgFoodPlatform/*/overlap/action | |
Microsoft.AgFoodPlatform/*/checkConsent/action | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Provides read access to AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba",
"name": "7ec7ccdc-f61e-41fe-9aaf-980df0a44eba",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/*/list/action",
"Microsoft.AgFoodPlatform/*/read",
"Microsoft.AgFoodPlatform/*/search/action",
"Microsoft.AgFoodPlatform/*/download/action",
"Microsoft.AgFoodPlatform/*/overlap/action",
"Microsoft.AgFoodPlatform/*/checkConsent/action"
],
"notDataActions": []
}
],
"roleName": "AgFood Platform Service Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Sviluppatore di Azure per intelligenza artificiale
Può eseguire tutte le azioni all'interno di una risorsa di Intelligenza artificiale di Azure oltre a gestire la risorsa stessa.
Azioni | Descrizione |
---|---|
Microsoft.MachineLearningServices/workspaces/*/read | |
Microsoft.MachineLearningServices/workspaces/*/action | |
Microsoft.MachineLearningServices/workspaces/*/delete | |
Microsoft.MachineLearningServices/workspaces/*/write | |
Microsoft.MachineLearningServices/locations/*/read | |
Microsoft.Authorization/*/read | Leggere i ruoli e le assegnazioni di ruoli |
Microsoft.Resources/deployments/* | Creare e gestire una distribuzione |
NotActions | |
Microsoft.MachineLearningServices/workspaces/delete | Elimina le aree di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/write | Crea o aggiorna le aree di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/listKeys/action | Elenca i segreti per un'area di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/hubs/write | Crea o aggiorna un'area di lavoro dell'hub di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/hubs/delete | Elimina le aree di lavoro dell'hub di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/featurestores/write | Crea o aggiorna gli archivi funzionalità di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/featurestores/delete | Elimina gli archivi funzionalità di Machine Learning Services |
DataActions | |
Microsoft.CognitiveServices/accounts/OpenAI/* | |
Microsoft.CognitiveServices/accounts/SpeechServices/* | |
Microsoft.CognitiveServices/accounts/ContentSafety/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions within an Azure AI resource besides managing the resource itself.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee",
"name": "64702f94-c441-49e6-a78b-ef80e0188fee",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/*/read",
"Microsoft.MachineLearningServices/workspaces/*/action",
"Microsoft.MachineLearningServices/workspaces/*/delete",
"Microsoft.MachineLearningServices/workspaces/*/write",
"Microsoft.MachineLearningServices/locations/*/read",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*"
],
"notActions": [
"Microsoft.MachineLearningServices/workspaces/delete",
"Microsoft.MachineLearningServices/workspaces/write",
"Microsoft.MachineLearningServices/workspaces/listKeys/action",
"Microsoft.MachineLearningServices/workspaces/hubs/write",
"Microsoft.MachineLearningServices/workspaces/hubs/delete",
"Microsoft.MachineLearningServices/workspaces/featurestores/write",
"Microsoft.MachineLearningServices/workspaces/featurestores/delete"
],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/*",
"Microsoft.CognitiveServices/accounts/SpeechServices/*",
"Microsoft.CognitiveServices/accounts/ContentSafety/*"
],
"notDataActions": []
}
],
"roleName": "Azure AI Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Responsabile approvazione della connessione di rete aziendale di Azure AI Enterprise
Può approvare le connessioni degli endpoint privati alle risorse di dipendenza comuni di Intelligenza artificiale di Azure
Azioni | Descrizione |
---|---|
Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action | Approva automaticamente una connessione endpoint privato |
Microsoft.ContainerRegistry/registries/privateEndpointConnections/read | Ottiene le proprietà della connessione all'endpoint privato o elenca tutte le connessioni endpoint private per il registro contenitori specificato |
Microsoft.ContainerRegistry/registries/privateEndpointConnections/write | Approva/rifiuta la connessione all'endpoint privato |
Microsoft.Cache/redis/read | Visualizza la configurazione e le impostazioni della Cache Redis nel portale di gestione |
Microsoft.Cache/redis/privateEndpointConnections/read | Leggere una connessione endpoint privato |
Microsoft.Cache/redis/privateEndpointConnections/write | Scrivere una connessione endpoint privato |
Microsoft.Cache/redis/privateLinkResources/read | Leggere "groupId" della sottorisorsa redis a cui è possibile connettere un collegamento privato |
Microsoft.Cache/redis/privateEndpointConnectionsApproval/action | Approvare le connessioni endpoint privato |
Microsoft.Cache/redisEnterprise/read | Visualizzare la configurazione e le impostazioni della cache di Redis Enterprise nel portale di gestione |
Microsoft.Cache/redisEnterprise/privateEndpointConnections/read | Leggere una connessione endpoint privato |
Microsoft.Cache/redisEnterprise/privateEndpointConnections/write | Scrivere una connessione endpoint privato |
Microsoft.Cache/redisEnterprise/privateLinkResources/read | Leggere "groupId" della sottorisorsa redis a cui è possibile connettere un collegamento privato |
Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action | Approvare le connessioni endpoint privato |
Microsoft.CognitiveServices/accounts/read | Legge gli account delle API. |
Microsoft.CognitiveServices/accounts/privateEndpointConnections/read | Legge le connessioni dell'endpoint privato. |
Microsoft.CognitiveServices/accounts/privateEndpointConnections/write | Scrive le connessioni di un endpoint privato. |
Microsoft.CognitiveServices/accounts/privateLinkResources/read | Legge le risorse di collegamento privato per un account. |
Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action | Gestire una connessione endpoint privato dell'account di database |
Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read | Leggere una connessione all'endpoint privato o elencare tutte le connessioni endpoint private di un account di database |
Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write | Creare o aggiornare una connessione endpoint privato di un account di database |
Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read | Leggere una risorsa collegamento privato o elencare tutte le risorse di collegamento privato di un account di database |
Microsoft.DocumentDB/databaseAccounts/read | Esegue la lettura di un account di database. |
Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action | Approvare o rifiutare una connessione a una risorsa endpoint privato del provider Microsoft.Network |
Microsoft.KeyVault/vaults/privateEndpointConnections/read | Visualizzare lo stato di una connessione a una risorsa endpoint privato del provider Microsoft.Network |
Microsoft.KeyVault/vaults/privateEndpointConnections/write | Modificare lo stato di una connessione a una risorsa endpoint privato del provider Microsoft.Network |
Microsoft.KeyVault/vaults/privateLinkResources/read | Ottenere le risorse di collegamento privato disponibili per l'istanza specificata di Key Vault |
Microsoft.KeyVault/vaults/read | Visualizza le proprietà di un insieme di credenziali delle chiavi |
Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action | Approvare o rifiutare una connessione a una risorsa endpoint privato del provider Microsoft.Network |
Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read | Visualizzare lo stato di una connessione a una risorsa endpoint privato del provider Microsoft.Network |
Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write | Modificare lo stato di una connessione a una risorsa endpoint privato del provider Microsoft.Network |
Microsoft.MachineLearningServices/workspaces/privateLinkResources/read | Ottiene le risorse di collegamento privato disponibili per l'istanza specificata delle aree di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/read | Recupera le aree di lavoro di Machine Learning Services |
Microsoft.Storage/storageAccounts/privateEndpointConnections/read | Ottenere la connessione all'endpoint privato |
Microsoft.Storage/storageAccounts/privateEndpointConnections/write | Inserisci connessione endpoint privato |
Microsoft.Storage/storageAccounts/privateLinkResources/read | Ottenere i groupid di StorageAccount |
Microsoft.Storage/storageAccounts/read | Restituisce l'elenco di account di archiviazione o ottiene le proprietà per l’account di archiviazione specificato. |
Microsoft.Sql/servers/privateEndpointConnectionsApproval/action | Determina se l'utente è autorizzato ad approvare una connessione endpoint privato |
Microsoft.Sql/servers/privateEndpointConnections/read | Restituisce l'elenco delle connessioni dell'endpoint privato o ottiene le proprietà per la connessione all'endpoint privato specificata. |
Microsoft.Sql/servers/privateEndpointConnections/write | Approva o rifiuta una connessione endpoint privato esistente |
Microsoft.Sql/servers/privateLinkResources/read | Ottenere le risorse del collegamento privato per il server SQL corrispondente |
Microsoft.Sql/servers/read | Restituisce l'elenco di server o ottiene le proprietà per il server specificato |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can approve private endpoint connections to Azure AI common dependency resources",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea",
"name": "b556d68e-0be0-4f35-a333-ad7ee1ce17ea",
"permissions": [
{
"actions": [
"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action",
"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read",
"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write",
"Microsoft.Cache/redis/read",
"Microsoft.Cache/redis/privateEndpointConnections/read",
"Microsoft.Cache/redis/privateEndpointConnections/write",
"Microsoft.Cache/redis/privateLinkResources/read",
"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action",
"Microsoft.Cache/redisEnterprise/read",
"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read",
"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write",
"Microsoft.Cache/redisEnterprise/privateLinkResources/read",
"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action",
"Microsoft.CognitiveServices/accounts/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write",
"Microsoft.CognitiveServices/accounts/privateLinkResources/read",
"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action",
"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read",
"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write",
"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read",
"Microsoft.DocumentDB/databaseAccounts/read",
"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action",
"Microsoft.KeyVault/vaults/privateEndpointConnections/read",
"Microsoft.KeyVault/vaults/privateEndpointConnections/write",
"Microsoft.KeyVault/vaults/privateLinkResources/read",
"Microsoft.KeyVault/vaults/read",
"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action",
"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read",
"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write",
"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read",
"Microsoft.MachineLearningServices/workspaces/read",
"Microsoft.Storage/storageAccounts/privateEndpointConnections/read",
"Microsoft.Storage/storageAccounts/privateEndpointConnections/write",
"Microsoft.Storage/storageAccounts/privateLinkResources/read",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action",
"Microsoft.Sql/servers/privateEndpointConnections/read",
"Microsoft.Sql/servers/privateEndpointConnections/write",
"Microsoft.Sql/servers/privateLinkResources/read",
"Microsoft.Sql/servers/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure AI Enterprise Network Connection Approver",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operatore di distribuzione dell'inferenza di Azure per intelligenza artificiale
Può eseguire tutte le azioni necessarie per creare una distribuzione di risorse all'interno di un gruppo di risorse.
Azioni | Descrizione |
---|---|
Microsoft.Authorization/*/read | Leggere i ruoli e le assegnazioni di ruoli |
Microsoft.Resources/deployments/* | Creare e gestire una distribuzione |
Microsoft.Insights/AutoscaleSettings/write | Crea o aggiorna un'impostazione di scalabilità automatica |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions required to create a resource deployment within a resource group.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503",
"name": "3afb7f49-54cb-416e-8c09-6dc049efa503",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Insights/AutoscaleSettings/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure AI Inference Deployment Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Operatore di calcolo di AzureML
Può accedere ed eseguire operazioni CRUD sulle risorse di calcolo gestite di Machine Learning Services (incluse le macchine virtuali notebook).
Azioni | Descrizione |
---|---|
Microsoft.MachineLearningServices/workspaces/computes/* | |
Microsoft.MachineLearningServices/workspaces/notebooks/vm/* | |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815",
"name": "e503ece1-11d0-4e8e-8e2c-7a6c3bf38815",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/computes/*",
"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Compute Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Scienziato dei dati di AzureML
Può eseguire tutte le azioni all'interno di un'area di lavoro di Azure Machine Learning, ad eccezione della creazione o dell'eliminazione delle risorse di calcolo e della modifica dell'area di lavoro stessa.
Azioni | Descrizione |
---|---|
Microsoft.MachineLearningServices/workspaces/*/read | |
Microsoft.MachineLearningServices/workspaces/*/action | |
Microsoft.MachineLearningServices/workspaces/*/delete | |
Microsoft.MachineLearningServices/workspaces/*/write | |
NotActions | |
Microsoft.MachineLearningServices/workspaces/delete | Elimina le aree di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/write | Crea o aggiorna le aree di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/computes/*/write | |
Microsoft.MachineLearningServices/workspaces/computes/*/delete | |
Microsoft.MachineLearningServices/workspaces/computes/listKeys/action | Elenca i segreti per le risorse di calcolo nell'area di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/listKeys/action | Elenca i segreti per un'area di lavoro di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/hubs/write | Crea o aggiorna un'area di lavoro dell'hub di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/hubs/delete | Elimina le aree di lavoro dell'hub di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/featurestores/write | Crea o aggiorna gli archivi funzionalità di Machine Learning Services |
Microsoft.MachineLearningServices/workspaces/featurestores/delete | Elimina gli archivi funzionalità di Machine Learning Services |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121",
"name": "f6c7c914-8db3-469d-8ca1-694a8f32e121",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/*/read",
"Microsoft.MachineLearningServices/workspaces/*/action",
"Microsoft.MachineLearningServices/workspaces/*/delete",
"Microsoft.MachineLearningServices/workspaces/*/write"
],
"notActions": [
"Microsoft.MachineLearningServices/workspaces/delete",
"Microsoft.MachineLearningServices/workspaces/write",
"Microsoft.MachineLearningServices/workspaces/computes/*/write",
"Microsoft.MachineLearningServices/workspaces/computes/*/delete",
"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action",
"Microsoft.MachineLearningServices/workspaces/listKeys/action",
"Microsoft.MachineLearningServices/workspaces/hubs/write",
"Microsoft.MachineLearningServices/workspaces/hubs/delete",
"Microsoft.MachineLearningServices/workspaces/featurestores/write",
"Microsoft.MachineLearningServices/workspaces/featurestores/delete"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Data Scientist",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Writer metriche di AzureML (anteprima)
Consente di scrivere metriche nell'area di lavoro di AzureML
Azioni | Descrizione |
---|---|
Microsoft.MachineLearningServices/workspaces/metrics/*/write | |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you write metrics to AzureML workspace",
"id": "/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae",
"name": "635dd51f-9968-44d3-b7fb-6d9a6bd613ae",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/metrics/*/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Metrics Writer (preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Utente del registro di AzureML
Può eseguire tutte le azioni sugli asset del Registro di sistema di Machine Learning Services e ottenere le risorse del Registro di sistema.
Azioni | Descrizione |
---|---|
Microsoft.MachineLearningServices/registries/read | Ottiene il Registro di sistema di Machine Learning Services (ies) |
Microsoft.MachineLearningServices/registries/assets/* | |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615",
"name": "1823dd4f-9b8c-4ab6-ab4e-7397a3684615",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/registries/read",
"Microsoft.MachineLearningServices/registries/assets/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Registry User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Collaboratore Servizi cognitivi
Consente di creare, leggere, aggiornare, eliminare e gestire le chiavi di Servizi cognitivi.
Azioni | Descrizione |
---|---|
Microsoft.Authorization/*/read | Leggere i ruoli e le assegnazioni di ruoli |
Microsoft.CognitiveServices/* | |
Microsoft.Features/features/read | Ottiene le funzionalità di una sottoscrizione. |
Microsoft.Features/providers/features/read | Ottiene la funzionalità di una sottoscrizione in un provider di risorse specificato. |
Microsoft.Features/providers/features/register/action | Registra la funzionalità per una sottoscrizione in un provider di risorse specificato. |
Microsoft.Insights/alertRules/* | Creare e gestire un avviso classico per le metriche |
Microsoft.Insights/diagnosticSettings/* | Crea, aggiorna o legge l'impostazione di diagnostica per Analysis Server |
Microsoft.Insights/logDefinitions/read | Consente di leggere le definizioni del log |
Microsoft.Insights/metricdefinitions/read | Consente di leggere le definizioni della metrica |
Microsoft.Insights/metrics/read | Esegue la lettura delle metriche |
Microsoft.ResourceHealth/availabilityStatuses/read | Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificato |
Microsoft.Resources/deployments/* | Creare e gestire una distribuzione |
Microsoft.Resources/deployments/operations/read | Ottiene o elenca le operazioni di distribuzione. |
Microsoft.Resources/subscriptions/operationresults/read | Ottiene i risultati dell'operazione di sottoscrizione. |
Microsoft.Resources/subscriptions/read | Ottiene l'elenco delle sottoscrizioni. |
Microsoft.Resources/subscriptions/resourcegroups/deployments/* | |
Microsoft.Resources/subscriptions/resourceGroups/read | Ottiene o elenca i gruppi di risorse. |
Microsoft.Support/* | Creare e aggiornare un ticket di supporto |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you create, read, update, delete and manage keys of Cognitive Services.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68",
"name": "25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.CognitiveServices/*",
"Microsoft.Features/features/read",
"Microsoft.Features/providers/features/read",
"Microsoft.Features/providers/features/register/action",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.Insights/logDefinitions/read",
"Microsoft.Insights/metricdefinitions/read",
"Microsoft.Insights/metrics/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Cognitive Services Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Collaboratore Visione personalizzata Servizi cognitivi
Accesso completo al progetto, inclusa la possibilità di visualizzare, creare, modificare o eliminare progetti.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Full access to the project, including the ability to view, create, edit, or delete projects.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3",
"name": "c1ff6cc2-c111-46fe-8896-e0ef812ad9f3",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Custom Vision Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Distribuzione di Servizi cognitivi Visione personalizzata
Pubblicare, annullare la pubblicazione o l'esportazione di modelli. La distribuzione può visualizzare il progetto ma non può eseguire l'aggiornamento.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/*/read | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/* | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/* | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/* | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/* | |
Microsoft.CognitiveServices/accounts/CustomVision/classify/* | |
Microsoft.CognitiveServices/accounts/CustomVision/detect/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | Esporta un progetto. |
{
"assignableScopes": [
"/"
],
"description": "Publish, unpublish or export models. Deployment can view the project but can't update.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f",
"name": "5c4089e1-6d96-4d2f-b296-c1bc7137275f",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*/read",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*",
"Microsoft.CognitiveServices/accounts/CustomVision/classify/*",
"Microsoft.CognitiveServices/accounts/CustomVision/detect/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Deployment",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Labeler di Servizi cognitivi Visione personalizzata
Visualizzare, modificare le immagini di training e creare, aggiungere, rimuovere o eliminare i tag di immagine. Gli etichettatori possono visualizzare il progetto, ma non possono aggiornare elementi diversi da immagini e tag di training.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/*/read | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action | Ottenere le immagini inviate all'endpoint di stima. |
Microsoft.CognitiveServices/accounts/CustomVision/projects/images/* | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/* | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/* | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action | Questa API otterrà tag e aree suggeriti per una matrice/batch di immagini senza tag insieme alle confidenza per i tag. Restituisce una matrice vuota se non vengono trovati tag. |
NotDataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | Esporta un progetto. |
{
"assignableScopes": [
"/"
],
"description": "View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can't update anything other than training images and tags.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c",
"name": "88424f51-ebe7-446f-bc41-7fa16989e96c",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*/read",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Labeler",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lettore di servizi cognitivi Visione personalizzata
Azioni di sola lettura nel progetto. I lettori non possono creare o aggiornare il progetto.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/*/read | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action | Ottenere le immagini inviate all'endpoint di stima. |
NotDataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | Esporta un progetto. |
{
"assignableScopes": [
"/"
],
"description": "Read-only actions in the project. Readers can't create or update the project.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73",
"name": "93586559-c37d-4a6b-ba08-b9f0940c2d73",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*/read",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Servizi cognitivi Visione personalizzata Trainer
Visualizzare, modificare i progetti ed eseguire il training dei modelli, inclusa la possibilità di pubblicare, annullare la pubblicazione, esportare i modelli. I formatori non possono creare o eliminare il progetto.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/CustomVision/projects/action | Creare un progetto. |
Microsoft.CognitiveServices/accounts/CustomVision/projects/delete | Eliminare un progetto specifico. |
Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action | Importa un progetto. |
Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | Esporta un progetto. |
{
"assignableScopes": [
"/"
],
"description": "View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can't create or delete the project.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b",
"name": "0a5ae4ab-0d65-4eeb-be61-29fc9b54394b",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/action",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Trainer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lettore dati di Servizi cognitivi
Consente di leggere i dati di Servizi cognitivi.
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/*/read | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you read Cognitive Services data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c",
"name": "b59867f0-fa02-499b-be73-45a86b5b3e1c",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/*/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Riconoscimento viso di Servizi cognitivi
Consente di eseguire rilevare, verificare, identificare, raggruppare e trovare operazioni simili nell'API Viso. Questo ruolo non consente operazioni di creazione o eliminazione, che lo rendono particolarmente adatto per gli endpoint che necessitano solo di funzionalità di inferenza, seguendo le procedure consigliate "privilegi minimi".
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/Face/detect/action | Rilevare i visi umani in un'immagine, restituire rettangoli del viso e facoltativamente con faceId, punti di riferimento e attributi. |
Microsoft.CognitiveServices/accounts/Face/verify/action | Verificare se due visi appartengono a una stessa persona o se un viso appartiene a una persona. |
Microsoft.CognitiveServices/accounts/Face/identify/action | Identificazione da 1 a molti per trovare le corrispondenze più vicine della persona di query specifica faccia da un gruppo di persone o da un gruppo di persone di grandi dimensioni. |
Microsoft.CognitiveServices/accounts/Face/group/action | Dividere i visi candidati in gruppi in base alla somiglianza del viso. |
Microsoft.CognitiveServices/accounts/Face/findsimilars/action | Dato faceId del viso di query, per cercare i visi simili da una matrice faceId, un elenco di visi o un elenco di visi di grandi dimensioni. faceId |
Microsoft.CognitiveServices/accounts/Face/detectliveness/cognitive/action | Esegue il rilevamento del liveness su un viso di destinazione in una sequenza di immagini a infrarossi, colori e/o profondità e restituisce la classificazione di vivacità del viso di destinazione come "viso reale", "faccia spoofing" o "incerta" se non è possibile effettuare una classificazione con gli input specificati. |
Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action | Esegue il rilevamento del liveness su un viso di destinazione in una sequenza di immagini della stessa modalità (ad esempio, colore o infrarosso) e restituisce la classificazione di vivacità del viso di destinazione come "viso reale", "faccia spoofing" o "incerta" se non è possibile creare una classificazione con gli input specificati. |
Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action | Rileva la dinamica di un viso di destinazione in una sequenza di immagini dello stesso tipo di flusso (ad esempio, colore) e quindi confronta con VerifyImage per restituire il punteggio di attendibilità per gli scenari di identità. |
Microsoft.CognitiveServices/accounts/Face/*/sessions/action | |
Microsoft.CognitiveServices/accounts/Face/*/sessions/delete | |
Microsoft.CognitiveServices/accounts/Face/*/sessions/read | |
Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7",
"name": "9894cab4-e18a-44aa-828b-cb588cd6f2d7",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/Face/detect/action",
"Microsoft.CognitiveServices/accounts/Face/verify/action",
"Microsoft.CognitiveServices/accounts/Face/identify/action",
"Microsoft.CognitiveServices/accounts/Face/group/action",
"Microsoft.CognitiveServices/accounts/Face/findsimilars/action",
"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action",
"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action",
"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/action",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/read",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Face Recognizer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Strumento di lettura immersiva utente di Servizi cognitivi
Fornisce l'accesso per creare sessioni Strumento di lettura immersiva e chiamare LE API
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action | Crea una sessione di Strumento di lettura immersiva |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Provides access to create Immersive Reader sessions and call APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d",
"name": "b2de6794-95db-4659-8781-7e080d3f2b9d",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Immersive Reader User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Proprietario del linguaggio di Servizi cognitivi
Ha accesso a tutte le funzioni lettura, test, scrittura, distribuzione ed eliminazione nel portale del linguaggio
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.CognitiveServices/accounts/listkeys/action | List keys |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/LanguageAuthoring/* | |
Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/* | |
Microsoft.CognitiveServices/accounts/Language/* | |
Microsoft.CognitiveServices/accounts/TextAnalytics/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/* |
{
"assignableScopes": [
"/"
],
"description": "Has access to all Read, Test, Write, Deploy and Delete functions under Language portal",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498",
"name": "f07febfe-79bc-46b1-8b37-790e26e6e498",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/listkeys/action",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*",
"Microsoft.CognitiveServices/accounts/Language/*",
"Microsoft.CognitiveServices/accounts/TextAnalytics/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*"
]
}
],
"roleName": "Cognitive Services Language Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Ruolo con autorizzazioni di lettura del linguaggio di Servizi cognitivi
Ha accesso alle funzioni lettura e test nel portale del linguaggio
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read | |
Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read | |
Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action | Attiva un processo per esportare i dati del progetto in formato JSON. |
Microsoft.CognitiveServices/accounts/Language/*/read | |
Microsoft.CognitiveServices/accounts/Language/*/projects/export/action | |
Microsoft.CognitiveServices/accounts/Language/query-text/action | Testo della risposta. |
Microsoft.CognitiveServices/accounts/Language/query-dataverse/action | Query Dataverse. |
Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action | Inviare una raccolta di documenti di testo per l'analisi. Specificare una o più attività univoce da eseguire. |
Microsoft.CognitiveServices/accounts/Language/analyze-text/action | Inviare una raccolta di documenti di testo per l'analisi. Specificare una singola attività univoca da eseguire immediatamente. |
Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action | Annullare un processo di analisi del testo a esecuzione prolungata. |
Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action | Analizza la conversazione di input. |
Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action | Annullare un processo di analisi a esecuzione prolungata nella conversazione. |
Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action | Inviare una conversazione lunga per l'analisi. Specificare una o più attività univoce da eseguire come operazione a esecuzione prolungata. |
Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action | Knowledge base di risposte. |
Microsoft.CognitiveServices/accounts/Language/generate/action | Generazione del linguaggio. |
Microsoft.CognitiveServices/accounts/TextAnalytics/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/* |
{
"assignableScopes": [
"/"
],
"description": "Has access to Read and Test functions under Language portal",
"id": "/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e",
"name": "7628b7b8-a8b2-4cdc-b46f-e9b35248918e",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action",
"Microsoft.CognitiveServices/accounts/Language/*/read",
"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action",
"Microsoft.CognitiveServices/accounts/Language/query-text/action",
"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-text/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action",
"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action",
"Microsoft.CognitiveServices/accounts/Language/generate/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*"
]
}
],
"roleName": "Cognitive Services Language Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Ruolo con autorizzazioni di scrittura del linguaggio di Servizi cognitivi
Ha accesso a tutte le funzioni lettura, test e scrittura nel portale del linguaggio
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/LanguageAuthoring/* | |
Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/* | |
Microsoft.CognitiveServices/accounts/Language/* | |
Microsoft.CognitiveServices/accounts/TextAnalytics/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action | Attivare il processo di pubblicazione. |
Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write | Attivare il processo per creare una nuova distribuzione o sostituire una distribuzione esistente. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/* | |
Microsoft.CognitiveServices/accounts/Language/*/projects/delete | |
Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write | |
Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete | |
Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action |
{
"assignableScopes": [
"/"
],
"description": " Has access to all Read, Test, and Write functions under Language Portal",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8",
"name": "f2310ca1-dc64-4889-bb49-c8e0fa3d47a8",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*",
"Microsoft.CognitiveServices/accounts/Language/*",
"Microsoft.CognitiveServices/accounts/TextAnalytics/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*",
"Microsoft.CognitiveServices/accounts/Language/*/projects/delete",
"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write",
"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete",
"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action"
]
}
],
"roleName": "Cognitive Services Language Writer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Proprietario LUIS di Servizi cognitivi
Ha accesso a tutte le funzioni lettura, test, scrittura, distribuzione ed eliminazione in LUIS
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.CognitiveServices/accounts/listkeys/action | List keys |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/LUIS/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": " Has access to all Read, Test, Write, Deploy and Delete functions under LUIS",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8",
"name": "f72c8140-2111-481c-87ff-72b910f6e3f8",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/listkeys/action",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services LUIS Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lettore LUIS di Servizi cognitivi
Ha accesso alle funzioni di lettura e test in LUIS.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/LUIS/*/read | |
Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write | Aggiorna i risultati dell'ultimo test di un set di dati di test batch esistente per una determinata applicazione. |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Has access to Read and Test functions under LUIS.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226",
"name": "18e81cdc-4e98-4e29-a639-e7d10c5a6226",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/*/read",
"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services LUIS Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Ruolo con autorizzazioni di scrittura LUIS di Servizi cognitivi
Ha accesso a tutte le funzioni di lettura, test e scrittura in LUIS
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/LUIS/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/LUIS/apps/delete | Elimina un'applicazione. |
Microsoft.CognitiveServices/accounts/LUIS/apps/move/action | Sposta l'app in un'altra risorsa di Azure per la creazione di LUIS. |
Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action | Pubblica una versione specifica dell'applicazione. |
Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write | Aggiorna le impostazioni dell'applicazione |
Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action | Assegna un account Azure all'applicazione. |
Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete | Ottiene gli account di Azure LUIS per l'utente usando il token di Azure Resource Manager. |
{
"assignableScopes": [
"/"
],
"description": "Has access to all Read, Test, and Write functions under LUIS",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27",
"name": "6322a993-d5c9-4bed-b113-e49bbea25b27",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/apps/delete",
"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action",
"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action",
"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write",
"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action",
"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete"
]
}
],
"roleName": "Cognitive Services LUIS Writer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Servizi cognitivi Advisor metriche Amministratore
Accesso completo al progetto, inclusa la configurazione a livello di sistema.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/MetricsAdvisor/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Full access to the project, including the system level configuration.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a",
"name": "cb43c632-a144-4ec5-977c-e80c4affc34a",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Metrics Advisor Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Utente di Advisor metriche di Servizi cognitivi
Accesso al progetto.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/MetricsAdvisor/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/* |
{
"assignableScopes": [
"/"
],
"description": "Access to the project.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8",
"name": "3b20f47b-3825-43cb-8114-4bd2201156a8",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*"
]
}
],
"roleName": "Cognitive Services Metrics Advisor User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Collaboratore Servizi cognitivi OpenAI
Accesso completo, inclusa la possibilità di ottimizzare, distribuire e generare testo
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.CognitiveServices/accounts/deployments/write | Scrive le distribuzioni. |
Microsoft.CognitiveServices/accounts/deployments/delete | Elimina le distribuzioni. |
Microsoft.CognitiveServices/accounts/raiPolicies/read | Ottiene tutti i criteri applicabili nell'account, inclusi i criteri predefiniti. |
Microsoft.CognitiveServices/accounts/raiPolicies/write | Creare o aggiornare un criterio di intelligenza artificiale responsabile personalizzato. |
Microsoft.CognitiveServices/accounts/raiPolicies/delete | Elimina un criterio di intelligenza artificiale responsabile personalizzato a cui non fa riferimento una distribuzione esistente. |
Microsoft.CognitiveServices/accounts/commitmentplans/read | Legge i piani di impegno. |
Microsoft.CognitiveServices/accounts/commitmentplans/write | Scrive i piani di impegno. |
Microsoft.CognitiveServices/accounts/commitmentplans/delete | Elimina i piani di impegno. |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/OpenAI/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Full access including the ability to fine-tune, deploy and generate text",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442",
"name": "a001fd3d-188f-4b5d-821b-7da978bf7442",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/deployments/write",
"Microsoft.CognitiveServices/accounts/deployments/delete",
"Microsoft.CognitiveServices/accounts/raiPolicies/read",
"Microsoft.CognitiveServices/accounts/raiPolicies/write",
"Microsoft.CognitiveServices/accounts/raiPolicies/delete",
"Microsoft.CognitiveServices/accounts/commitmentplans/read",
"Microsoft.CognitiveServices/accounts/commitmentplans/write",
"Microsoft.CognitiveServices/accounts/commitmentplans/delete",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services OpenAI Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Utente Servizi cognitivi OpenAI
Accesso in lettura per visualizzare file, modelli, distribuzioni. Possibilità di creare chiamate di completamento e incorporamento.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/OpenAI/*/read | |
Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action | Creare un completamento da un modello scelto |
Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action | Cercare i documenti più rilevanti usando il motore corrente. |
Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action | (Destinato solo ai browser). Trasmettere testo generato dal modello tramite richiesta GET. Questo metodo viene fornito perché il metodo EventSource nativo del browser può inviare solo richieste GET. Supporta un set di opzioni di configurazione più limitato rispetto alla variante POST. |
Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action | Restituisce la trascrizione o la traduzione per un determinato file audio. |
Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action | Cercare i documenti più rilevanti usando il motore corrente. |
Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action | Creare un completamento da un modello scelto. |
Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action | Crea un completamento per il messaggio di chat |
Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action | Crea una connessione in tempo reale alla distribuzione. |
Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action | Crea un completamento per il messaggio di chat con estensioni |
Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action | Restituisce gli incorporamenti per un prompt specificato. |
Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action | Creare generazioni di immagini. |
Microsoft.CognitiveServices/accounts/OpenAI/assistants/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read | Eseguire query sui dati di completamento usando filtri o Ottenere dati di completamento singolo usando l'ID di completamento o Ottenere i metadati del traffico per l'account specificato |
{
"assignableScopes": [
"/"
],
"description": "Ability to view files, models, deployments. Readers can't make any changes They can inference and create images",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd",
"name": "5e0bd9bd-7b93-4f28-af87-19fc36ad61bd",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/*/read",
"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action",
"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/realtime/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action",
"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action",
"Microsoft.CognitiveServices/accounts/OpenAI/assistants/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/stored-completions/read"
]
}
],
"roleName": "Cognitive Services OpenAI User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Ruolo con autorizzazioni di modifica di QnA Maker di Servizi cognitivi
Verrà ora creato, modificato, importato ed esportato un KB. Non è possibile pubblicare o eliminare una Knowledge Base.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read | Ottiene l'elenco delle knowledge base o i dettagli di una knowledge base specifica. |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read | Scaricare la knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write | Operazione asincrona per creare una nuova knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write | Operazione asincrona per modificare una knowledge base o Sostituire il contenuto della knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer chiama per eseguire una query sulla knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action | Eseguire il training della chiamata per aggiungere suggerimenti alla knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker/alterazioni/lettura | Scaricare le modifiche dal runtime. |
Microsoft.CognitiveServices/accounts/QnAMaker/alterazioni/scrittura | Sostituire i dati delle modifiche. |
Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read | Ottiene le chiavi dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action | Genera nuovamente una chiave endpoint. |
Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read | Ottiene le impostazioni dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write | Aggiornare le impostazioni dell'endpoint per un endpoint. |
Microsoft.CognitiveServices/accounts/QnAMaker/operations/read | Recupera i dettagli di una specifica operazione a esecuzione prolungata. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read | Ottiene l'elenco delle knowledge base o i dettagli di una knowledge base specifica. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read | Scaricare la knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write | Operazione asincrona per creare una nuova knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write | Operazione asincrona per modificare una knowledge base o Sostituire il contenuto della knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action | GenerateAnswer chiama per eseguire una query sulla knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action | Eseguire il training della chiamata per aggiungere suggerimenti alla knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterazioni/lettura | Scaricare le modifiche dal runtime. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterazioni/scrittura | Sostituire i dati delle modifiche. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read | Ottiene le chiavi dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action | Genera nuovamente una chiave endpoint. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read | Ottiene le impostazioni dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write | Aggiornare le impostazioni dell'endpoint per un endpoint. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read | Recupera i dettagli di una specifica operazione a esecuzione prolungata. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read | Ottiene l'elenco delle knowledge base o i dettagli di una knowledge base specifica. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read | Scaricare la knowledge base. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write | Operazione asincrona per creare una nuova knowledge base. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write | Operazione asincrona per modificare una knowledge base o Sostituire il contenuto della knowledge base. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer chiama per eseguire una query sulla knowledge base. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action | Eseguire il training della chiamata per aggiungere suggerimenti alla knowledge base. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterazioni/lettura | Scaricare le modifiche dal runtime. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterazioni/scrittura | Sostituire i dati delle modifiche. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read | Ottiene le chiavi dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action | Genera nuovamente una chiave endpoint. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read | Ottiene le impostazioni dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write | Aggiornare le impostazioni dell'endpoint per un endpoint. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read | Recupera i dettagli di una specifica operazione a esecuzione prolungata. |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Let's you create, edit, import and export a KB. You cannot publish or delete a KB.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025",
"name": "f4cc2bf9-21be-47a1-bdf1-5c5804381025",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services QnA Maker Editor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Ruolo con autorizzazioni di lettura per QnA Maker di Servizi cognitivi
Si legge e si testa solo una knowledge base.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read | Ottiene l'elenco delle knowledge base o i dettagli di una knowledge base specifica. |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read | Scaricare la knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer chiama per eseguire una query sulla knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker/alterazioni/lettura | Scaricare le modifiche dal runtime. |
Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read | Ottiene le chiavi dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read | Ottiene le impostazioni dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read | Ottiene l'elenco delle knowledge base o i dettagli di una knowledge base specifica. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read | Scaricare la knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action | GenerateAnswer chiama per eseguire una query sulla knowledge base. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterazioni/lettura | Scaricare le modifiche dal runtime. |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read | Ottiene le chiavi dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read | Ottiene le impostazioni dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read | Ottiene l'elenco delle knowledge base o i dettagli di una knowledge base specifica. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read | Scaricare la knowledge base. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer chiama per eseguire una query sulla knowledge base. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterazioni/lettura | Scaricare le modifiche dal runtime. |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read | Ottiene le chiavi dell'endpoint per un endpoint |
Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read | Ottiene le impostazioni dell'endpoint per un endpoint |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Let's you read and test a KB only.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126",
"name": "466ccd10-b268-4a11-b098-b4849f024126",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services QnA Maker Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Collaboratore Voce di Servizi cognitivi
Accesso completo ai progetti voce, tra cui lettura, scrittura ed eliminazione di tutte le entità, per il riconoscimento vocale in tempo reale e le attività di trascrizione batch, la sintesi vocale in tempo reale e le attività audio lunghe, la voce personalizzata e la voce personalizzata.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/SpeechServices/* | |
Microsoft.CognitiveServices/accounts/CustomVoice/* | |
Microsoft.CognitiveServices/accounts/AudioContentCreation/* | |
Microsoft.CognitiveServices/accounts/VideoTranslation/* | |
Microsoft.CognitiveServices/accounts/CustomAvatar/* | |
Microsoft.CognitiveServices/accounts/BatchAvatar/* | |
Microsoft.CognitiveServices/accounts/BatchTextToSpeech/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181",
"name": "0e75ca1e-0464-4b4d-8b93-68208a576181",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/SpeechServices/*",
"Microsoft.CognitiveServices/accounts/CustomVoice/*",
"Microsoft.CognitiveServices/accounts/AudioContentCreation/*",
"Microsoft.CognitiveServices/accounts/VideoTranslation/*",
"Microsoft.CognitiveServices/accounts/CustomAvatar/*",
"Microsoft.CognitiveServices/accounts/BatchAvatar/*",
"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Speech Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Utente Voce di Servizi cognitivi
Accesso alle API di riconoscimento vocale in tempo reale e trascrizione batch, sintesi vocale in tempo reale e API audio lunghe, nonché per leggere i dati/test/modello/endpoint per i modelli personalizzati, ma non è possibile creare, eliminare o modificare i dati/test/modello/endpoint per i modelli personalizzati.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.Authorization/roleAssignments/read | Ottiene informazioni su un'assegnazione di ruolo. |
Microsoft.Authorization/roleDefinitions/read | Ottiene informazioni su una definizione di ruolo. |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/accounts/SpeechServices/*/read | |
Microsoft.CognitiveServices/accounts/SpeechServices/*/trascrizioni/lettura | |
Microsoft.CognitiveServices/accounts/SpeechServices/*/trascrizioni/scrittura | |
Microsoft.CognitiveServices/accounts/SpeechServices/*/trascrizioni/delete | |
Microsoft.CognitiveServices/accounts/SpeechServices/*/trascrizioni/azione | |
Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action | |
Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action | |
Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action | |
Microsoft.CognitiveServices/accounts/CustomVoice/*/read | |
Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/* | |
Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/* | |
Microsoft.CognitiveServices/accounts/AudioContentCreation/* | |
Microsoft.CognitiveServices/accounts/VideoTranslation/* | |
Microsoft.CognitiveServices/accounts/CustomAvatar/*/read | |
Microsoft.CognitiveServices/accounts/BatchAvatar/* | |
Microsoft.CognitiveServices/accounts/BatchTextToSpeech/* | |
NotDataActions | |
Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read | Ottiene i file del set di dati identificato dall'ID specificato. |
Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read | Ottiene le espressioni del set di training specificato. |
{
"assignableScopes": [
"/"
],
"description": "Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447",
"name": "f2dc8367-1007-4938-bd23-fe263f013447",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/SpeechServices/*/read",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/action",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action",
"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action",
"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action",
"Microsoft.CognitiveServices/accounts/CustomVoice/*/read",
"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*",
"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*",
"Microsoft.CognitiveServices/accounts/AudioContentCreation/*",
"Microsoft.CognitiveServices/accounts/VideoTranslation/*",
"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read",
"Microsoft.CognitiveServices/accounts/BatchAvatar/*",
"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read",
"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read"
]
}
],
"roleName": "Cognitive Services Speech User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lettore utilizzi di Servizi cognitivi
Autorizzazione minima per visualizzare gli utilizzi di Servizi cognitivi.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/locations/usages/read | Leggere tutti i dati di utilizzo |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Minimal permission to view Cognitive Services usages.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2",
"name": "bba48692-92b0-4667-a9ad-c31c7b334ac2",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/locations/usages/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Cognitive Services Usages Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Utente Servizi cognitivi
Consente di leggere ed elencare le chiavi di Servizi cognitivi.
Azioni | Descrizione |
---|---|
Microsoft.CognitiveServices/*/read | |
Microsoft.CognitiveServices/accounts/listkeys/action | List keys |
Microsoft.Insights/alertRules/read | Legge un avviso della metrica (versione classica) |
Microsoft.Insights/diagnosticSettings/read | Legge un'impostazione di diagnostica della risorsa |
Microsoft.Insights/logDefinitions/read | Consente di leggere le definizioni del log |
Microsoft.Insights/metricdefinitions/read | Consente di leggere le definizioni della metrica |
Microsoft.Insights/metrics/read | Esegue la lettura delle metriche |
Microsoft.ResourceHealth/availabilityStatuses/read | Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificato |
Microsoft.Resources/deployments/operations/read | Ottiene o elenca le operazioni di distribuzione. |
Microsoft.Resources/subscriptions/operationresults/read | Ottiene i risultati dell'operazione di sottoscrizione. |
Microsoft.Resources/subscriptions/read | Ottiene l'elenco delle sottoscrizioni. |
Microsoft.Resources/subscriptions/resourceGroups/read | Ottiene o elenca i gruppi di risorse. |
Microsoft.Support/* | Creare e aggiornare un ticket di supporto |
NotActions | |
none | |
DataActions | |
Microsoft.CognitiveServices/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you read and list keys of Cognitive Services.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908",
"name": "a97b65f3-24c7-4388-baec-2e87135dc908",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/listkeys/action",
"Microsoft.Insights/alertRules/read",
"Microsoft.Insights/diagnosticSettings/read",
"Microsoft.Insights/logDefinitions/read",
"Microsoft.Insights/metricdefinitions/read",
"Microsoft.Insights/metrics/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Amministratore di Health Bot
Gli utenti con accesso amministratore possono accedere, visualizzare e modificare tutte le risorse del bot, gli scenari e l'impostazione di configurazione, incluse le chiavi e i segreti dell'istanza del bot.
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.HealthBot/healthBots/Admin/Action | Accedere al portale di gestione, visualizzare e modificare tutte le risorse, gli scenari, le impostazioni di configurazione, le chiavi dell'istanza e i segreti. |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38",
"name": "f1082fec-a70f-419f-9230-885d2550fb38",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthBot/healthBots/Admin/Action"
],
"notDataActions": []
}
],
"roleName": "Health Bot Admin",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Editor bot di integrità
Gli utenti con accesso all'editor possono accedere, visualizzare e modificare tutte le risorse del bot, gli scenari e l'impostazione di configurazione, ad eccezione delle chiavi e dei segreti dell'istanza del bot e degli input dell'utente finale (inclusi commenti e suggerimenti, espressioni non riconosciute e log di conversazione). Accesso in sola lettura alle competenze e ai canali del bot.
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.HealthBot/healthBots/Editor/Action | Accedere al portale di gestione, visualizzare e modificare tutte le risorse del bot, gli scenari e le impostazioni di configurazione, ad eccezione delle chiavi e dei segreti dell'istanza del bot e degli input dell'utente finale. Accesso in sola lettura alle competenze e ai canali del bot. |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8",
"name": "af854a69-80ce-4ff7-8447-f1118a2e0ca8",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthBot/healthBots/Editor/Action"
],
"notDataActions": []
}
],
"roleName": "Health Bot Editor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lettore di bot per l'integrità
Gli utenti con accesso con autorizzazioni di lettura possono accedere, hanno accesso in sola lettura alle risorse del bot, agli scenari e all'impostazione di configurazione, ad eccezione delle chiavi e dei segreti dell'istanza del bot (incluse le chiavi di autenticazione, connessione dati e canali) e gli input dell'utente finale (inclusi commenti e suggerimenti, espressioni non riconosciute e log di conversazione).
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.HealthBot/healthBots/Reader/Action | Accedere al portale di gestione con accesso in sola lettura alle risorse, agli scenari e alle impostazioni di configurazione, ad eccezione delle chiavi e dei segreti dell'istanza del bot e degli input dell'utente finale. |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).",
"id": "/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2",
"name": "eb5a76d5-50e7-4c33-a449-070e7c9c4cf2",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthBot/healthBots/Reader/Action"
],
"notDataActions": []
}
],
"roleName": "Health Bot Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Collaboratore ai dati dell'indice di ricerca
Concede l'accesso completo ai dati dell'indice di Ricerca cognitiva di Azure.
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.Search/searchServices/indexes/documents/* | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Grants full access to Azure Cognitive Search index data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7",
"name": "8ebe5a00-799e-43f5-93ac-243d3dce84a7",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Search/searchServices/indexes/documents/*"
],
"notDataActions": []
}
],
"roleName": "Search Index Data Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Lettore di dati dell'indice di ricerca
Concede l'accesso in lettura ai dati dell'indice Ricerca cognitiva di Azure.
Azioni | Descrizione |
---|---|
none | |
NotActions | |
none | |
DataActions | |
Microsoft.Search/searchServices/indexes/documents/read | Leggere documenti o termini di query suggeriti da un indice. |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Grants read access to Azure Cognitive Search index data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f",
"name": "1407120a-92aa-4202-b7e9-c0e197c71c8f",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Search/searchServices/indexes/documents/read"
],
"notDataActions": []
}
],
"roleName": "Search Index Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Collaboratore servizi di ricerca
Consente di gestire i servizi di Ricerca, ma non di accedervi.
Azioni | Descrizione |
---|---|
Microsoft.Authorization/*/read | Leggere i ruoli e le assegnazioni di ruoli |
Microsoft.Insights/alertRules/* | Creare e gestire un avviso classico per le metriche |
Microsoft.ResourceHealth/availabilityStatuses/read | Ottiene gli stati di disponibilità per tutte le risorse nell'ambito specificato |
Microsoft.Resources/deployments/* | Creare e gestire una distribuzione |
Microsoft.Resources/subscriptions/resourceGroups/read | Ottiene o elenca i gruppi di risorse. |
Microsoft.Search/searchServices/* | È in grado di creare e gestire servizi di ricerca |
Microsoft.Support/* | Creare e aggiornare un ticket di supporto |
NotActions | |
none | |
DataActions | |
none | |
NotDataActions | |
none |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Search services, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0",
"name": "7ca78c08-252a-4471-8644-bb5ff32d4ba0",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Search/searchServices/*",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Search Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}