適用於 AI + 機器學習的 Azure 內建角色
本文列出 AI + 機器學習類別中的 Azure 內建角色。
AgFood Platform Sensor 合作夥伴參與者
提供在 AgFood Platform Service 中管理感測器相關實體的參與存取權
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/* | |
| NotDataActions | |
| Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete | 刪除受限於呼叫者感測器合作夥伴範圍的現有 AgFoodPlatform 感測器資源。 |
{
"assignableScopes": [
"/"
],
"description": "Provides contribute access to manage sensor related entities in AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6b77f0a0-0d89-41cc-acd1-579c22c17a67",
"name": "6b77f0a0-0d89-41cc-acd1-579c22c17a67",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/*"
],
"notDataActions": [
"Microsoft.AgFoodPlatform/farmBeats/sensorPartnerScope/sensors/delete"
]
}
],
"roleName": "AgFood Platform Sensor Partner Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
AgFood Platform Service Admin
提供 AgFood 平臺服務的系統管理員存取權
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.AgFoodPlatform/* | 建立、更新、讀取和刪除任何 AgFood Platform 資源。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Provides admin access to AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f8da80de-1ff9-4747-ad80-a19b7f6079e3",
"name": "f8da80de-1ff9-4747-ad80-a19b7f6079e3",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/*"
],
"notDataActions": []
}
],
"roleName": "AgFood Platform Service Admin",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
AgFood Platform 服務參與者
提供 AgFood 平臺服務的參與存取權
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.AgFoodPlatform/*/action | |
| Microsoft.AgFoodPlatform/*/read | 讀取任何 AgFood Platform 資源。 |
| Microsoft.AgFoodPlatform/*/write | 建立及更新任何 AgFood 平台資源。 |
| NotDataActions | |
| Microsoft.AgFoodPlatform/farmBeats/farmers/write | 建立或更新 AgFoodPlatform 農民。 |
| Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write | |
| Microsoft.AgFoodPlatform/farmBeats/parties/write | 建立或更新 AgFoodPlatform 合作物件。 |
| Microsoft.AgFoodPlatform/farmBeats/datasets/write | 建立或更新 AgFoodPlatform 數據集。 |
| Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write | 建立或更新 AgFoodPlatform 數據集記錄。 |
| Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action |
{
"assignableScopes": [
"/"
],
"description": "Provides contribute access to AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8508508a-4469-4e45-963b-2518ee0bb728",
"name": "8508508a-4469-4e45-963b-2518ee0bb728",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/*/action",
"Microsoft.AgFoodPlatform/*/read",
"Microsoft.AgFoodPlatform/*/write"
],
"notDataActions": [
"Microsoft.AgFoodPlatform/farmBeats/farmers/write",
"Microsoft.AgFoodPlatform/farmBeats/deletionJobs/*/write",
"Microsoft.AgFoodPlatform/farmBeats/parties/write",
"Microsoft.AgFoodPlatform/farmBeats/datasets/write",
"Microsoft.AgFoodPlatform/farmBeats/datasetRecords/write",
"Microsoft.AgFoodPlatform/farmBeats/datasets/access/*/action"
]
}
],
"roleName": "AgFood Platform Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
AgFood Platform Service Reader
提供 AgFood 平台服務的讀取許可權
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.AgFoodPlatform/*/list/action | |
| Microsoft.AgFoodPlatform/*/read | 讀取任何 AgFood Platform 資源。 |
| Microsoft.AgFoodPlatform/*/search/action | |
| Microsoft.AgFoodPlatform/*/download/action | |
| Microsoft.AgFoodPlatform/*/overlap/action | |
| Microsoft.AgFoodPlatform/*/checkConsent/action | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Provides read access to AgFood Platform Service",
"id": "/providers/Microsoft.Authorization/roleDefinitions/7ec7ccdc-f61e-41fe-9aaf-980df0a44eba",
"name": "7ec7ccdc-f61e-41fe-9aaf-980df0a44eba",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.AgFoodPlatform/*/list/action",
"Microsoft.AgFoodPlatform/*/read",
"Microsoft.AgFoodPlatform/*/search/action",
"Microsoft.AgFoodPlatform/*/download/action",
"Microsoft.AgFoodPlatform/*/overlap/action",
"Microsoft.AgFoodPlatform/*/checkConsent/action"
],
"notDataActions": []
}
],
"roleName": "AgFood Platform Service Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure AI 開發人員
除了管理資源本身之外,還可以在 Azure AI 資源內執行所有動作。
| 動作 | 描述 |
|---|---|
| Microsoft.MachineLearningServices/workspaces/*/read | |
| Microsoft.MachineLearningServices/workspaces/*/action | |
| Microsoft.MachineLearningServices/workspaces/*/delete | |
| Microsoft.MachineLearningServices/workspaces/*/write | |
| Microsoft.MachineLearningServices/locations/*/read | |
| Microsoft.Authorization/*/read | 讀取角色和角色指派 |
| Microsoft.Resources/deployments/* | 建立和管理部署 |
| NotActions | |
| Microsoft.MachineLearningServices/workspaces/delete | 刪除 機器學習 服務工作區(s) |
| Microsoft.MachineLearningServices/workspaces/write | 建立或更新 機器學習 Services 工作區(s) |
| Microsoft.MachineLearningServices/workspaces/listKeys/action | 列出 機器學習 服務工作區的秘密 |
| Microsoft.MachineLearningServices/workspaces/hubs/write | 建立或更新 機器學習 Services Hub 工作區(s) |
| Microsoft.MachineLearningServices/workspaces/hubs/delete | 刪除 機器學習 Services Hub 工作區(s) |
| Microsoft.MachineLearningServices/workspaces/featurestores/write | 建立或更新 機器學習 Services FeatureStore(s) |
| Microsoft.MachineLearningServices/workspaces/featurestores/delete | 刪除 機器學習 Services FeatureStore(s) |
| DataActions | |
| Microsoft.CognitiveServices/accounts/OpenAI/* | |
| Microsoft.CognitiveServices/accounts/SpeechServices/* | |
| Microsoft.CognitiveServices/accounts/ContentSafety/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions within an Azure AI resource besides managing the resource itself.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/64702f94-c441-49e6-a78b-ef80e0188fee",
"name": "64702f94-c441-49e6-a78b-ef80e0188fee",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/*/read",
"Microsoft.MachineLearningServices/workspaces/*/action",
"Microsoft.MachineLearningServices/workspaces/*/delete",
"Microsoft.MachineLearningServices/workspaces/*/write",
"Microsoft.MachineLearningServices/locations/*/read",
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*"
],
"notActions": [
"Microsoft.MachineLearningServices/workspaces/delete",
"Microsoft.MachineLearningServices/workspaces/write",
"Microsoft.MachineLearningServices/workspaces/listKeys/action",
"Microsoft.MachineLearningServices/workspaces/hubs/write",
"Microsoft.MachineLearningServices/workspaces/hubs/delete",
"Microsoft.MachineLearningServices/workspaces/featurestores/write",
"Microsoft.MachineLearningServices/workspaces/featurestores/delete"
],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/*",
"Microsoft.CognitiveServices/accounts/SpeechServices/*",
"Microsoft.CognitiveServices/accounts/ContentSafety/*"
],
"notDataActions": []
}
],
"roleName": "Azure AI Developer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure AI Enterprise 網路連線核准者
可核准私人端點連線至 Azure AI 通用相依性資源
| 動作 | 描述 |
|---|---|
| Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action | 自動核准私人端點連線 |
| Microsoft.ContainerRegistry/registries/privateEndpointConnections/read | 取得私人端點連線的屬性,或列出指定容器登錄的所有私人端點連線 |
| Microsoft.ContainerRegistry/registries/privateEndpointConnections/write | 核准/拒絕私人端點連線 |
| Microsoft.Cache/redis/read | 在管理入口網站中檢視 Redis 快取的設定和組態 |
| Microsoft.Cache/redis/privateEndpointConnections/read | 讀取私人端點連線 |
| Microsoft.Cache/redis/privateEndpointConnections/write | 撰寫私人端點連線 |
| Microsoft.Cache/redis/privateLinkResources/read | 讀取 redis 子資源的 'groupId',讓私人連結可以連線到 |
| Microsoft.Cache/redis/privateEndpointConnectionsApproval/action | 核准私人端點連線 |
| Microsoft.Cache/redisEnterprise/read | 在管理入口網站中檢視 Redis Enterprise 快取的設定和組態 |
| Microsoft.Cache/redisEnterprise/privateEndpointConnections/read | 讀取私人端點連線 |
| Microsoft.Cache/redisEnterprise/privateEndpointConnections/write | 撰寫私人端點連線 |
| Microsoft.Cache/redisEnterprise/privateLinkResources/read | 讀取 redis 子資源的 'groupId',讓私人連結可以連線到 |
| Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action | 核准私人端點連線 |
| Microsoft.CognitiveServices/accounts/read | 讀取 API 帳戶。 |
| Microsoft.CognitiveServices/accounts/privateEndpointConnections/read | 讀取私人端點連線。 |
| Microsoft.CognitiveServices/accounts/privateEndpointConnections/write | 寫入私人端點連線。 |
| Microsoft.CognitiveServices/accounts/privateLinkResources/read | 讀取帳戶的私人鏈接資源。 |
| Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action | 管理資料庫帳戶的私人端點連線 |
| Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read | 讀取私人端點連線,或列出資料庫帳戶的所有私人端點連線 |
| Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write | 建立或更新資料庫帳戶的私人端點連線 |
| Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read | 讀取私人鏈接資源,或列出資料庫帳戶的所有私人鏈接資源 |
| Microsoft.DocumentDB/databaseAccounts/read | 讀取資料庫帳戶。 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action | 核准或拒絕Microsoft.Network 提供者的私人端點資源連線 |
| Microsoft.KeyVault/vaults/privateEndpointConnections/read | 檢視Microsoft.Network 提供者私人端點資源的連線狀態 |
| Microsoft.KeyVault/vaults/privateEndpointConnections/write | 將連線的狀態變更為 Microsoft.Network 提供者的私人端點資源 |
| Microsoft.KeyVault/vaults/privateLinkResources/read | 取得指定實例的可用私人鏈接資源 金鑰保存庫 |
| Microsoft.KeyVault/vaults/read | 檢視 Key Vault 的屬性 |
| Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action | 核准或拒絕Microsoft.Network 提供者的私人端點資源連線 |
| Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read | 檢視Microsoft.Network 提供者私人端點資源的連線狀態 |
| Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write | 將連線的狀態變更為 Microsoft.Network 提供者的私人端點資源 |
| Microsoft.MachineLearningServices/workspaces/privateLinkResources/read | 取得 機器學習 服務工作區之指定實例的可用私人鏈接資源 |
| Microsoft.MachineLearningServices/workspaces/read | 取得 機器學習 服務工作區(s) |
| Microsoft.Storage/storageAccounts/privateEndpointConnections/read | 取得私人端點連線 |
| Microsoft.Storage/storageAccounts/privateEndpointConnections/write | 放置私人端點連線 |
| Microsoft.Storage/storageAccounts/privateLinkResources/read | 取得 StorageAccount groupids |
| Microsoft.Storage/storageAccounts/read | 傳回儲存體帳戶的清單,或取得指定之儲存體帳戶的屬性。 |
| Microsoft.Sql/servers/privateEndpointConnectionsApproval/action | 判斷是否允許使用者核准私人端點連線 |
| Microsoft.Sql/servers/privateEndpointConnections/read | 傳回私人端點連線的清單,或取得指定之私人端點連線的屬性。 |
| Microsoft.Sql/servers/privateEndpointConnections/write | 核准或拒絕現有的私人端點連線 |
| Microsoft.Sql/servers/privateLinkResources/read | 取得對應 SQL Server 的私人鏈接資源 |
| Microsoft.Sql/servers/read | 傳回伺服器清單,或取得指定伺服器的屬性。 |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Can approve private endpoint connections to Azure AI common dependency resources",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b556d68e-0be0-4f35-a333-ad7ee1ce17ea",
"name": "b556d68e-0be0-4f35-a333-ad7ee1ce17ea",
"permissions": [
{
"actions": [
"Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/action",
"Microsoft.ContainerRegistry/registries/privateEndpointConnections/read",
"Microsoft.ContainerRegistry/registries/privateEndpointConnections/write",
"Microsoft.Cache/redis/read",
"Microsoft.Cache/redis/privateEndpointConnections/read",
"Microsoft.Cache/redis/privateEndpointConnections/write",
"Microsoft.Cache/redis/privateLinkResources/read",
"Microsoft.Cache/redis/privateEndpointConnectionsApproval/action",
"Microsoft.Cache/redisEnterprise/read",
"Microsoft.Cache/redisEnterprise/privateEndpointConnections/read",
"Microsoft.Cache/redisEnterprise/privateEndpointConnections/write",
"Microsoft.Cache/redisEnterprise/privateLinkResources/read",
"Microsoft.Cache/redisEnterprise/privateEndpointConnectionsApproval/action",
"Microsoft.CognitiveServices/accounts/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/read",
"Microsoft.CognitiveServices/accounts/privateEndpointConnections/write",
"Microsoft.CognitiveServices/accounts/privateLinkResources/read",
"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnectionsApproval/action",
"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/read",
"Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/write",
"Microsoft.DocumentDB/databaseAccounts/privateLinkResources/read",
"Microsoft.DocumentDB/databaseAccounts/read",
"Microsoft.KeyVault/vaults/privateEndpointConnectionsApproval/action",
"Microsoft.KeyVault/vaults/privateEndpointConnections/read",
"Microsoft.KeyVault/vaults/privateEndpointConnections/write",
"Microsoft.KeyVault/vaults/privateLinkResources/read",
"Microsoft.KeyVault/vaults/read",
"Microsoft.MachineLearningServices/workspaces/privateEndpointConnectionsApproval/action",
"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/read",
"Microsoft.MachineLearningServices/workspaces/privateEndpointConnections/write",
"Microsoft.MachineLearningServices/workspaces/privateLinkResources/read",
"Microsoft.MachineLearningServices/workspaces/read",
"Microsoft.Storage/storageAccounts/privateEndpointConnections/read",
"Microsoft.Storage/storageAccounts/privateEndpointConnections/write",
"Microsoft.Storage/storageAccounts/privateLinkResources/read",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Sql/servers/privateEndpointConnectionsApproval/action",
"Microsoft.Sql/servers/privateEndpointConnections/read",
"Microsoft.Sql/servers/privateEndpointConnections/write",
"Microsoft.Sql/servers/privateLinkResources/read",
"Microsoft.Sql/servers/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure AI Enterprise Network Connection Approver",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Azure AI 推斷部署運算子
可以執行在資源群組內建立資源部署所需的所有動作。
| 動作 | 描述 |
|---|---|
| Microsoft.Authorization/*/read | 讀取角色和角色指派 |
| Microsoft.Resources/deployments/* | 建立和管理部署 |
| Microsoft.Insights/AutoscaleSettings/write | 建立或更新自動調整設定 |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions required to create a resource deployment within a resource group.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3afb7f49-54cb-416e-8c09-6dc049efa503",
"name": "3afb7f49-54cb-416e-8c09-6dc049efa503",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Insights/AutoscaleSettings/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Azure AI Inference Deployment Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
AzureML 計算運算子
可以在 機器學習 Services 受控計算資源上存取和執行 CRUD 作業(包括 Notebook VM)。
| 動作 | 描述 |
|---|---|
| Microsoft.MachineLearningServices/workspaces/computes/* | |
| Microsoft.MachineLearningServices/workspaces/notebooks/vm/* | |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).",
"id": "/providers/Microsoft.Authorization/roleDefinitions/e503ece1-11d0-4e8e-8e2c-7a6c3bf38815",
"name": "e503ece1-11d0-4e8e-8e2c-7a6c3bf38815",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/computes/*",
"Microsoft.MachineLearningServices/workspaces/notebooks/vm/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Compute Operator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
AzureML 資料科學家
可以在 Azure Machine Learning 工作區內執行所有動作,但建立或删除計算資源以及修改工作區本身除外。
| 動作 | 描述 |
|---|---|
| Microsoft.MachineLearningServices/workspaces/*/read | |
| Microsoft.MachineLearningServices/workspaces/*/action | |
| Microsoft.MachineLearningServices/workspaces/*/delete | |
| Microsoft.MachineLearningServices/workspaces/*/write | |
| NotActions | |
| Microsoft.MachineLearningServices/workspaces/delete | 刪除 機器學習 服務工作區(s) |
| Microsoft.MachineLearningServices/workspaces/write | 建立或更新 機器學習 Services 工作區(s) |
| Microsoft.MachineLearningServices/workspaces/computes/*/write | |
| Microsoft.MachineLearningServices/workspaces/computes/*/delete | |
| Microsoft.MachineLearningServices/workspaces/computes/listKeys/action | 列出 機器學習 Services 工作區中計算資源的秘密 |
| Microsoft.MachineLearningServices/workspaces/listKeys/action | 列出 機器學習 服務工作區的秘密 |
| Microsoft.MachineLearningServices/workspaces/hubs/write | 建立或更新 機器學習 Services Hub 工作區(s) |
| Microsoft.MachineLearningServices/workspaces/hubs/delete | 刪除 機器學習 Services Hub 工作區(s) |
| Microsoft.MachineLearningServices/workspaces/featurestores/write | 建立或更新 機器學習 Services FeatureStore(s) |
| Microsoft.MachineLearningServices/workspaces/featurestores/delete | 刪除 機器學習 Services FeatureStore(s) |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f6c7c914-8db3-469d-8ca1-694a8f32e121",
"name": "f6c7c914-8db3-469d-8ca1-694a8f32e121",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/*/read",
"Microsoft.MachineLearningServices/workspaces/*/action",
"Microsoft.MachineLearningServices/workspaces/*/delete",
"Microsoft.MachineLearningServices/workspaces/*/write"
],
"notActions": [
"Microsoft.MachineLearningServices/workspaces/delete",
"Microsoft.MachineLearningServices/workspaces/write",
"Microsoft.MachineLearningServices/workspaces/computes/*/write",
"Microsoft.MachineLearningServices/workspaces/computes/*/delete",
"Microsoft.MachineLearningServices/workspaces/computes/listKeys/action",
"Microsoft.MachineLearningServices/workspaces/listKeys/action",
"Microsoft.MachineLearningServices/workspaces/hubs/write",
"Microsoft.MachineLearningServices/workspaces/hubs/delete",
"Microsoft.MachineLearningServices/workspaces/featurestores/write",
"Microsoft.MachineLearningServices/workspaces/featurestores/delete"
],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Data Scientist",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
AzureML 計量寫入器 (預覽)
可讓您將計量寫入 AzureML 工作區
| 動作 | 描述 |
|---|---|
| Microsoft.MachineLearningServices/workspaces/metrics/*/write | |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Lets you write metrics to AzureML workspace",
"id": "/providers/Microsoft.Authorization/roleDefinitions/635dd51f-9968-44d3-b7fb-6d9a6bd613ae",
"name": "635dd51f-9968-44d3-b7fb-6d9a6bd613ae",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/workspaces/metrics/*/write"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Metrics Writer (preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
AzureML 登錄使用者
可以在 機器學習 Services 登錄資產上執行所有動作,以及取得登錄資源。
| 動作 | 描述 |
|---|---|
| Microsoft.MachineLearningServices/registries/read | 取得 機器學習 Services 登錄(ies) |
| Microsoft.MachineLearningServices/registries/assets/* | |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1823dd4f-9b8c-4ab6-ab4e-7397a3684615",
"name": "1823dd4f-9b8c-4ab6-ab4e-7397a3684615",
"permissions": [
{
"actions": [
"Microsoft.MachineLearningServices/registries/read",
"Microsoft.MachineLearningServices/registries/assets/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "AzureML Registry User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務參與者
可讓您建立、讀取、更新、刪除和管理認知服務的金鑰。
| 動作 | 描述 |
|---|---|
| Microsoft.Authorization/*/read | 讀取角色和角色指派 |
| Microsoft.CognitiveServices/* | |
| Microsoft.Features/features/read | 取得訂用帳戶的功能。 |
| Microsoft.Features/providers/features/read | 取得指定資源提供者中訂用帳戶的功能。 |
| Microsoft.Features/providers/features/register/action | 在指定的資源提供者中註冊訂用帳戶的功能。 |
| Microsoft.Insights/alertRules/* | 建立和管理傳統計量警示 |
| Microsoft.Insights/diagnosticSettings/* | 建立、更新或讀取 Analysis Server 的診斷設定 |
| Microsoft.Insights/logDefinitions/read | 讀取記錄定義 |
| Microsoft.Insights/metricdefinitions/read | 讀取計量定義 |
| Microsoft.Insights/metrics/read | 讀取計量 |
| Microsoft.ResourceHealth/availabilityStatuses/read | 取得指定範圍中所有資源的可用性狀態 |
| Microsoft.Resources/deployments/* | 建立和管理部署 |
| Microsoft.Resources/deployments/operations/read | 取得或列出部署作業。 |
| Microsoft.Resources/subscriptions/operationresults/read | 取得訂用帳戶作業結果。 |
| Microsoft.Resources/subscriptions/read | 取得訂用帳戶的清單。 |
| Microsoft.Resources/subscriptions/resourcegroups/deployments/* | |
| Microsoft.Resources/subscriptions/resourceGroups/read | 取得或列出資源群組。 |
| Microsoft.Support/* | 建立和更新支援票證 |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Lets you create, read, update, delete and manage keys of Cognitive Services.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68",
"name": "25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.CognitiveServices/*",
"Microsoft.Features/features/read",
"Microsoft.Features/providers/features/read",
"Microsoft.Features/providers/features/register/action",
"Microsoft.Insights/alertRules/*",
"Microsoft.Insights/diagnosticSettings/*",
"Microsoft.Insights/logDefinitions/read",
"Microsoft.Insights/metricdefinitions/read",
"Microsoft.Insights/metrics/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Cognitive Services Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 自訂視覺 參與者
專案的完整存取權,包括檢視、建立、編輯或刪除專案的能力。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Full access to the project, including the ability to view, create, edit, or delete projects.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/c1ff6cc2-c111-46fe-8896-e0ef812ad9f3",
"name": "c1ff6cc2-c111-46fe-8896-e0ef812ad9f3",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Custom Vision Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 自訂視覺部署
發佈、取消發佈或導出模型。 部署可以檢視專案,但無法更新。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/*/read | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/classify/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/detect/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | 匯出專案。 |
{
"assignableScopes": [
"/"
],
"description": "Publish, unpublish or export models. Deployment can view the project but can't update.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5c4089e1-6d96-4d2f-b296-c1bc7137275f",
"name": "5c4089e1-6d96-4d2f-b296-c1bc7137275f",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*/read",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/publish/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/iterations/export/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/quicktest/*",
"Microsoft.CognitiveServices/accounts/CustomVision/classify/*",
"Microsoft.CognitiveServices/accounts/CustomVision/detect/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Deployment",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 自訂視覺 標籤器
檢視、編輯訓練影像,並建立、新增、移除或刪除影像卷標。 卷標者可以檢視專案,但無法更新訓練影像和標籤以外的任何專案。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/*/read | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action | 取得傳送至預測端點的影像。 |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/images/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/* | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action | 此 API 會取得數位/批次未標記影像的建議標籤和區域,以及標記的信心。 如果找不到標記,則會傳回空陣列。 |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | 匯出專案。 |
{
"assignableScopes": [
"/"
],
"description": "View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can't update anything other than training images and tags.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/88424f51-ebe7-446f-bc41-7fa16989e96c",
"name": "88424f51-ebe7-446f-bc41-7fa16989e96c",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*/read",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/tags/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/images/suggested/*",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/tagsandregions/suggestions/action"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Labeler",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 自訂視覺 讀取者
專案中的只讀動作。 讀者無法建立或更新專案。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/*/read | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action | 取得傳送至預測端點的影像。 |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | 匯出專案。 |
{
"assignableScopes": [
"/"
],
"description": "Read-only actions in the project. Readers can't create or update the project.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/93586559-c37d-4a6b-ba08-b9f0940c2d73",
"name": "93586559-c37d-4a6b-ba08-b9f0940c2d73",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*/read",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/predictions/query/action"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 自訂視覺 定型器
檢視、編輯專案並定型模型,包括發佈、取消發佈、匯出模型的能力。 訓練人員無法建立或刪除專案。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/action | 建立專案。 |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/delete | 刪除特定專案。 |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action | 匯入專案。 |
| Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read | 匯出專案。 |
{
"assignableScopes": [
"/"
],
"description": "View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can't create or delete the project.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0a5ae4ab-0d65-4eeb-be61-29fc9b54394b",
"name": "0a5ae4ab-0d65-4eeb-be61-29fc9b54394b",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVision/projects/action",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/delete",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/import/action",
"Microsoft.CognitiveServices/accounts/CustomVision/projects/export/read"
]
}
],
"roleName": "Cognitive Services Custom Vision Trainer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務資料讀者 (預覽)
可讓您讀取認知服務數據。
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/*/read | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Lets you read Cognitive Services data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b59867f0-fa02-499b-be73-45a86b5b3e1c",
"name": "b59867f0-fa02-499b-be73-45a86b5b3e1c",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/*/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Data Reader (Preview)",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務臉部辨識器
可讓您在臉部 API 上執行偵測、驗證、識別、分組及尋找類似的作業。 此角色不允許建立或刪除作業,因此非常適合只需要推斷功能的端點,請遵循「最低許可權」最佳做法。
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/Face/detect/action | 偵測影像中的人臉、傳回臉部矩形,以及選擇性地使用faceId、地標和屬性。 |
| Microsoft.CognitiveServices/accounts/Face/verify/action | 確認兩張臉部是否屬於同一個人,或一張臉部是否屬於某個人。 |
| Microsoft.CognitiveServices/accounts/Face/identify/action | 1 對多識別,從人員群組或大型人員群組尋找特定查詢人員臉部最接近的相符專案。 |
| Microsoft.CognitiveServices/accounts/Face/group/action | 根據臉部相似性,將候選臉部分成群組。 |
| Microsoft.CognitiveServices/accounts/Face/findsimilars/action | 給定查詢臉部的faceId,從faceId陣列、臉部清單或大型臉部清單搜尋類似外觀的臉部。 faceId |
| Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action | 以紅外、色彩和/或深度影像序列對目標臉部執行活躍度偵測,並傳回目標臉部的活躍度分類為「真實臉部」、「詐騙臉部」或「不確定」,如果無法透過指定的輸入進行分類。 |
| Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action | 以相同形式(例如色彩或紅外)的影像序列,對目標臉部執行活躍度偵測,並傳回目標臉部的活躍度分類為「真實臉部」、「詐騙臉部」或「不確定」,如果無法透過指定的輸入進行分類。 |
| Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action | 偵測相同數據流類型影像序列中目標臉部的活躍度,然後與 VerifyImage 進行比較,以傳回身分識別案例的信賴分數。 |
| Microsoft.CognitiveServices/accounts/Face/*/sessions/action | |
| Microsoft.CognitiveServices/accounts/Face/*/sessions/delete | |
| Microsoft.CognitiveServices/accounts/Face/*/sessions/read | |
| Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/9894cab4-e18a-44aa-828b-cb588cd6f2d7",
"name": "9894cab4-e18a-44aa-828b-cb588cd6f2d7",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/Face/detect/action",
"Microsoft.CognitiveServices/accounts/Face/verify/action",
"Microsoft.CognitiveServices/accounts/Face/identify/action",
"Microsoft.CognitiveServices/accounts/Face/group/action",
"Microsoft.CognitiveServices/accounts/Face/findsimilars/action",
"Microsoft.CognitiveServices/accounts/Face/detectliveness/multimodal/action",
"Microsoft.CognitiveServices/accounts/Face/detectliveness/singlemodal/action",
"Microsoft.CognitiveServices/accounts/Face/detectlivenesswithverify/singlemodal/action",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/action",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/delete",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/read",
"Microsoft.CognitiveServices/accounts/Face/*/sessions/audit/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Face Recognizer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 沉浸式閱讀程式 使用者
提供建立 沉浸式閱讀程式工作階段和呼叫 API 的存取權
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action | 建立 沉浸式閱讀程式 會話 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Provides access to create Immersive Reader sessions and call APIs",
"id": "/providers/Microsoft.Authorization/roleDefinitions/b2de6794-95db-4659-8781-7e080d3f2b9d",
"name": "b2de6794-95db-4659-8781-7e080d3f2b9d",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/ImmersiveReader/getcontentmodelforreader/action"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Immersive Reader User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務語言擁有者
可存取語言入口網站底下的所有讀取、測試、寫入、部署和刪除函式
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.CognitiveServices/accounts/listkeys/action | 列出金鑰 |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/LanguageAuthoring/* | |
| Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/* | |
| Microsoft.CognitiveServices/accounts/Language/* | |
| Microsoft.CognitiveServices/accounts/TextAnalytics/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/* |
{
"assignableScopes": [
"/"
],
"description": "Has access to all Read, Test, Write, Deploy and Delete functions under Language portal",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f07febfe-79bc-46b1-8b37-790e26e6e498",
"name": "f07febfe-79bc-46b1-8b37-790e26e6e498",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/listkeys/action",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*",
"Microsoft.CognitiveServices/accounts/Language/*",
"Microsoft.CognitiveServices/accounts/TextAnalytics/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*"
]
}
],
"roleName": "Cognitive Services Language Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務語言讀者
可存取語言入口網站底下的讀取和測試函式
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read | |
| Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read | |
| Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action | 觸發作業以 JSON 格式匯出項目數據。 |
| Microsoft.CognitiveServices/accounts/Language/*/read | |
| Microsoft.CognitiveServices/accounts/Language/*/projects/export/action | |
| Microsoft.CognitiveServices/accounts/Language/query-text/action | 回答文字。 |
| Microsoft.CognitiveServices/accounts/Language/query-dataverse/action | 查詢 Dataverse。 |
| Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action | 提交文字檔的集合以供分析。 指定要執行的一或多個唯一工作。 |
| Microsoft.CognitiveServices/accounts/Language/analyze-text/action | 提交文字檔的集合以供分析。 指定要立即執行的單一唯一工作。 |
| Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action | 取消長時間執行的文字分析作業。 |
| Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action | 分析輸入交談。 |
| Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action | 取消對話上長時間執行的分析作業。 |
| Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action | 提交長時間的對話以供分析。 指定要執行為長時間執行作業的一或多個唯一工作。 |
| Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action | 回答知識庫。 |
| Microsoft.CognitiveServices/accounts/Language/generate/action | 語言產生。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/* |
{
"assignableScopes": [
"/"
],
"description": "Has access to Read and Test functions under Language portal",
"id": "/providers/Microsoft.Authorization/roleDefinitions/7628b7b8-a8b2-4cdc-b46f-e9b35248918e",
"name": "7628b7b8-a8b2-4cdc-b46f-e9b35248918e",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*/read",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*/read",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/export/action",
"Microsoft.CognitiveServices/accounts/Language/*/read",
"Microsoft.CognitiveServices/accounts/Language/*/projects/export/action",
"Microsoft.CognitiveServices/accounts/Language/query-text/action",
"Microsoft.CognitiveServices/accounts/Language/query-dataverse/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobs/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-text/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-text/jobscancel/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobscancel/action",
"Microsoft.CognitiveServices/accounts/Language/analyze-conversations/jobs/action",
"Microsoft.CognitiveServices/accounts/Language/query-knowledgebases/action",
"Microsoft.CognitiveServices/accounts/Language/generate/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*"
]
}
],
"roleName": "Cognitive Services Language Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務語言寫入器
可存取語言入口網站下的所有讀取、測試和寫入函式
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/LanguageAuthoring/* | |
| Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/* | |
| Microsoft.CognitiveServices/accounts/Language/* | |
| Microsoft.CognitiveServices/accounts/TextAnalytics/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action | 觸發發行作業。 |
| Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write | 觸發作業以建立新的部署或取代現有的部署。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/* | |
| Microsoft.CognitiveServices/accounts/Language/*/projects/delete | |
| Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write | |
| Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete | |
| Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action |
{
"assignableScopes": [
"/"
],
"description": " Has access to all Read, Test, and Write functions under Language Portal",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f2310ca1-dc64-4889-bb49-c8e0fa3d47a8",
"name": "f2310ca1-dc64-4889-bb49-c8e0fa3d47a8",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/*",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/*",
"Microsoft.CognitiveServices/accounts/Language/*",
"Microsoft.CognitiveServices/accounts/TextAnalytics/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/LanguageAuthoring/projects/publish/action",
"Microsoft.CognitiveServices/accounts/ConversationalLanguageUnderstanding/projects/deployments/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnaMaker/*",
"Microsoft.CognitiveServices/accounts/Language/*/projects/delete",
"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/write",
"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/delete",
"Microsoft.CognitiveServices/accounts/Language/*/projects/deployments/swap/action"
]
}
],
"roleName": "Cognitive Services Language Writer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 LUIS 擁有者
可存取 LUIS 底下的所有讀取、測試、寫入、部署和刪除函式
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.CognitiveServices/accounts/listkeys/action | 列出金鑰 |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/LUIS/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": " Has access to all Read, Test, Write, Deploy and Delete functions under LUIS",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f72c8140-2111-481c-87ff-72b910f6e3f8",
"name": "f72c8140-2111-481c-87ff-72b910f6e3f8",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/listkeys/action",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services LUIS Owner",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 LUIS 讀取器
可存取 LUIS 下的讀取和測試函式。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/LUIS/*/read | |
| Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write | 更新指定應用程式之批次測試數據集的最後一個測試結果。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Has access to Read and Test functions under LUIS.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/18e81cdc-4e98-4e29-a639-e7d10c5a6226",
"name": "18e81cdc-4e98-4e29-a639-e7d10c5a6226",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/*/read",
"Microsoft.CognitiveServices/accounts/LUIS/apps/testdatasets/write"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services LUIS Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 LUIS 寫入器
具有 LUIS 下所有讀取、測試和寫入函式的存取權
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/LUIS/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/LUIS/apps/delete | 刪除應用程式。 |
| Microsoft.CognitiveServices/accounts/LUIS/apps/move/action | 將應用程式移至不同的 LUIS 撰寫 Azure 資源。 |
| Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action | 發佈應用程式的特定版本。 |
| Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write | 更新應用程式設定 |
| Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action | 將 Azure 帳戶指派給應用程式。 |
| Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete | 使用他的 Azure Resource Manager 令牌取得使用者的 LUIS Azure 帳戶。 |
{
"assignableScopes": [
"/"
],
"description": "Has access to all Read, Test, and Write functions under LUIS",
"id": "/providers/Microsoft.Authorization/roleDefinitions/6322a993-d5c9-4bed-b113-e49bbea25b27",
"name": "6322a993-d5c9-4bed-b113-e49bbea25b27",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/LUIS/apps/delete",
"Microsoft.CognitiveServices/accounts/LUIS/apps/move/action",
"Microsoft.CognitiveServices/accounts/LUIS/apps/publish/action",
"Microsoft.CognitiveServices/accounts/LUIS/apps/settings/write",
"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/action",
"Microsoft.CognitiveServices/accounts/LUIS/apps/azureaccounts/delete"
]
}
],
"roleName": "Cognitive Services LUIS Writer",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務計量建議程式管理員
專案的完整存取權,包括系統層級設定。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/MetricsAdvisor/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Full access to the project, including the system level configuration.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/cb43c632-a144-4ec5-977c-e80c4affc34a",
"name": "cb43c632-a144-4ec5-977c-e80c4affc34a",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Metrics Advisor Administrator",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務計量建議程序使用者
專案的存取權。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/MetricsAdvisor/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/* |
{
"assignableScopes": [
"/"
],
"description": "Access to the project.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/3b20f47b-3825-43cb-8114-4bd2201156a8",
"name": "3b20f47b-3825-43cb-8114-4bd2201156a8",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/MetricsAdvisor/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/MetricsAdvisor/stats/*"
]
}
],
"roleName": "Cognitive Services Metrics Advisor User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 OpenAI 參與者
完整存取權,包括微調、部署和產生文字的能力
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.CognitiveServices/accounts/deployments/write | 寫入部署。 |
| Microsoft.CognitiveServices/accounts/deployments/delete | 刪除部署。 |
| Microsoft.CognitiveServices/accounts/raiPolicies/read | 取得帳戶下的所有適用原則,包括默認原則。 |
| Microsoft.CognitiveServices/accounts/raiPolicies/write | 建立或更新自定義的負責任 AI 原則。 |
| Microsoft.CognitiveServices/accounts/raiPolicies/delete | 刪除現有部署未參考的自定義負責任 AI 原則。 |
| Microsoft.CognitiveServices/accounts/commitmentplans/read | 讀取承諾用量方案。 |
| Microsoft.CognitiveServices/accounts/commitmentplans/write | 撰寫承諾方案。 |
| Microsoft.CognitiveServices/accounts/commitmentplans/delete | 刪除承諾用量方案。 |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/OpenAI/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Full access including the ability to fine-tune, deploy and generate text",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a001fd3d-188f-4b5d-821b-7da978bf7442",
"name": "a001fd3d-188f-4b5d-821b-7da978bf7442",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/deployments/write",
"Microsoft.CognitiveServices/accounts/deployments/delete",
"Microsoft.CognitiveServices/accounts/raiPolicies/read",
"Microsoft.CognitiveServices/accounts/raiPolicies/write",
"Microsoft.CognitiveServices/accounts/raiPolicies/delete",
"Microsoft.CognitiveServices/accounts/commitmentplans/read",
"Microsoft.CognitiveServices/accounts/commitmentplans/write",
"Microsoft.CognitiveServices/accounts/commitmentplans/delete",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services OpenAI Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 OpenAI 使用者
檢視檔案、模型、部署的讀取許可權。 建立完成和內嵌呼叫的能力。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/OpenAI/*/read | |
| Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action | 從所選模型建立完成 |
| Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action | 使用目前的引擎搜尋最相關的檔。 |
| Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action | (僅適用於瀏覽器。透過 GET 要求從模型串流產生的文字。 因為瀏覽器原生 EventSource 方法只能傳送 GET 要求,因此會提供這個方法。 它支援比 POST 變體更有限的組態選項。 |
| Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action | 傳回指定音訊檔案的文字記錄或翻譯。 |
| Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action | 使用目前的引擎搜尋最相關的檔。 |
| Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action | 從所選的模型建立完成。 |
| Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action | 建立聊天訊息的完成 |
| Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action | 使用延伸模組建立聊天訊息的完成 |
| Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action | 傳回給定提示的內嵌。 |
| Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action | 建立映像世代。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Ability to view files, models, deployments. Readers can't make any changes They can inference and create images",
"id": "/providers/Microsoft.Authorization/roleDefinitions/5e0bd9bd-7b93-4f28-af87-19fc36ad61bd",
"name": "5e0bd9bd-7b93-4f28-af87-19fc36ad61bd",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/OpenAI/*/read",
"Microsoft.CognitiveServices/accounts/OpenAI/engines/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/engines/search/action",
"Microsoft.CognitiveServices/accounts/OpenAI/engines/generate/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/audio/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/search/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/chat/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/extensions/chat/completions/action",
"Microsoft.CognitiveServices/accounts/OpenAI/deployments/embeddings/action",
"Microsoft.CognitiveServices/accounts/OpenAI/images/generations/action"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services OpenAI User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 QnA Maker 編輯器
讓我們建立、編輯、匯入和導出 KB。 您無法發佈或刪除 KB。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read | 取得特定知識庫的清單或特定知識庫的詳細數據。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read | 下載知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write | 建立新知識庫的異步操作。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write | 修改知識庫或取代知識庫內容的異步操作。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer 呼叫以查詢知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action | 將建議新增至知識庫的訓練呼叫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/變更/read | 從運行時間下載變更。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/變更/write | 取代改變數據。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read | 取得端點的端點金鑰 |
| Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action | 重新產生端點金鑰。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read | 取得端點的端點設定 |
| Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write | 更新端點查看端點。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/operations/read | 取得特定長時間執行作業的詳細數據。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read | 取得特定知識庫的清單或特定知識庫的詳細數據。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read | 下載知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write | 建立新知識庫的異步操作。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write | 修改知識庫或取代知識庫內容的異步操作。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action | GenerateAnswer 呼叫以查詢知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action | 將建議新增至知識庫的訓練呼叫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/變更/read | 從運行時間下載變更。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/變更/write | 取代改變數據。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read | 取得端點的端點金鑰 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action | 重新產生端點金鑰。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read | 取得端點的端點設定 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write | 更新端點查看端點。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read | 取得特定長時間執行作業的詳細數據。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read | 取得特定知識庫的清單或特定知識庫的詳細數據。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read | 下載知識庫。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write | 建立新知識庫的異步操作。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write | 修改知識庫或取代知識庫內容的異步操作。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer 呼叫以查詢知識庫。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action | 將建議新增至知識庫的訓練呼叫。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/變更/read | 從運行時間下載變更。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/變更/write | 取代改變數據。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read | 取得端點的端點金鑰 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action | 重新產生端點金鑰。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read | 取得端點的端點設定 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write | 更新端點查看端點。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read | 取得特定長時間執行作業的詳細數據。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Let's you create, edit, import and export a KB. You cannot publish or delete a KB.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f4cc2bf9-21be-47a1-bdf1-5c5804381025",
"name": "f4cc2bf9-21be-47a1-bdf1-5c5804381025",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/create/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/train/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/refreshkeys/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/write",
"Microsoft.CognitiveServices/accounts/QnAMaker/operations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/create/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/train/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/refreshkeys/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/write",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/operations/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/create/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/train/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/refreshkeys/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/write",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/operations/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services QnA Maker Editor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務 QnA Maker 讀取器
讓我們只讀取並測試 KB。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read | 取得特定知識庫的清單或特定知識庫的詳細數據。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read | 下載知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer 呼叫以查詢知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/變更/read | 從運行時間下載變更。 |
| Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read | 取得端點的端點金鑰 |
| Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read | 取得端點的端點設定 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read | 取得特定知識庫的清單或特定知識庫的詳細數據。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read | 下載知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action | GenerateAnswer 呼叫以查詢知識庫。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/變更/read | 從運行時間下載變更。 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read | 取得端點的端點金鑰 |
| Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read | 取得端點的端點設定 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read | 取得特定知識庫的清單或特定知識庫的詳細數據。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read | 下載知識庫。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action | GenerateAnswer 呼叫以查詢知識庫。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/變更/read | 從運行時間下載變更。 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read | 取得端點的端點金鑰 |
| Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read | 取得端點的端點設定 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Let's you read and test a KB only.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/466ccd10-b268-4a11-b098-b4849f024126",
"name": "466ccd10-b268-4a11-b098-b4849f024126",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/alterations/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/QnAMaker.v2/endpointsettings/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/download/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/knowledgebases/generateanswer/action",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/alterations/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointkeys/read",
"Microsoft.CognitiveServices/accounts/TextAnalytics/QnAMaker/endpointsettings/read"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services QnA Maker Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務語音參與者
完整存取語音專案,包括讀取、寫入和刪除所有實體,以進行即時語音辨識和批次轉譯工作、實時語音合成和長音訊工作、自定義語音和自定義語音。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/SpeechServices/* | |
| Microsoft.CognitiveServices/accounts/CustomVoice/* | |
| Microsoft.CognitiveServices/accounts/AudioContentCreation/* | |
| Microsoft.CognitiveServices/accounts/VideoTranslation/* | |
| Microsoft.CognitiveServices/accounts/CustomAvatar/* | |
| Microsoft.CognitiveServices/accounts/BatchAvatar/* | |
| Microsoft.CognitiveServices/accounts/BatchTextToSpeech/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/0e75ca1e-0464-4b4d-8b93-68208a576181",
"name": "0e75ca1e-0464-4b4d-8b93-68208a576181",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/SpeechServices/*",
"Microsoft.CognitiveServices/accounts/CustomVoice/*",
"Microsoft.CognitiveServices/accounts/AudioContentCreation/*",
"Microsoft.CognitiveServices/accounts/VideoTranslation/*",
"Microsoft.CognitiveServices/accounts/CustomAvatar/*",
"Microsoft.CognitiveServices/accounts/BatchAvatar/*",
"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services Speech Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務語音使用者
存取即時語音辨識和批次轉譯 API、即時語音合成和長音訊 API,以及讀取自定義模型的數據/測試/模型/端點,但無法建立、刪除或修改自定義模型的數據/測試/模型/端點。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.Authorization/roleAssignments/read | 取得關於角色指派的資訊。 |
| Microsoft.Authorization/roleDefinitions/read | 取得角色定義的相關信息。 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/accounts/SpeechServices/*/read | |
| Microsoft.CognitiveServices/accounts/SpeechServices/*/轉譯/read | |
| Microsoft.CognitiveServices/accounts/SpeechServices/*/轉譯/write | |
| Microsoft.CognitiveServices/accounts/SpeechServices/*/轉譯/delete | |
| Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action | |
| Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action | |
| Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action | |
| Microsoft.CognitiveServices/accounts/CustomVoice/*/read | |
| Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/* | |
| Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/* | |
| Microsoft.CognitiveServices/accounts/AudioContentCreation/* | |
| Microsoft.CognitiveServices/accounts/VideoTranslation/* | |
| Microsoft.CognitiveServices/accounts/CustomAvatar/*/read | |
| Microsoft.CognitiveServices/accounts/BatchAvatar/* | |
| Microsoft.CognitiveServices/accounts/BatchTextToSpeech/* | |
| NotDataActions | |
| Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read | 取得指定標識碼所識別數據集的檔案。 |
| Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read | 取得指定定型集的語句。 |
{
"assignableScopes": [
"/"
],
"description": "Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f2dc8367-1007-4938-bd23-fe263f013447",
"name": "f2dc8367-1007-4938-bd23-fe263f013447",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.Authorization/roleAssignments/read",
"Microsoft.Authorization/roleDefinitions/read"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/accounts/SpeechServices/*/read",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/read",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/write",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/transcriptions/delete",
"Microsoft.CognitiveServices/accounts/SpeechServices/*/frontend/action",
"Microsoft.CognitiveServices/accounts/SpeechServices/text-dependent/*/action",
"Microsoft.CognitiveServices/accounts/SpeechServices/text-independent/*/action",
"Microsoft.CognitiveServices/accounts/CustomVoice/*/read",
"Microsoft.CognitiveServices/accounts/CustomVoice/evaluations/*",
"Microsoft.CognitiveServices/accounts/CustomVoice/longaudiosynthesis/*",
"Microsoft.CognitiveServices/accounts/AudioContentCreation/*",
"Microsoft.CognitiveServices/accounts/VideoTranslation/*",
"Microsoft.CognitiveServices/accounts/CustomAvatar/*/read",
"Microsoft.CognitiveServices/accounts/BatchAvatar/*",
"Microsoft.CognitiveServices/accounts/BatchTextToSpeech/*"
],
"notDataActions": [
"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/files/read",
"Microsoft.CognitiveServices/accounts/CustomVoice/datasets/utterances/read"
]
}
],
"roleName": "Cognitive Services Speech User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務使用量讀取者
檢視認知服務使用量的最低許可權。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/locations/usages/read | 讀取所有使用量數據 |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Minimal permission to view Cognitive Services usages.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/bba48692-92b0-4667-a9ad-c31c7b334ac2",
"name": "bba48692-92b0-4667-a9ad-c31c7b334ac2",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/locations/usages/read"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Cognitive Services Usages Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
認知服務使用者
可讓您讀取和列出認知服務的金鑰。
| 動作 | 描述 |
|---|---|
| Microsoft.CognitiveServices/*/read | |
| Microsoft.CognitiveServices/accounts/listkeys/action | 列出金鑰 |
| Microsoft.Insights/alertRules/read | 讀取傳統計量警示 |
| Microsoft.Insights/diagnosticSettings/read | 讀取資源診斷設定 |
| Microsoft.Insights/logDefinitions/read | 讀取記錄定義 |
| Microsoft.Insights/metricdefinitions/read | 讀取計量定義 |
| Microsoft.Insights/metrics/read | 讀取計量 |
| Microsoft.ResourceHealth/availabilityStatuses/read | 取得指定範圍中所有資源的可用性狀態 |
| Microsoft.Resources/deployments/operations/read | 取得或列出部署作業。 |
| Microsoft.Resources/subscriptions/operationresults/read | 取得訂用帳戶作業結果。 |
| Microsoft.Resources/subscriptions/read | 取得訂用帳戶的清單。 |
| Microsoft.Resources/subscriptions/resourceGroups/read | 取得或列出資源群組。 |
| Microsoft.Support/* | 建立和更新支援票證 |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.CognitiveServices/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Lets you read and list keys of Cognitive Services.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/a97b65f3-24c7-4388-baec-2e87135dc908",
"name": "a97b65f3-24c7-4388-baec-2e87135dc908",
"permissions": [
{
"actions": [
"Microsoft.CognitiveServices/*/read",
"Microsoft.CognitiveServices/accounts/listkeys/action",
"Microsoft.Insights/alertRules/read",
"Microsoft.Insights/diagnosticSettings/read",
"Microsoft.Insights/logDefinitions/read",
"Microsoft.Insights/metricdefinitions/read",
"Microsoft.Insights/metrics/read",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/operations/read",
"Microsoft.Resources/subscriptions/operationresults/read",
"Microsoft.Resources/subscriptions/read",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [
"Microsoft.CognitiveServices/*"
],
"notDataActions": []
}
],
"roleName": "Cognitive Services User",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Health Bot 管理員
具有系統管理員存取權的使用者可以登入、檢視和編輯所有 Bot 資源、案例和組態設定,包括 Bot 實例密鑰和秘密。
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.HealthBot/healthBots/Admin/Action | 登入管理入口網站,檢視和編輯所有 Bot 資源、案例、組態設定、實例密鑰和秘密。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/f1082fec-a70f-419f-9230-885d2550fb38",
"name": "f1082fec-a70f-419f-9230-885d2550fb38",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthBot/healthBots/Admin/Action"
],
"notDataActions": []
}
],
"roleName": "Health Bot Admin",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Health Bot 編輯器
具有編輯器存取權的使用者可以登入、檢視和編輯所有 Bot 資源、案例和組態設定,但 Bot 實例密鑰和秘密和使用者輸入除外(包括意見反應、無法辨識的語句和交談記錄)。 Bot 技能和通道的唯讀存取權。
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.HealthBot/healthBots/Editor/Action | 登入管理入口網站,檢視和編輯 Bot 實例密鑰和秘密和使用者輸入以外的所有 Bot 資源、案例和組態設定。 Bot 技能和通道的唯讀存取權。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/af854a69-80ce-4ff7-8447-f1118a2e0ca8",
"name": "af854a69-80ce-4ff7-8447-f1118a2e0ca8",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthBot/healthBots/Editor/Action"
],
"notDataActions": []
}
],
"roleName": "Health Bot Editor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
Health Bot 讀取器
具有讀取者存取權的使用者可以登入、擁有 Bot 資源的唯讀存取權、案例和組態設定,但 Bot 實例密鑰和秘密除外(包括驗證、數據連線和通道密鑰)和使用者輸入(包括意見反應、無法辨識的語句和交談記錄)。
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.HealthBot/healthBots/Reader/Action | 登入管理入口網站,以唯讀存取資源、案例和組態設定,但 Bot 實例密鑰和秘密和使用者輸入除外。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).",
"id": "/providers/Microsoft.Authorization/roleDefinitions/eb5a76d5-50e7-4c33-a449-070e7c9c4cf2",
"name": "eb5a76d5-50e7-4c33-a449-070e7c9c4cf2",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.HealthBot/healthBots/Reader/Action"
],
"notDataActions": []
}
],
"roleName": "Health Bot Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
搜尋索引資料參與者
授與 Azure 認知搜尋 索引數據的完整存取權。
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.Search/searchServices/indexes/documents/* | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Grants full access to Azure Cognitive Search index data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7",
"name": "8ebe5a00-799e-43f5-93ac-243d3dce84a7",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Search/searchServices/indexes/documents/*"
],
"notDataActions": []
}
],
"roleName": "Search Index Data Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
搜尋索引資料讀取者
授與 Azure 認知搜尋 索引數據的讀取許可權。
| 動作 | 描述 |
|---|---|
| none | |
| NotActions | |
| none | |
| DataActions | |
| Microsoft.Search/searchServices/indexes/documents/read | 從索引讀取檔或建議的查詢字詞。 |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Grants read access to Azure Cognitive Search index data.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f",
"name": "1407120a-92aa-4202-b7e9-c0e197c71c8f",
"permissions": [
{
"actions": [],
"notActions": [],
"dataActions": [
"Microsoft.Search/searchServices/indexes/documents/read"
],
"notDataActions": []
}
],
"roleName": "Search Index Data Reader",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}
搜尋服務參與者
可讓您管理 搜尋服務,但無法存取它們。
| 動作 | 描述 |
|---|---|
| Microsoft.Authorization/*/read | 讀取角色和角色指派 |
| Microsoft.Insights/alertRules/* | 建立和管理傳統計量警示 |
| Microsoft.ResourceHealth/availabilityStatuses/read | 取得指定範圍中所有資源的可用性狀態 |
| Microsoft.Resources/deployments/* | 建立和管理部署 |
| Microsoft.Resources/subscriptions/resourceGroups/read | 取得或列出資源群組。 |
| Microsoft.Search/searchServices/* | 建立和管理搜尋服務 |
| Microsoft.Support/* | 建立和更新支援票證 |
| NotActions | |
| none | |
| DataActions | |
| none | |
| NotDataActions | |
| none |
{
"assignableScopes": [
"/"
],
"description": "Lets you manage Search services, but not access to them.",
"id": "/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0",
"name": "7ca78c08-252a-4471-8644-bb5ff32d4ba0",
"permissions": [
{
"actions": [
"Microsoft.Authorization/*/read",
"Microsoft.Insights/alertRules/*",
"Microsoft.ResourceHealth/availabilityStatuses/read",
"Microsoft.Resources/deployments/*",
"Microsoft.Resources/subscriptions/resourceGroups/read",
"Microsoft.Search/searchServices/*",
"Microsoft.Support/*"
],
"notActions": [],
"dataActions": [],
"notDataActions": []
}
],
"roleName": "Search Service Contributor",
"roleType": "BuiltInRole",
"type": "Microsoft.Authorization/roleDefinitions"
}