Azure DevOps 权限
本文列出了 DevOps 类别中 Azure 资源提供程序的权限。 可以在自己的 Azure 自定义角色中使用这些权限,以针对 Azure 中的资源提供精细的访问控制。 权限字符串具有以下格式:{Company}.{ProviderName}/{resourceType}/{action}
Microsoft.Chaos
操作 | 说明 |
---|---|
Microsoft.Chaos/register/action | 注册混沌测试资源提供程序的订阅,并启用混沌测试资源的创建。 |
Microsoft.Chaos/unregister/action | 取消注册混沌测试资源提供程序的订阅,并启用混沌测试资源的创建。 |
Microsoft.Chaos/experiments/write | 在资源组中创建或更新混沌试验资源。 |
Microsoft.Chaos/experiments/delete | 删除资源组中的混沌试验资源。 |
Microsoft.Chaos/experiments/read | 获取资源组中的所有混沌试验。 |
Microsoft.Chaos/experiments/start/action | 启动混沌试验以注入故障。 |
Microsoft.Chaos/experiments/cancel/action | 取消正在运行的混沌试验以停止故障注入。 |
Microsoft.Chaos/experiments/executions/read | 获取给定混沌试验的所有混沌试验执行。 |
Microsoft.Chaos/experiments/executions/getExecutionDetails/action | 获取给定混沌试验的所有混沌试验执行的详细信息。 |
Microsoft.Chaos/locations/operationResults/read | 获取操作结果。 |
Microsoft.Chaos/locations/operationStatuses/read | 获取操作状态。 |
Microsoft.Chaos/locations/targetTypes/read | 获取所有 TargetType。 |
Microsoft.Chaos/locations/targetTypes/capabilityTypes/read | 获取所有 CapabilityType。 |
Microsoft.Chaos/operations/read | 读取 Chaos Studio 的可用操作。 |
Microsoft.Chaos/skus/read | 读取 Chaos Studio 的可用 SKU。 |
Microsoft.Chaos/targets/write | 创建或更新用于扩展受跟踪资源的目标资源。 |
Microsoft.Chaos/targets/delete | 删除用于扩展受跟踪资源的目标资源。 |
Microsoft.Chaos/targets/read | 获取用于扩展受跟踪资源的所有目标。 |
Microsoft.Chaos/targets/capabilities/write | 创建或更新用于扩展目标资源的功能资源。 |
Microsoft.Chaos/targets/capabilities/delete | 删除用于扩展目标资源的功能资源。 |
Microsoft.Chaos/targets/capabilities/read | 获取用于扩展目标资源的所有功能。 |
Microsoft.LabServices
为课堂、试用版、开发和测试以及其他应用场景设置实验室。
操作 | 说明 |
---|---|
Microsoft.LabServices/register/action | 向实验室服务提供商注册订阅并启用实验室创建。 |
Microsoft.LabServices/unregister/action | 向实验室服务提供商取消注册订阅。 |
Microsoft.LabServices/labAccounts/delete | 删除实验室帐户。 |
Microsoft.LabServices/labAccounts/read | 读取实验室帐户。 |
Microsoft.LabServices/labAccounts/write | 添加或修改实验室帐户。 |
Microsoft.LabServices/labAccounts/CreateLab/action | 在实验室帐户中创建实验室。 |
Microsoft.LabServices/labAccounts/GetRegionalAvailability/action | 获取实验室帐户下配置的每个大小类别的区域可用性信息 |
Microsoft.LabServices/labAccounts/GetPricingAndAvailability/action | 获取实验室帐户的大小、地理位置和操作系统组合的定价与可用性。 |
Microsoft.LabServices/labAccounts/GetRestrictionsAndUsage/action | 获取此订阅的核心限制和用量 |
Microsoft.LabServices/labAccounts/galleryImages/delete | 删除库映像。 |
Microsoft.LabServices/labAccounts/galleryImages/read | 读取库映像。 |
Microsoft.LabServices/labAccounts/galleryImages/write | 添加或修改库映像。 |
Microsoft.LabServices/labAccounts/labs/delete | 删除实验室。 |
Microsoft.LabServices/labAccounts/labs/read | 读取实验室。 |
Microsoft.LabServices/labAccounts/labs/write | 添加或修改实验室。 |
Microsoft.LabServices/labAccounts/labs/AddUsers/action | 将用户添加到实验室 |
Microsoft.LabServices/labAccounts/labs/SendEmail/action | 发送包含实验室注册链接的电子邮件 |
Microsoft.LabServices/labAccounts/labs/GetLabPricingAndAvailability/action | 获取此实验室的每个实验室单位的定价,以及指示此实验室是否可纵向扩展的可用性。 |
Microsoft.LabServices/labAccounts/labs/SyncUserList/action | 将来自 AAD 组的更改同步到用户列表 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/delete | 删除环境设置。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/read | 读取环境设置。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/write | 添加或修改环境设置。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/Publish/action | 基于实验室/环境设置的当前状态设置/取消设置环境设置的所需资源。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/Start/action | 通过启动模板内的所有资源来启动模板。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/Stop/action | 通过停止模板内的所有资源来停止模板。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/SaveImage/action | 将当前模板映像保存到实验室帐户中的共享库 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/ResetPassword/action | 重置模板虚拟机上的密码。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/environments/delete | 删除环境。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/environments/read | 读取环境。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/environments/Start/action | 通过启动环境内的所有资源来启动环境。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/environments/Stop/action | 通过停止环境内的所有资源来停止环境。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/environments/ResetPassword/action | 在环境中重置用户密码 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/schedules/delete | 删除计划。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/schedules/read | 读取计划。 |
Microsoft.LabServices/labAccounts/labs/environmentSettings/schedules/write | 添加或修改计划。 |
Microsoft.LabServices/labAccounts/labs/users/delete | 删除用户。 |
Microsoft.LabServices/labAccounts/labs/users/read | 读取用户。 |
Microsoft.LabServices/labAccounts/labs/users/write | 添加或修改用户。 |
Microsoft.LabServices/labAccounts/sharedGalleries/delete | 删除 sharedgalleries。 |
Microsoft.LabServices/labAccounts/sharedGalleries/read | 读取 sharedgalleries。 |
Microsoft.LabServices/labAccounts/sharedGalleries/write | 添加或修改 sharedgalleries。 |
Microsoft.LabServices/labAccounts/sharedImages/delete | 删除 sharedimages。 |
Microsoft.LabServices/labAccounts/sharedImages/read | 读取 sharedimages。 |
Microsoft.LabServices/labAccounts/sharedImages/write | 添加或修改 sharedimages。 |
Microsoft.LabServices/labPlans/read | 获取实验室计划的属性。 |
Microsoft.LabServices/labPlans/write | 新建实验室计划或更新现有计划。 |
Microsoft.LabServices/labPlans/delete | 删除实验室计划。 |
Microsoft.LabServices/labPlans/saveImage/action | 从附加到实验室计划的库中的虚拟机创建映像。 |
Microsoft.LabServices/labPlans/images/read | 获取映像的属性。 |
Microsoft.LabServices/labPlans/images/write | 启用或禁用市场或库映像。 |
Microsoft.LabServices/labs/read | 获取实验室的属性。 |
Microsoft.LabServices/labs/write | 新建实验室或更新现有的实验室。 |
Microsoft.LabServices/labs/delete | 删除实验室及其所有用户、计划和虚拟机。 |
Microsoft.LabServices/labs/publish/action | 通过将模板虚拟机的映像传播到实验室中的所有虚拟机来发布实验室。 |
Microsoft.LabServices/labs/syncGroup/action | 更新分配到实验室的 Active Directory 组中用户的列表。 |
Microsoft.LabServices/labs/schedules/read | 获取计划的属性。 |
Microsoft.LabServices/labs/schedules/write | 新建计划或更新现有的计划。 |
Microsoft.LabServices/labs/schedules/delete | 删除计划。 |
Microsoft.LabServices/labs/users/read | 获取用户的属性。 |
Microsoft.LabServices/labs/users/write | 新建用户或更新现有的用户。 |
Microsoft.LabServices/labs/users/delete | 删除用户。 |
Microsoft.LabServices/labs/users/invite/action | 向用户发送电子邮件以邀请其加入实验室。 |
Microsoft.LabServices/labs/virtualMachines/read | 获取虚拟机的属性。 |
Microsoft.LabServices/labs/virtualMachines/start/action | 启动虚拟机。 |
Microsoft.LabServices/labs/virtualMachines/stop/action | 停止和释放虚拟机。 |
Microsoft.LabServices/labs/virtualMachines/reimage/action | 将虚拟机重新映像到上次发布的映像。 |
Microsoft.LabServices/labs/virtualMachines/redeploy/action | 将虚拟机重新部署到其他计算节点。 |
Microsoft.LabServices/labs/virtualMachines/resetPassword/action | 重置虚拟机上本地用户的密码。 |
Microsoft.LabServices/locations/operationResults/read | 获取异步操作的属性和状态。 |
Microsoft.LabServices/locations/operations/read | 读取操作。 |
Microsoft.LabServices/locations/usages/read | 获取位置中的使用情况 |
Microsoft.LabServices/skus/read | 获取实验室服务 SKU 的属性。 |
Microsoft.LabServices/users/Register/action | 将用户注册到托管的实验室 |
Microsoft.LabServices/users/ListAllEnvironments/action | 列出用户的所有环境 |
Microsoft.LabServices/users/StartEnvironment/action | 通过启动环境内的所有资源来启动环境。 |
Microsoft.LabServices/users/StopEnvironment/action | 通过停止环境内的所有资源来停止环境。 |
Microsoft.LabServices/users/ResetPassword/action | 在环境中重置用户密码 |
Microsoft.LabServices/users/UserSettings/action | 更新并返回个人用户设置。 |
DataAction | 说明 |
Microsoft.LabServices/labPlans/createLab/action | 从实验室计划创建新实验室。 |
Microsoft.SecurityDevOps
Azure 服务:Microsoft Defender for Cloud
操作 | 说明 |
---|---|
Microsoft.SecurityDevOps/register/action | 注册 Microsoft.SecurityDevOps 的订阅 |
Microsoft.SecurityDevOps/unregister/action | 取消注册 Microsoft.SecurityDevOps 的订阅 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/read | 读取 azureDevOpsConnectors |
Microsoft.SecurityDevOps/azureDevOpsConnectors/read | 读取 azureDevOpsConnectors |
Microsoft.SecurityDevOps/azureDevOpsConnectors/write | 写入 azureDevOpsConnectors |
Microsoft.SecurityDevOps/azureDevOpsConnectors/delete | 删除 azureDevOpsConnectors |
Microsoft.SecurityDevOps/azureDevOpsConnectors/write | 写入 azureDevOpsConnectors |
Microsoft.SecurityDevOps/azureDevOpsConnectors/configure/action | 操作配置 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/read | 读取 azureDevOpsConnectors |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/read | 读取组织 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/write | 写入组织 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/write | 写入组织 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/read | 读取组织 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/read | 读取项目 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/write | 写入项目 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/write | 写入项目 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/read | 读取项目 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/repos/read | 读取存储库 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/repos/write | 写入存储库 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/repos/write | 写入存储库 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/orgs/projects/repos/read | 读取存储库 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/repos/read | 读取存储库 |
Microsoft.SecurityDevOps/azureDevOpsConnectors/stats/read | 读取统计信息 |
Microsoft.SecurityDevOps/gitHubConnectors/read | 读取 gitHubConnectors |
Microsoft.SecurityDevOps/gitHubConnectors/read | 读取 gitHubConnectors |
Microsoft.SecurityDevOps/gitHubConnectors/write | 写入 gitHubConnectors |
Microsoft.SecurityDevOps/gitHubConnectors/delete | 删除 gitHubConnectors |
Microsoft.SecurityDevOps/gitHubConnectors/write | 写入 gitHubConnectors |
Microsoft.SecurityDevOps/gitHubConnectors/configure/action | 操作配置 |
Microsoft.SecurityDevOps/gitHubConnectors/read | 读取 gitHubConnectors |
Microsoft.SecurityDevOps/gitHubConnectors/gitHubInstallations/read | 读取 gitHubInstallations |
Microsoft.SecurityDevOps/gitHubConnectors/gitHubInstallations/read | 读取 gitHubInstallations |
Microsoft.SecurityDevOps/gitHubConnectors/gitHubInstallations/gitHubRepositories/read | 读取 gitHubRepositories |
Microsoft.SecurityDevOps/gitHubConnectors/gitHubInstallations/gitHubRepositories/read | 读取 gitHubRepositories |
Microsoft.SecurityDevOps/gitHubConnectors/owners/read | 读取所有者 |
Microsoft.SecurityDevOps/gitHubConnectors/owners/read | 读取所有者 |
Microsoft.SecurityDevOps/gitHubConnectors/owners/write | 写入所有者 |
Microsoft.SecurityDevOps/gitHubConnectors/owners/write | 写入所有者 |
Microsoft.SecurityDevOps/gitHubConnectors/owners/repos/read | 读取存储库 |
Microsoft.SecurityDevOps/gitHubConnectors/owners/repos/read | 读取存储库 |
Microsoft.SecurityDevOps/gitHubConnectors/owners/repos/write | 写入存储库 |
Microsoft.SecurityDevOps/gitHubConnectors/owners/repos/write | 写入存储库 |
Microsoft.SecurityDevOps/gitHubConnectors/repos/read | 读取存储库 |
Microsoft.SecurityDevOps/gitHubConnectors/stats/read | 读取统计信息 |
Microsoft.SecurityDevOps/gitLabConnectors/read | 读取 gitLabConnectors |
Microsoft.SecurityDevOps/gitLabConnectors/read | 读取 gitLabConnectors |
Microsoft.SecurityDevOps/gitLabConnectors/write | 写入 gitLabConnectors |
Microsoft.SecurityDevOps/gitLabConnectors/delete | 删除 gitLabConnectors |
Microsoft.SecurityDevOps/gitLabConnectors/write | 写入 gitLabConnectors |
Microsoft.SecurityDevOps/gitLabConnectors/configure/action | 操作配置 |
Microsoft.SecurityDevOps/gitLabConnectors/read | 读取 gitLabConnectors |
Microsoft.SecurityDevOps/gitLabConnectors/groups/read | 读取组 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/read | 读取组 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/write | 写入组 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/delete | 删除组 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/write | 写入组 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/listSubgroups/action | 操作 listSubgroups |
Microsoft.SecurityDevOps/gitLabConnectors/groups/projects/read | 读取项目 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/projects/read | 读取项目 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/projects/write | 写入项目 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/projects/delete | 删除项目 |
Microsoft.SecurityDevOps/gitLabConnectors/groups/projects/write | 写入项目 |
Microsoft.SecurityDevOps/gitLabConnectors/projects/read | 读取项目 |
Microsoft.SecurityDevOps/gitLabConnectors/stats/read | 读取统计信息 |
Microsoft.SecurityDevOps/Locations/OperationStatuses/read | 读取 OperationStatuses |
Microsoft.SecurityDevOps/Locations/OperationStatuses/write | 写入 OperationStatuses |
Microsoft.SecurityDevOps/Operations/read | 读取操作 |
Microsoft.VisualStudio
功能强大且灵活的环境,用于在云中开发应用程序。
Azure 服务:Azure DevOps
操作 | 说明 |
---|---|
Microsoft.VisualStudio/Register/Action | 使用 Microsoft.VisualStudio 提供程序注册 Azure 订阅 |
Microsoft.VisualStudio/Account/Write | 设置帐户 |
Microsoft.VisualStudio/Account/Delete | 删除帐户 |
Microsoft.VisualStudio/Account/Read | 读取帐户 |
Microsoft.VisualStudio/Account/Extension/Read | 读取帐户/扩展 |
Microsoft.VisualStudio/Account/Project/Read | 读取帐户/项目 |
Microsoft.VisualStudio/Account/Project/Write | 设置帐户/项目 |
Microsoft.VisualStudio/Extension/Write | 设置扩展 |
Microsoft.VisualStudio/Extension/Delete | 删除扩展 |
Microsoft.VisualStudio/Extension/Read | 读取扩展 |
Microsoft.VisualStudio/Project/Write | 设置项目 |
Microsoft.VisualStudio/Project/Delete | 删除项目 |
Microsoft.VisualStudio/Project/Read | 读取项目 |