Azure 顾问中的权限Permissions in Azure Advisor

Azure 顾问根据 Azure 资源和订阅的使用情况和配置来提供建议。Azure Advisor provides recommendations based on the usage and configuration of your Azure resources and subscriptions. 顾问使用基于角色的访问控制 (Azure RBAC) 提供的内置角色来管理你对建议和顾问功能的访问。Advisor uses the built-in roles provided by Azure role-based access control (Azure RBAC) to manage your access to recommendations and Advisor features.

角色及其访问权限Roles and their access

下表定义了角色及其在顾问中的访问权限:The following table defines the roles and the access they have within Advisor:

角色Role 查看建议View recommendations 编辑规则Edit rules 编辑订阅配置Edit subscription configuration 编辑资源组配置Edit resource group configuration 取消和推迟建议Dismiss and postpone recommendations
订阅所有者Subscription Owner XX XX XX XX XX
订阅参与者Subscription Contributor XX XX XX XX XX
订阅读者Subscription Reader XX -- -- -- --
资源组所有者Resource group Owner XX -- -- XX XX
资源组参与者Resource group Contributor XX -- -- XX XX
资源组读取者Resource group Reader XX -- -- -- --
资源所有者Resource Owner XX -- -- -- XX
资源参与者Resource Contributor XX -- -- -- XX
资源读取者Resource Reader XX -- -- -- --

备注

是否能够通过访问来查看建议取决于是否能够访问建议所影响的资源。Access to view recommendations is dependent on your access to the recommendation's impacted resource.

权限和不可用操作Permissions and unavailable actions

缺少适当的权限会使你无法在顾问中执行操作。Lack of proper permissions can block your ability to perform actions in Advisor. 下面是一些常见问题。Following are some common problems.

无法配置订阅或资源组Unable to configure subscriptions or resource groups

尝试在顾问中配置订阅或资源组时,可能会看到“包括”或“排除”选项已禁用。When you attempt to configure subscriptions or resource groups in Advisor, you may see that the option to include or exclude is disabled. 此状态表明你对该资源组或订阅没有足够级别的权限。This status indicates that you do not have a sufficient level of permission for that resource group or subscription. 若要解决此问题,请了解如何授予用户访问权限To resolve this issue, learn how to grant a user access.

无法推迟或取消建议Unable to postpone or dismiss a recommendation

如果在尝试推迟或取消建议时收到错误,可能是因为你没有足够的权限。If you receive an error when trying to postpone or dismiss a recommendation, you may not have sufficient permissions. 请确保你至少对要推迟或取消的建议所影响的资源具有参与者访问权限。Make sure that you have at least contributor access to the impacted resource of the recommendation you are postponing or dismissing. 若要解决此问题,请了解如何授予用户访问权限To resolve this issue, learn how to grant a user access.

后续步骤Next steps

本文概述了顾问如何使用 Azure RBAC 来控制用户权限以及如何解决常见问题。This article gave an overview of how Advisor uses Azure RBAC to control user permissions and how to resolve common issues. 若要详细了解顾问,请参阅以下资源:To learn more about Advisor, see: